BleepingComputer.com: Need help with Rootkit.ZeroAccess and TR/Crypt and others

Jump to content

Forum Guidelines

Posted Image Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help


Posted Image Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient.


Posted Image DO NOT RUN ComboFix unless requested to.


Posted Image Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.


Posted Image When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.


Posted Image Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
  • 3 Pages +
  • 1
  • 2
  • 3
  • You cannot start a new topic
  • This topic is locked

Need help with Rootkit.ZeroAccess and TR/Crypt and others Don't know how to remove it!

#16 User is offline   SweetTech 

  • Agent ST
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 12,666
  • Joined: 15-March 09
  • Gender:Male
  • Location:Antarctica

Posted 11 February 2012 - 08:26 AM

Hi Dona!

I am having a nice day! I'm so glad the weekend is here! It feels like it took way to long to get here.

Quote

Is that normal behavior when typing in a reply?
It can depend on what else you were doing on the computer.

Quote

It looks as if the two trojans were moved on reboot...that's great.. I guess we still need to worry about removing ZeroAccess and P17 and then set about cleaning up all the quarantined stuff?
Yes, it looks like those two infected files were moved to Quarantine.

Quote

Yay we're getting closer...which is fabulous!
We are definitely getting close.

I'm going to ask that you attempt to run aswMBR now and see if you're able to run it and post that log file for me to review.

Quote

P.S. I told my husband it is DEFINITELY NOT okay to ignore Java update requests in the future.
What can I say,,,he is not very computer saavy -- which is why I always end up fixing it when he screws it up.

Yeah, having an outdated version of Java is a serious vulnerability for users. I've seen some users have had multiple outdated versions of Java installed, and it just amazes me at times. But something I try and do with all of my users is educate them on what they need to keep up on and what they need to avoid, so that this doesn't happen again.

____________________________________________________

I'd like to grab a sample of the P17.sys file, so that I can look at it closer.

Please run this utility to submit the file to me:

Please download ZipIt from here:
Download Link
  • Double-click ZipIt! to run it. (Windows Vista & 7 users need to right click and Run as Administrator)
  • Then copy the content of the following codebox into the textfield:

    ::info::
::bleeping::102
C:\WINDOWS\system32\drivers\P17.sys


  • Then, just click the Zip button.
  • When finished, and if successful, it should automatically submit a file for me, so that it may be analyzed further. You should also see that a new .zip file has been created on your Desktop. You will be notified of what the file name is when the process has been completed.


Please post back once you've submitted the file for me, so that I can check into it.
Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.

#17 User is offline   djw23 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 30
  • Joined: 14-September 05
  • Gender:Female

Posted 11 February 2012 - 10:21 AM

Hi Agent ST.

THANK YOU SO MUCH for picking up my other post! You are the absolute BEST!

I guess I don't really have any CLEAN machines in this house :-(((
So I can't bust on my husband anymore....too bad, I was having alot of fun with that.

I just don't get it,,,you think you're being safe and stuff still finds it way in.
Anti-virus programs are a joke. Limited User Accounts in Windows are supposed to help...
Is there any way to stay safe anymore?

------------------------------------------------------------------------------------

Here's the aswMBR log:

aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-11 09:31:33
-----------------------------
09:31:33.671 OS Version: Windows 5.1.2600 Service Pack 3
09:31:33.671 Number of processors: 2 586 0xF02
09:31:33.671 ComputerName: USER1-CEFFE37FC UserName: WWAdmin
09:31:34.906 Initialize success
09:33:32.734 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
09:33:32.734 Disk 0 Vendor: WDC_WD2500JS-75NCB3 10.02E04 Size: 238418MB BusType: 3
09:33:32.765 Disk 0 MBR read successfully
09:33:32.765 Disk 0 MBR scan
09:33:32.765 Disk 0 Windows XP default MBR code
09:33:32.765 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 54 MB offset 63
09:33:32.781 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 238355 MB offset 112455
09:33:32.781 Disk 0 scanning sectors +488263545
09:33:32.859 Disk 0 scanning C:\WINDOWS\system32\drivers
09:33:43.093 Service scanning
09:33:44.203 Modules scanning
09:33:51.062 Disk 0 trace - called modules:
09:33:51.078 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
09:33:51.078 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a62cab8]
09:33:51.093 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a631d98]
09:33:51.093 Scan finished successfully
10:08:53.281 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\WWAdmin\Desktop\MBR.dat"
10:08:53.281 The log file has been saved successfully to "C:\Documents and Settings\WWAdmin\Desktop\aswMBR2.txt"

------------------------------------------------------------------------------------------------------------------------------------------------------

NEXT...It seems I need to install the .NET Framework V 2.0.50727 to be able to use the Zip tool
so I thought I better see where you want me to download that from.

thanks so much! Dona

#18 User is offline   SweetTech 

  • Agent ST
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 12,666
  • Joined: 15-March 09
  • Gender:Male
  • Location:Antarctica

Posted 11 February 2012 - 11:04 AM

Hi Dona!

Quote

THANK YOU SO MUCH for picking up my other post! You are the absolute BEST!
Not a problem! I enjoy working with you!

Quote

I guess I don't really have any CLEAN machines in this house :-(((
So I can't bust on my husband anymore....too bad, I was having alot of fun with that.
Aww.. Shucks!

Quote

I just don't get it,,,you think you're being safe and stuff still finds it way in.
Anti-virus programs are a joke. Limited User Accounts in Windows are supposed to help...
Is there any way to stay safe anymore?

The best way to stay safe is to practice safe browsing, there is no anti-virus program that will catch everything, some are better than others, but at the end of the day, it comes down to the practices the user is implementing when on there computer.

Can you try to manually submit the file to me by uploading it here:

Uploading File
Please visit this site & follow the instructions for uploading the file mentioned below.
Copy/paste the contents of the Code Box below into the Link to topic where this file was requested: box:
http://www.bleepingcomputer.com/forums/topic441135.html/page__view__findpost__p__2593299

Click Browse & navigate to C:\WINDOWS\system32\drivers\P17.sys.

Cheers,
ST.
Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.

#19 User is offline   djw23 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 30
  • Joined: 14-September 05
  • Gender:Female

Posted 11 February 2012 - 11:51 AM

Hi Agent ST
I sent the file through the form as you requested:

"Your file was successfully submitted. Please let the user helping you know that you have submitted the file."

Thanks, Dona

P.S. Do I NOT need to install the .NET Framework on this computer?

Also...do you know where I can find a safe browsing practices guide...I think we both need to read that.
I truthfully feel like he does way more browsing that I do...like I told him to knock it off with visiting YouTube anymore
I try to limit Facebook visits on my computer and use my iPhone instead.
I don't click on links or open any file attachments that are emailed to me unless they are from clients...
maybe I need to ask them to copy/paste Word content into email instead. Any suggestions are greatly appreciated.

And I like working with you too! :-)

This post has been edited by djw23: 11 February 2012 - 11:57 AM

#20 User is offline   SweetTech 

  • Agent ST
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 12,666
  • Joined: 15-March 09
  • Gender:Male
  • Location:Antarctica

Posted 11 February 2012 - 12:30 PM

Hi Dona!

Thanks for submitting that file for me.

The file came back clean when I submitted it to VirusTotal.

However, it still looks a bit suspicious, so I'm going to suggest we run a scan to check for any files that need to be replaced.

Quote

P.S. Do I NOT need to install the .NET Framework on this computer?
That's one of those things that if you really needed it, you probably would have already had it installed by now, so I'm going to say for what you use this computer for, no it's not needed.

Quote

Also...do you know where I can find a safe browsing practices guide...I think we both need to read that.
I truthfully feel like he does way more browsing that I do...like I told him to knock it off with visiting YouTube anymore
I try to limit Facebook visits on my computer and use my iPhone instead.
I don't click on links or open any file attachments that are emailed to me unless they are from clients...
maybe I need to ask them to copy/paste Word content into email instead. Any suggestions are greatly appreciated.

I usually provide my recommendations for remaining cleaning in my all clean speech, but you can take a look at this here: http://www.bleepingcomputer.com/forums/topic2520.html


Lets run the check on your system files now.

Run System File Checker

Make sure you have your XP Disc handy


The System File Checker (Sfc.exe) utility is used for scanning protected operating system files to verify their version and integrity. If System File Checker detects any operating system file with the incorrect file version, it replaces the corrupted file with a file that has the correct version from the Windows installation source files.

To use System File Checker, follow these steps:
  • Click Start, click Run, type cmd.exe, and then click OK.
  • At the command prompt, type sfc /purgecache, and then press ENTER.
    Note You may be prompted to provide Windows installation source files when you run the sfc /purgecache command. If the command is completed successfully, you will receive the following message:
  • Windows File Protection successfully made the requested change.
  • At the command prompt, type sfc /scannow, and then press ENTER.
    Note
    This command may take several minutes to finish. You may also be
    prompted to provide Windows installation source files when you run the sfc /scannow command.
  • At the command prompt, type exit, and then press ENTER to close the command prompt.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.

#21 User is offline   djw23 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 30
  • Joined: 14-September 05
  • Gender:Female

Posted 12 February 2012 - 08:08 AM

Good morning Agent ST

thanks for the "how did I get infected" link and LOL on saving it for the "ALL clean speech"

I ran the system file checker with my Win XP SP2 CD.
I don't think it matters but thought I would mention that I upgraded to SP3 with automatic updates so I don't have a CD for that.
It was taking quite awhile to run...chugging along reading from the CD...so I went away and did other things.
At first I thought that maybe I would have to re-enable the CD emulators that I disabled at the start of this process with Defogger.
But it seemed to be reading from the CD so I guessed not.
So when I came back awhile later it was sitting at the command prompt waiting for me to Exit.
Hope that was okay...
Thanks, Dona

#22 User is offline   SweetTech 

  • Agent ST
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 12,666
  • Joined: 15-March 09
  • Gender:Male
  • Location:Antarctica

Posted 13 February 2012 - 02:59 AM

Hi Dona!

Do me a favor and run a new scan with OTL for me:

OTL Custom Scan

We need to run an OTL Custom Scan
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.


    CREATERESTOREPOINT
    msconfig
    safebootminimal
    activex
    drivers32
    netsvcs
    /md5start
    P17.sys
    /md5stop
    "%WinDir%\$NtUninstallKB*$."
    C:\Program Files\Common Files\ComObjects\*.* /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    %USERPROFILE%\AppData\Local\Google\Chrome\User Data\*.* /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs


  • Push the Quick Scan button.
  • A report will open. Copy and Paste that report in your next reply.



NEXT:



What outstanding issues (if any) are you still experiencing with your computer?
Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.

#23 User is offline   djw23 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 30
  • Joined: 14-September 05
  • Gender:Female

Posted 13 February 2012 - 06:45 AM

Good Morning Again Agent ST!

The OTL was "not responding" in task manager on the first attempt so I had to close "X" out and try again.

Here'e the results of the OTL scan on this computer:

OTL logfile created on: 2/13/2012 6:29:11 AM - Run 4
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\WWAdmin\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.34 Gb Available Physical Memory | 67.28% Memory free
3.85 Gb Paging File | 3.31 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.77 Gb Total Space | 205.16 Gb Free Space | 88.14% Space Free | Partition Type: NTFS

Computer Name: USER1-CEFFE37FC | User Name: WWAdmin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/03 11:56:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\WWAdmin\Desktop\OTL.exe
PRC - [2012/02/02 11:01:45 | 000,909,152 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
PRC - [2012/02/02 11:01:43 | 000,939,872 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2012/01/17 20:03:24 | 002,339,168 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/09/09 02:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/08/18 00:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/05/23 13:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/03/28 02:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/02/10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/06/25 19:15:32 | 001,311,312 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2010/06/22 14:09:20 | 000,112,208 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
PRC - [2009/07/10 16:53:52 | 000,372,736 | ---- | M] (Orbiscom Ltd. All rights reserved.) -- C:\Program Files\Virtual Account Numbers\CitiVAN.exe
PRC - [2009/07/10 16:50:36 | 000,145,920 | ---- | M] (Orbiscom Ltd.) -- C:\WINDOWS\system32\OBroker.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/02/28 16:50:50 | 000,180,224 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
PRC - [2006/08/14 00:07:00 | 000,102,400 | ---- | M] () -- C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
PRC - [2006/08/10 11:10:14 | 000,221,184 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
PRC - [2006/08/10 10:38:54 | 000,010,752 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
PRC - [2006/07/31 08:00:00 | 001,116,920 | ---- | M] (Sonic Solutions) -- C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
PRC - [2006/01/02 16:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2003/05/15 00:19:50 | 000,217,193 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
PRC - [2003/04/06 00:17:18 | 000,147,456 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
PRC - [2003/04/05 23:55:04 | 000,311,296 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposts08.exe
PRC - [2003/04/05 23:45:10 | 000,286,720 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/02 11:01:45 | 000,909,152 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
MOD - [2012/02/02 11:01:43 | 000,939,872 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012/01/01 12:08:51 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a0bcddf0\mscorlib.dll
MOD - [2012/01/01 12:08:48 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_37b9e16a\system.drawing.dll
MOD - [2012/01/01 12:08:39 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_33d3209a\system.xml.dll
MOD - [2012/01/01 12:08:31 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_f21d6765\system.windows.forms.dll
MOD - [2012/01/01 12:08:16 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_82ed1ae6\system.dll
MOD - [2012/01/01 12:07:48 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012/01/01 12:07:47 | 001,269,760 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2012/01/01 12:07:42 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2009/09/19 20:57:55 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2009/09/19 20:57:54 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2009/09/19 20:57:54 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2009/09/19 20:57:54 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2009/07/10 16:50:24 | 000,039,424 | ---- | M] () -- C:\Program Files\Virtual Account Numbers\VANRes.dll
MOD - [2007/05/07 19:59:08 | 000,137,216 | R--- | M] () -- C:\WINDOWS\system32\OemSpi.dll
MOD - [2006/08/14 00:07:00 | 000,102,400 | ---- | M] () -- C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
MOD - [2006/08/10 10:42:00 | 000,516,096 | ---- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll
MOD - [2006/08/10 10:37:06 | 004,587,520 | R--- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
MOD - [2006/08/09 03:27:36 | 000,037,376 | ---- | M] () -- C:\Program Files\Common Files\Roxio Shared\DLLShared\apm.dll
MOD - [2006/08/08 08:18:18 | 000,056,056 | ---- | M] () -- C:\WINDOWS\system32\DLAAPI_W.DLL


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2012/02/02 11:01:45 | 000,909,152 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/11/10 08:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/02/08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/05/06 04:29:12 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2006/08/10 03:11:14 | 000,057,344 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe -- (Roxio UPnP Renderer 9)
SRV - [2006/08/10 03:10:50 | 000,294,912 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe -- (Roxio Upnp Server 9)
SRV - [2003/03/09 15:31:02 | 000,065,795 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2012/02/02 06:59:31 | 000,135,032 | ---- | M] (Doctor Web, Ltd.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\dwprot.sys -- (DwProt)
DRV - [2011/05/27 18:05:44 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/04 23:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 15:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 13:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 07:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 06:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 06:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 05:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/03/18 04:02:32 | 000,028,624 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2010/03/18 04:02:08 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010/03/18 04:01:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010/03/18 04:01:12 | 000,010,448 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2010/02/26 05:18:10 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/26 05:18:10 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/02/26 05:18:10 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2007/06/13 00:58:16 | 001,131,520 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2007/03/22 11:35:40 | 001,659,008 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\p17xfilt.sys -- (p17xfilt)
DRV - [2006/09/25 04:58:54 | 001,173,504 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17xfi.sys -- (P17xfi)
DRV - [2006/08/09 03:30:42 | 000,050,688 | ---- | M] (Sonic Solutions) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RxFilter.sys -- (RxFilter)
DRV - [2006/08/08 08:18:50 | 000,009,432 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/08 08:18:28 | 000,035,128 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/08 08:18:26 | 000,097,880 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/08 08:18:26 | 000,094,680 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/08 08:18:24 | 000,026,136 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/08 08:18:22 | 000,032,504 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/08 08:18:20 | 000,104,504 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/08 08:18:20 | 000,014,552 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/01 19:06:20 | 000,012,952 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/01 19:06:18 | 000,028,216 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2006/06/07 16:08:58 | 001,580,544 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/05/10 14:00:16 | 000,156,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006/03/17 17:18:58 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2005/10/17 17:50:06 | 000,245,376 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2500usb.sys -- (WUSB54GPV4SRV)
DRV - [2004/10/07 20:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 54 61 F9 19 82 E6 CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2012/02/03 12:07:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\citius@orbiscom: C:\Program Files\Virtual Account Numbers [2011/12/04 12:42:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\10.0.0.7\ [2012/02/02 11:01:53 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2012/02/07 22:37:32 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Virtual Account Numbers Helper) - {17424104-1444-4810-85D7-B4DA413C5A9A} - C:\Program Files\Virtual Account Numbers\CitiVANHelper.dll (Orbiscom Ltd. All rights reserved.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (radiojazz Toolbar) - {cbf6f119-ea59-4612-96c3-efd538c88c0a} - C:\Program Files\radiojazz\tbradi.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (Virtual Account Numbers) - {7A21A046-B886-4A62-9D69-EF2059B0A27B} - C:\Program Files\Virtual Account Numbers\CitiVANToolbar.dll (Orbiscom Ltd. All rights reserved.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (radiojazz Toolbar) - {cbf6f119-ea59-4612-96c3-efd538c88c0a} - C:\Program Files\radiojazz\tbradi.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Citi Virtual Account Numbers] C:\Program Files\Virtual Account Numbers\CitiVAN.exe (Orbiscom Ltd. All rights reserved.)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Roxio\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\SPIRun.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (Sonic Solutions)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hp psc 1000 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe (Hewlett-Packard Co.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab (Device Detection)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B3F2BBB5-F5A6-4823-BFC2-9E54C4B3F974}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.dll) - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\WWAdmin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\WWAdmin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/09/19 19:18:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012/02/11 09:19:12 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\INF\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivXNetworks)

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2012/02/11 14:34:17 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2012/02/11 14:34:14 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2012/02/11 14:33:51 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2012/02/11 14:33:46 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2012/02/11 14:33:29 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2012/02/11 14:33:26 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2012/02/11 14:33:20 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2012/02/11 14:33:04 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2012/02/11 14:32:54 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2012/02/11 14:32:51 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2012/02/11 14:32:48 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2012/02/11 14:32:41 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2012/02/11 14:32:38 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2012/02/11 14:32:35 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2012/02/11 14:32:32 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2012/02/11 14:32:19 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2012/02/11 14:32:07 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2012/02/11 14:32:04 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2012/02/11 14:32:01 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2012/02/11 14:31:56 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2012/02/11 14:31:40 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2012/02/11 14:31:29 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2012/02/11 14:31:26 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2012/02/11 14:31:13 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2012/02/11 14:31:10 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2012/02/11 14:31:07 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2012/02/11 14:31:04 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2012/02/11 14:31:01 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2012/02/11 14:30:58 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2012/02/11 14:30:33 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2012/02/11 14:30:29 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2012/02/11 14:30:26 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2012/02/11 14:30:25 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2012/02/11 14:30:22 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2012/02/11 14:30:19 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2012/02/11 14:30:07 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2012/02/11 14:30:04 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2012/02/11 14:29:30 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2012/02/11 14:29:27 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2012/02/11 14:29:24 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2012/02/11 14:29:21 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2012/02/11 14:29:17 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2012/02/11 14:28:59 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2012/02/11 14:28:36 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2012/02/11 14:28:33 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2012/02/11 14:28:30 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2012/02/11 14:28:28 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2012/02/11 14:28:25 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2012/02/11 14:28:06 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2012/02/11 14:28:04 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2012/02/11 14:28:01 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2012/02/11 14:27:55 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2012/02/11 14:27:34 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2012/02/11 14:27:32 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2012/02/11 14:27:29 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2012/02/11 14:27:26 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2012/02/11 14:27:05 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2012/02/11 14:26:59 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2012/02/11 14:26:57 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2012/02/11 14:26:45 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2012/02/11 14:26:42 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2012/02/11 14:26:40 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2012/02/11 14:26:37 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2012/02/11 14:26:35 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2012/02/11 14:26:32 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2012/02/11 14:26:30 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2012/02/11 14:26:27 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2012/02/11 14:26:25 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2012/02/11 14:26:19 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2012/02/11 14:26:17 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2012/02/11 14:26:16 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012/02/11 14:26:16 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012/02/11 14:26:15 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2012/02/11 14:26:15 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2012/02/11 14:26:05 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2012/02/11 14:26:00 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2012/02/11 14:25:57 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2012/02/11 14:25:54 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2012/02/11 14:25:45 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2012/02/11 14:25:42 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2012/02/11 14:25:16 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2012/02/11 14:25:14 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2012/02/11 14:25:12 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2012/02/11 14:25:02 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2012/02/11 14:24:22 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2012/02/11 14:24:12 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2012/02/11 14:24:11 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2012/02/11 14:24:09 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2012/02/11 14:23:36 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2012/02/11 14:23:33 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2012/02/11 14:23:31 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2012/02/11 14:23:28 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2012/02/11 14:23:15 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2012/02/11 14:23:05 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2012/02/11 14:23:03 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2012/02/11 14:22:57 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2012/02/11 14:22:50 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2012/02/11 14:22:48 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2012/02/11 14:22:41 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2012/02/11 14:22:39 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2012/02/11 14:22:37 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2012/02/11 14:22:35 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2012/02/11 14:22:32 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2012/02/11 14:22:30 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2012/02/11 14:22:23 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2012/02/11 14:22:21 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2012/02/11 14:22:18 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2012/02/11 14:22:16 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2012/02/11 14:22:14 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2012/02/11 14:21:38 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2012/02/11 14:21:06 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2012/02/11 14:20:50 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2012/02/11 14:20:48 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2012/02/11 14:20:47 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2012/02/11 14:20:45 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2012/02/11 14:20:45 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2012/02/11 14:20:43 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2012/02/11 14:20:37 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2012/02/11 14:20:35 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2012/02/11 14:20:32 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2012/02/11 14:20:30 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2012/02/11 14:20:26 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2012/02/11 14:20:24 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2012/02/11 14:19:48 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2012/02/11 14:19:20 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2012/02/11 14:17:59 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2012/02/11 14:17:51 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2012/02/11 14:17:31 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2012/02/11 14:17:29 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2012/02/11 14:17:27 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2012/02/11 14:17:18 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2012/02/11 14:17:11 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2012/02/11 14:17:09 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2012/02/11 14:17:06 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2012/02/11 14:17:04 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2012/02/11 14:17:03 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2012/02/11 14:17:02 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2012/02/11 14:16:50 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2012/02/11 14:16:47 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2012/02/11 14:16:45 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2012/02/11 14:16:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/02/11 14:15:38 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2012/02/11 14:15:34 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2012/02/11 14:15:28 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2012/02/11 14:15:27 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2012/02/11 14:15:26 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2012/02/11 14:15:23 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2012/02/11 14:15:22 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2012/02/11 14:15:21 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2012/02/11 14:15:20 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2012/02/11 14:15:19 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2012/02/11 14:15:04 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2012/02/11 14:15:03 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2012/02/11 14:15:00 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2012/02/11 14:14:43 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2012/02/11 14:14:43 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2012/02/11 14:14:42 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2012/02/11 14:14:41 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2012/02/11 14:14:40 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2012/02/11 14:14:39 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2012/02/11 14:14:39 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2012/02/11 14:14:37 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2012/02/11 14:14:32 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2012/02/11 14:14:22 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2012/02/11 14:14:17 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2012/02/11 14:14:13 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2012/02/11 14:14:13 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2012/02/11 14:14:12 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2012/02/11 14:14:12 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2012/02/11 14:14:11 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2012/02/11 14:14:09 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2012/02/11 14:14:09 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2012/02/11 14:14:08 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2012/02/11 14:14:08 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2012/02/11 14:14:07 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2012/02/11 14:14:06 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2012/02/11 14:14:06 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012/02/11 14:13:47 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2012/02/11 14:13:47 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2012/02/11 14:13:46 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2012/02/11 14:13:46 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2012/02/11 14:13:45 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2012/02/11 14:13:45 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2012/02/11 14:13:44 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2012/02/11 14:13:44 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2012/02/11 14:13:43 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2012/02/11 14:13:42 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2012/02/11 14:13:42 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2012/02/11 14:13:41 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2012/02/11 14:13:41 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2012/02/11 14:13:40 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2012/02/11 14:13:40 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2012/02/11 14:13:39 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2012/02/11 14:13:39 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2012/02/11 14:13:39 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2012/02/11 14:13:36 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2012/02/11 14:13:34 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2012/02/11 14:13:34 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2012/02/11 14:13:33 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2012/02/11 14:13:33 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2012/02/11 14:13:32 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2012/02/11 14:13:32 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2012/02/11 14:13:32 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2012/02/11 14:13:19 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2012/02/11 14:13:15 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2012/02/11 14:13:08 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2012/02/11 14:13:08 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2012/02/11 14:13:07 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2012/02/11 14:13:07 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2012/02/11 14:13:06 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2012/02/11 14:13:05 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2012/02/11 14:13:03 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2012/02/11 14:13:02 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2012/02/11 14:13:02 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2012/02/11 14:13:02 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2012/02/11 10:09:35 | 000,072,704 | ---- | C] (GravityGripp) -- C:\Documents and Settings\WWAdmin\Desktop\ZipIt2.exe
[2012/02/11 09:19:12 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2012/02/10 11:06:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\WWAdmin\Local Settings\Application Data\Sun
[2012/02/10 11:02:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\WWAdmin\Desktop\Bleep
[2012/02/10 10:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/02/10 10:35:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2012/02/08 13:26:14 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/02/08 13:19:02 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/02/08 11:59:22 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\WWAdmin\Desktop\mbam--setup-1.60.1.1000.exe
[2012/02/08 11:51:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/02/05 08:32:57 | 004,396,367 | R--- | C] (Swearware) -- C:\Documents and Settings\WWAdmin\Desktop\ComboFix.exe
[2012/02/04 11:15:23 | 004,733,440 | ---- | C] (AVAST Software) -- C:\Documents and Settings\WWAdmin\Desktop\aswMBR.exe
[2012/02/04 10:47:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/02/03 12:12:21 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\WWAdmin\Desktop\OTL.exe
[2012/02/03 12:03:50 | 002,059,312 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\WWAdmin\Desktop\tdsskiller.exe
[2012/02/02 06:59:31 | 000,135,032 | ---- | C] (Doctor Web, Ltd.) -- C:\WINDOWS\System32\drivers\dwprot.sys
[2012/02/01 11:53:21 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/02/01 11:50:38 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/02/01 11:50:38 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/02/01 11:50:38 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/02/01 11:50:38 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/02/01 11:48:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/02/01 11:42:13 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/02/01 11:42:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\WWAdmin\My Documents\My Videos
[2012/02/01 11:42:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\WWAdmin\Start Menu\Programs\Administrative Tools
[2012/02/01 11:41:48 | 004,398,288 | R--- | C] (Swearware) -- C:\ComboFix.exe
[2009/09/19 21:18:05 | 000,065,536 | R--- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[2006/07/11 13:29:00 | 000,028,672 | R--- | C] ( ) -- C:\WINDOWS\System32\DivXGraphBuilderCallback.dll
[4 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[15 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/13 06:31:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{99796CAB-0E9B-437F-A13D-980353FC50B3}.job
[2012/02/12 08:44:07 | 088,773,504 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/02/11 17:53:10 | 000,233,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/02/11 10:09:36 | 000,072,704 | ---- | M] (GravityGripp) -- C:\Documents and Settings\WWAdmin\Desktop\ZipIt2.exe
[2012/02/11 09:20:50 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2012/02/11 09:20:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/11 09:18:32 | 000,132,597 | ---- | M] () -- C:\Documents and Settings\WWAdmin\Desktop\Flash_Disinfector.exe
[2012/02/08 15:23:34 | 000,869,194 | ---- | M] () -- C:\Documents and Settings\WWAdmin\Desktop\SecurityCheck.exe
[2012/02/08 13:22:43 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/08 11:59:25 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\WWAdmin\Desktop\mbam--setup-1.60.1.1000.exe
[2012/02/07 22:37:32 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/02/07 21:37:22 | 004,398,288 | R--- | M] (Swearware) -- C:\ComboFix.exe
[2012/02/05 08:32:59 | 004,396,367 | R--- | M] (Swearware) -- C:\Documents and Settings\WWAdmin\Desktop\ComboFix.exe
[2012/02/04 10:09:48 | 004,733,440 | ---- | M] (AVAST Software) -- C:\Documents and Settings\WWAdmin\Desktop\aswMBR.exe
[2012/02/03 12:07:54 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2012/02/03 11:56:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\WWAdmin\Desktop\OTL.exe
[2012/02/03 11:55:10 | 000,335,593 | ---- | M] () -- C:\Documents and Settings\WWAdmin\Desktop\FSS.exe
[2012/02/03 11:53:38 | 002,059,312 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\WWAdmin\Desktop\tdsskiller.exe
[2012/02/02 22:21:18 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\WWAdmin\defogger_reenable
[2012/02/02 21:36:59 | 000,256,000 | R--- | M] () -- C:\WINDOWS\PEV.exe
[2012/02/02 07:18:04 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2012/02/02 06:59:31 | 000,135,032 | ---- | M] (Doctor Web, Ltd.) -- C:\WINDOWS\System32\drivers\dwprot.sys
[2012/02/01 13:13:32 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/02/01 12:06:41 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/02/01 11:53:25 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[4 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[15 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/11 14:34:13 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2012/02/11 14:34:10 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2012/02/11 14:25:08 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012/02/11 14:25:04 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012/02/11 14:21:43 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012/02/11 14:20:20 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/02/11 14:19:28 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/02/11 14:17:57 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2012/02/11 14:17:53 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2012/02/11 14:17:49 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2012/02/11 14:17:46 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2012/02/11 14:17:42 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2012/02/11 14:17:32 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/02/11 14:15:25 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2012/02/11 14:15:24 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2012/02/11 14:15:23 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2012/02/11 14:13:28 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2012/02/11 14:13:28 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2012/02/11 14:13:28 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2012/02/11 14:13:27 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2012/02/11 14:13:27 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2012/02/11 14:13:26 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2012/02/11 14:13:26 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2012/02/11 14:13:26 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2012/02/11 14:13:25 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2012/02/11 14:13:22 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2012/02/11 09:18:32 | 000,132,597 | ---- | C] () -- C:\Documents and Settings\WWAdmin\Desktop\Flash_Disinfector.exe
[2012/02/08 15:23:31 | 000,869,194 | ---- | C] () -- C:\Documents and Settings\WWAdmin\Desktop\SecurityCheck.exe
[2012/02/03 12:12:17 | 000,335,593 | ---- | C] () -- C:\Documents and Settings\WWAdmin\Desktop\FSS.exe
[2012/02/02 22:21:18 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\WWAdmin\defogger_reenable
[2012/02/01 11:53:25 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/02/01 11:53:23 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/02/01 11:50:38 | 000,256,000 | R--- | C] () -- C:\WINDOWS\PEV.exe
[2012/02/01 11:50:38 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/02/01 11:50:38 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/02/01 11:50:38 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/02/01 11:50:38 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/05/09 18:13:01 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/24 17:45:43 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/04/24 17:45:43 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2010/05/14 17:33:21 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\WWAdmin\Local Settings\Application Data\fusioncache.dat
[2010/04/19 21:05:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2010/03/27 09:07:14 | 000,029,452 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/10/02 16:36:07 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2009/10/02 16:21:07 | 000,020,454 | ---- | C] () -- C:\WINDOWS\hpoins01.dat
[2009/10/02 16:21:07 | 000,016,618 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat
[2009/09/20 08:17:59 | 000,373,248 | ---- | C] () -- C:\WINDOWS\EyeCand3.INI
[2009/09/19 22:17:06 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/09/19 22:09:24 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2009/09/19 21:59:14 | 000,000,210 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/09/19 21:31:55 | 000,003,118 | ---- | C] () -- C:\WINDOWS\System32\AudioDrv.ini
[2009/09/19 21:31:23 | 000,008,251 | R--- | C] () -- C:\WINDOWS\sfsyn.ini
[2009/09/19 21:31:22 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[2009/09/19 21:31:21 | 000,137,216 | R--- | C] () -- C:\WINDOWS\System32\OemSpi.dll
[2009/09/19 20:50:38 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009/09/19 20:50:04 | 000,129,112 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009/09/19 19:20:23 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/09/19 19:15:41 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/09/19 14:54:29 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/09/19 14:53:25 | 000,159,544 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2007/07/02 00:58:14 | 000,001,970 | ---- | C] () -- C:\WINDOWS\P17EP.ini
[2007/06/13 00:58:16 | 001,131,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\P17.sys
[2007/06/06 00:24:24 | 000,022,478 | R--- | C] () -- C:\WINDOWS\System32\ludap17.ini
[2007/04/09 00:42:00 | 000,148,480 | ---- | C] () -- C:\WINDOWS\System32\OemSpiE.dll
[2007/04/09 00:40:00 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\P17RunE.dll
[2006/12/15 01:41:26 | 000,008,192 | ---- | C] () -- C:\WINDOWS\ResDefE.exe
[2006/08/15 14:54:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/08/09 03:19:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/08/09 03:19:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2006/08/09 00:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\besch.exe
[2006/08/09 00:00:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\besched.dll
[2005/07/15 13:36:35 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005/07/15 13:35:56 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/07/15 13:35:56 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/07/15 13:35:24 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/03/21 18:48:05 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/21 18:48:05 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/03/08 05:17:00 | 000,000,054 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2004/08/04 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 05:00:00 | 000,380,702 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 05:00:00 | 000,052,936 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 05:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 05:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 05:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/10/02 00:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2003/10/02 00:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2003/03/09 15:31:04 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll

========== LOP Check ==========

[2012/02/02 11:01:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2011/08/21 15:58:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2012/01/11 16:59:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/08/21 13:50:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/08/21 13:55:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2010/08/07 17:21:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/19 22:26:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/03/02 00:39:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WWAdmin\Application Data\AVG Secure Search
[2011/08/21 13:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WWAdmin\Application Data\AVG10
[2010/08/26 08:02:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\WWAdmin\Application Data\Leadertech
[2010/01/07 17:30:12 | 000,000,342 | ---- | M] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1254518909.job
[2012/02/11 09:20:50 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job
[2012/02/13 06:31:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{99796CAB-0E9B-437F-A13D-980353FC50B3}.job

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: P17.SYS >
[2007/06/13 00:58:16 | 001,131,520 | ---- | M] () MD5=2AAFDA3F9E15A225F632F0363B194189 -- C:\WINDOWS\system32\drivers\P17.sys
[2007/04/04 21:47:20 | 001,126,400 | ---- | M] (Creative Technology Ltd.) MD5=68BD22788B679A30FFCEA1D2EC141AF1 -- C:\Program Files\Creative\Sound Blaster X-Fi\Program\vista\Win2k_xp\I386\p17.sys
[2007/04/04 21:40:36 | 001,265,152 | ---- | M] (Creative Technology Ltd.) MD5=D22F07F40D3C7681CF373B325BDFBFFD -- C:\Program Files\Creative\Sound Blaster X-Fi\Program\vista\Win2k_xp\AMD64\P17.sys

< "%WinDir%\$NtUninstallKB*$." >
[2010/08/12 02:03:37 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2079403$
[2010/08/12 02:04:01 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2115168$
[2010/09/16 02:03:07 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2121546$
[2010/09/16 02:00:45 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2141007$
[2010/09/30 16:13:44 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2158563$
[2010/08/12 02:03:11 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2160329$
[2010/07/15 02:02:48 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2229593$
[2010/09/16 02:03:34 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2259922$
[2010/10/13 02:04:13 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2279986$
[2010/08/04 02:00:39 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2286198$
[2010/10/13 02:04:03 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2296011$
[2010/12/15 03:04:01 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2296199$
[2010/10/13 02:04:08 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2345886$
[2010/09/16 02:03:12 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2347290$
[2010/10/13 02:00:44 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2360937$
[2010/10/13 02:03:58 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2378111_WM9$
[2010/10/13 02:04:19 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2387149$
[2011/02/10 03:00:43 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2393802$
[2011/04/13 02:04:04 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2412687$
[2011/01/12 03:00:59 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2419632$
[2010/12/15 03:01:00 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2423089$
[2010/12/15 03:03:21 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2436673$
[2010/12/15 03:03:29 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2440591$
[2010/12/15 03:03:57 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2443105$
[2010/12/15 03:03:24 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2443685$
[2010/12/15 03:03:07 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2467659$
[2011/06/15 21:16:51 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2476490$
[2011/02/10 03:01:00 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2476687$
[2011/02/10 03:00:56 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2478960$
[2011/02/10 03:03:53 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2478971$
[2011/02/10 03:03:43 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2479628$
[2011/03/10 03:03:42 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2479943$
[2011/03/10 03:01:30 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2481109$
[2011/02/10 03:03:34 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2483185$
[2011/02/10 03:03:48 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2485376$
[2011/04/13 02:04:50 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2485663$
[2011/04/13 02:03:54 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2503658$
[2011/06/15 21:16:47 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2503665$
[2011/04/13 02:03:33 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2506212$
[2011/04/13 02:04:34 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2506223$
[2011/04/13 02:03:48 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2507618$
[2011/07/13 20:23:52 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2507938$
[2011/04/13 02:04:01 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2508272$
[2011/04/13 02:03:43 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2508429$
[2011/04/13 02:01:14 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2509553$
[2011/04/13 02:03:38 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2511455$
[2011/03/24 02:00:47 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2524375$
[2011/06/15 21:16:43 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2535512$
[2011/06/15 21:16:39 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2536276$
[2011/08/10 02:03:06 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2536276-v2$
[2011/06/29 02:00:44 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2541763$
[2011/06/15 21:16:14 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2544893$
[2011/11/09 03:03:13 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2544893-v2$
[2011/07/13 20:22:03 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2555917$
[2011/08/10 02:00:41 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2562937$
[2011/10/13 02:05:13 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2564958$
[2011/08/10 02:00:49 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2566454$
[2011/10/13 02:03:04 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2567053$
[2011/08/10 02:03:10 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2567680$
[2011/08/10 02:03:02 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2570222$
[2011/08/23 21:02:16 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2570791$
[2011/09/16 02:00:46 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2570947$
[2012/02/01 12:02:45 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2584146$
[2012/02/01 12:33:45 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2585542$
[2011/10/13 02:02:59 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2592799$
[2012/02/01 12:03:30 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2598479$
[2012/02/01 12:03:19 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2603381$
[2011/09/07 15:43:12 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2607712$
[2011/09/16 02:02:44 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2616676$
[2011/12/14 21:56:00 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2618451$
[2011/12/14 21:56:06 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2619339$
[2011/12/14 21:55:53 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2620712$
[2011/12/14 21:59:17 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2624667$
[2012/02/01 12:06:32 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2631813$
[2011/12/14 21:55:22 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2633171$
[2011/12/14 21:56:12 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2633952$
[2011/12/14 21:59:24 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2639417$
[2011/11/11 03:01:21 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2641690$
[2012/02/01 12:06:39 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB2646524$
[2009/09/27 08:53:51 | 000,000,000 | -HSD | M] -- C:\WINDOWS\$NtUninstallKB49616$
[2009/09/19 21:19:36 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB835221WXP$
[2009/09/21 21:08:03 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB885884$
[2009/09/19 22:40:18 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB898461$
[2009/09/27 08:58:57 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB923561$
[2009/09/20 10:10:11 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB923561_0$
[2009/09/22 21:35:32 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB932823-v3$
[2009/09/27 08:59:01 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB938464-v2$
[2009/09/20 10:13:26 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB938464-v2_0$
[2009/09/21 21:08:33 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB941569$
[2009/09/20 10:10:17 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB944338-v2$
[2009/09/27 08:59:06 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB946648$
[2009/09/20 10:15:09 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB946648_0$
[2009/09/27 08:59:11 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB950762$
[2009/09/20 10:12:01 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB950762_0$
[2009/09/27 08:59:15 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB950974$
[2009/09/20 10:14:20 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB950974_0$
[2009/09/27 08:59:20 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB951066$
[2009/09/20 10:11:30 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB951066_0$
[2009/09/27 08:59:24 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB951376-v2$
[2009/09/20 10:15:23 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB951376-v2_0$
[2009/09/27 08:59:29 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB951748$
[2009/09/20 10:11:24 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB951748_0$
[2009/09/28 21:29:10 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB951978$
[2009/09/27 08:59:34 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB952004$
[2009/09/20 10:12:54 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB952004_0$
[2009/09/20 10:13:15 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB952069_WM9$
[2009/09/27 08:59:39 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB952287$
[2009/09/20 10:11:48 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB952287_0$
[2009/09/27 08:59:44 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB952954$
[2009/09/20 10:15:19 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB952954_0$
[2009/10/14 21:38:41 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB954155_WM9$
[2009/09/28 21:28:46 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB954459$
[2009/09/27 08:59:48 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB954600$
[2009/09/20 10:10:36 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB954600_0$
[2009/09/27 08:59:53 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB955069$
[2009/09/20 10:10:26 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB955069_0$
[2010/01/12 22:42:03 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB955759$
[2009/09/27 08:59:59 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB956572$
[2009/09/20 10:13:50 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB956572_0$
[2009/09/28 21:29:04 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB956744$
[2009/09/27 09:00:08 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB956802$
[2009/09/20 10:10:22 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB956802_0$
[2009/09/27 09:00:13 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB956803$
[2009/09/20 10:15:04 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB956803_0$
[2009/09/27 09:00:17 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB956844$
[2009/09/20 10:13:36 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB956844_0$
[2009/09/27 09:00:21 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB957097$
[2009/09/20 10:11:57 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB957097_0$
[2009/09/20 10:11:06 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB958470$
[2009/09/27 09:00:26 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB958644$
[2009/09/20 10:10:31 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB958644_0$
[2009/09/27 09:00:30 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB958687$
[2009/09/20 10:11:52 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB958687_0$
[2009/10/14 21:38:50 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB958869$
[2009/09/27 09:00:35 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB959426$
[2009/09/20 10:15:14 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB959426_0$
[2009/09/27 09:00:39 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB960225$
[2009/09/20 10:14:07 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB960225_0$
[2009/09/27 09:00:44 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB960803$
[2009/09/20 10:11:00 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB960803_0$
[2009/09/27 09:00:48 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB960859$
[2009/09/20 10:15:00 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB960859_0$
[2009/09/27 09:00:53 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB961371-v2$
[2009/09/20 10:14:44 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB961371-v2_0$
[2009/09/27 09:00:57 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB961501$
[2009/09/20 10:13:31 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB961501_0$
[2009/09/27 09:01:02 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB967715$
[2009/09/20 10:11:36 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB967715_0$
[2009/10/14 21:37:27 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB968389$
[2009/09/27 09:01:09 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB968537$
[2009/09/20 10:10:50 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB968537_0$
[2009/09/20 10:13:23 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB968816_WM9$
[2009/10/14 21:38:46 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB969059$
[2009/11/11 22:29:37 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB969947$
[2009/09/27 09:01:13 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB970238$
[2009/09/20 10:11:14 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB970238_0$
[2009/12/09 03:02:11 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB970430$
[2009/09/20 10:10:03 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB970653-v3$
[2011/03/18 02:00:52 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB971029$
[2009/09/20 10:10:42 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB971032$
[2010/02/10 22:10:27 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB971468$
[2011/05/08 09:01:03 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB971486$
[2009/09/27 09:01:18 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB971557$
[2009/09/20 10:14:11 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB971557_0$
[2009/09/27 09:01:23 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB971633$
[2009/09/20 10:13:20 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB971633_0$
[2009/09/27 09:01:27 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB971657$
[2009/09/20 10:14:16 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB971657_0$
[2009/12/09 03:01:29 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB971737$
[2009/09/20 10:11:18 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB971961$
[2009/09/20 10:14:32 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB972260$
[2010/01/13 05:39:30 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB972270$
[2009/09/20 10:14:02 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB973346$
[2009/09/27 09:01:35 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB973354$
[2009/09/20 10:11:43 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB973354_0$
[2009/09/27 09:01:39 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB973507$
[2009/09/20 10:12:06 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB973507_0$
[2009/10/14 21:37:43 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB973525$
[2009/09/28 21:28:56 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB973540_WM9$
[2009/09/20 10:13:02 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB973540_WM9L$
[2009/11/25 03:01:10 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB973687$
[2009/09/27 09:01:44 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB973815$
[2009/09/20 10:10:55 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB973815_0$
[2009/09/27 09:01:49 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB973869$
[2009/09/20 10:13:11 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB973869_0$
[2009/12/09 03:01:41 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB973904$
[2009/10/14 21:38:37 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB974112$
[2009/12/09 03:02:06 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB974318$
[2009/12/09 03:01:36 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB974392$
[2009/10/14 21:38:27 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB974571$
[2009/10/14 21:38:32 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB975025$
[2009/10/14 21:37:38 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB975467$
[2010/09/16 02:03:28 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB975558_WM8$
[2010/02/10 22:08:58 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB975560$
[2010/03/11 03:01:59 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB975561$
[2010/06/12 02:00:55 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB975562$
[2010/02/10 22:09:07 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB975713$
[2009/11/25 03:01:18 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB976098-v2$
[2010/02/10 22:08:08 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB977165$
[2010/04/15 02:00:59 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB977816$
[2010/02/10 22:08:27 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB977914$
[2010/02/10 22:09:12 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB978037$
[2010/02/10 22:09:03 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB978251$
[2010/02/10 22:10:31 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB978262$
[2010/04/15 02:01:03 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB978338$
[2010/05/12 02:00:29 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB978542$
[2010/04/15 02:00:55 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB978601$
[2010/06/12 02:01:07 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB978695_WM9$
[2010/02/10 22:08:19 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB978706$
[2010/02/24 03:00:16 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB979306$
[2010/04/15 02:00:32 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB979309$
[2010/04/15 02:02:13 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB979402_WM9$
[2010/06/12 02:01:03 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB979482$
[2010/06/12 02:02:54 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB979559$
[2010/04/15 02:02:25 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB979683$
[2010/10/13 02:03:45 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB979687$
[2010/06/12 02:04:01 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB980195$
[2010/06/12 02:04:07 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB980218$
[2010/04/15 02:02:18 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB980232$
[2010/08/12 02:03:06 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB980436$
[2010/09/16 02:02:58 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB981322$
[2010/05/26 05:39:31 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB981793$
[2010/08/12 02:03:45 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB981852$
[2010/10/13 02:01:19 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB981957$
[2010/08/12 02:00:51 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB981997$
[2010/10/13 02:03:54 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB982132$
[2010/08/12 02:04:05 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB982214$
[2010/08/12 02:00:41 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB982665$
[2010/09/16 02:03:03 | 000,000,000 | -H-D | M] -- C:\WINDOWS\$NtUninstallKB982802$

< C:\Program Files\Common Files\ComObjects\*.* /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/11/04 06:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/11/04 06:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/11/04 06:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/11/04 06:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/11/04 06:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/11/04 06:24:17 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< %USERPROFILE%\AppData\Local\Google\Chrome\User Data\*.* /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-02-01 17:33:51

< >

< >

< >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\WWAdmin\Desktop\Bleep:Roxio EMC Stream

< End of report >

-------------------------------------------------------------

That weird mouse cursor blinking/hourglass effect and long typing delay is going on in the posting box again...
I have not seen this happen on My computer. Very strange.

Otherwise, all seems normal

thank you, Dona

This post has been edited by djw23: 13 February 2012 - 06:48 AM

#24 User is offline   SweetTech 

  • Agent ST
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 12,666
  • Joined: 15-March 09
  • Gender:Male
  • Location:Antarctica

Posted 13 February 2012 - 08:13 AM

Hi Dona!

Can you do me a favor and let me know if you have any software installation discs for Sound Blaster X-Fi Xtreme Audio?
Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.

#25 User is offline   djw23 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 30
  • Joined: 14-September 05
  • Gender:Female

Posted 13 February 2012 - 10:13 PM

We put a Sound Blaster sound card in this computer to support the Roxio stuff my husband does with his music library and iTunes. I found the CD and it does say Sound Blaster X-Fi Xtreme Audio on it. copyright is 2006 -- maybe because it's old the tools don't know it's legit?
I see it's related to that P17 file...Do you need me to reinstall that software so we can be sure?
let me know. thank you, Dona

P.S. We have external portable hard drives for both computers that we will need to scan. Can you please let me know about that?
Sorry...this if this seems like the never-ending support request.
I found at least 3 things on another coworkers computer yesterday which I am going to try and work on removing today. :-(
It's so hard to wrap my brain around dealing with virus removal on my own and everything else I have to run through my brain to work everyday.
So I REALLY appreciate your help when I need to call in the cavalry.

This post has been edited by djw23: 14 February 2012 - 07:36 AM

#26 User is offline   SweetTech 

  • Agent ST
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 12,666
  • Joined: 15-March 09
  • Gender:Male
  • Location:Antarctica

Posted 14 February 2012 - 10:01 AM

Hi Dona!

Quote

We put a Sound Blaster sound card in this computer to support the Roxio stuff my husband does with his music library and iTunes. I found the CD and it does say Sound Blaster X-Fi Xtreme Audio on it. copyright is 2006 -- maybe because it's old the tools don't know it's legit?
I've been struggling with the answer to that for a bit.

I'll tell you why.

When I did my research on these MD5 numbers below.

[2007/06/13 00:58:16 | 001,131,520 | ---- | M] () MD5=2AAFDA3F9E15A225F632F0363B194189 -- C:\WINDOWS\system32\drivers\P17.sys
[2007/04/04 21:47:20 | 001,126,400 | ---- | M] (Creative Technology Ltd.) MD5=68BD22788B679A30FFCEA1D2EC141AF1 -- C:\Program Files\Creative\Sound Blaster X-Fi\Program\vista\Win2k_xp\I386\p17.sys
[2007/04/04 21:40:36 | 001,265,152 | ---- | M] (Creative Technology Ltd.) MD5=D22F07F40D3C7681CF373B325BDFBFFD -- C:\Program Files\Creative\Sound Blaster X-Fi\Program\vista\Win2k_xp\AMD64\P17.sys

I was not getting many hits for them. In all honesty, your thread was really the only result I was getting when I did research on it. So I'm not too comfortable with that finding.

When I had you submit that file to my submission channel, I scanned it myself with a site called VirusTotal, and it came up clean. Which can mean one of two things, it really is in fact clean, or it's being patched by malware.

The reason why I'm still weary of this even after submitting it to VirusTotal, is because when a file doesn't have many hits via a web search, it tends to indicate an issue with the file being malicious. Now that's not to say that in all cases the file will be patched or malicious, but it can be an indicator of an problem if issues are still occurring.

I think I'd feel more comfortable if you could go ahead and re-install that software for me.

If you could do that now, that'd be great. :)

----------

Quote

P.S. We have external portable hard drives for both computers that we will need to scan. Can you please let me know about that?
Of course I can! :)

We can scan them with ESET Online Scanner.

Quote

Sorry...this if this seems like the never-ending support request.
I found at least 3 things on another coworkers computer yesterday which I am going to try and work on removing today. :-(
It's so hard to wrap my brain around dealing with virus removal on my own and everything else I have to run through my brain to work everyday.
So I REALLY appreciate your help when I need to call in the cavalry.

Not a problem!

You'll want to plug them both into this computer and proceed with the ESET instructions below:

ESET Online Scanner
I'd like us to scan your machine with ESET Online Scan

Note: It is recommended to disable on-board anti-virus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your anti-virus along with your anti-spyware programs.


  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.

  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Make sure that the option "Remove found threats" is Unchecked
  • When the Computer scan settings display shows, click the Advanced option, the place a check next to the following (if it is not already checked):
    • Enable Anti-Stealth technology

    Please Note:
    Where it says; Current scan targets: click on Change...
    Another window will pop-up and will allow you to select which drives you want the online scanner to scan. You'll want to ensure that you place a checkmark underneath your external hard drives. Then click on OK after you ensure you've selected your external hard drives.

  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin
    scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as
    ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.

#27 User is offline   djw23 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 30
  • Joined: 14-September 05
  • Gender:Female

Posted 15 February 2012 - 10:31 PM

Hi Agent ST

I reinstalled the Sound Blaster software earlier tonight. I guess we'll need to re-check on the P17 file somehow now that I've done that?

Here'e the results of the ESET scan on the portable hard drives: One file to clean up.

I:\3624Admin My Documents\Install_AIM.exe Win32/Adware.WBug.A application


Thank you and good night. Dona

#28 User is offline   SweetTech 

  • Agent ST
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 12,666
  • Joined: 15-March 09
  • Gender:Male
  • Location:Antarctica

Posted 16 February 2012 - 02:56 AM

Hi Dona!

Quote

I reinstalled the Sound Blaster software earlier tonight. I guess we'll need to re-check on the P17 file somehow now that I've done that?
Yep, we can check that out in this post.

But first, lets remove that file that was detected by ESET.

Go Start > Run and copy/paste the following single-line command into the Run box and click OK:

cmd /c del /f/a/q "I:\3624Admin My Documents\Install_AIM.exe"



NEXT:


OTL Custom Scan

We need to create a new OTL Report
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Click on the NONE button at the top.
  • In the custom scan box paste the following:
    msconfig
safebootminimal
activex
drivers32
netsvcs
C:\Program Files\Common Files\ComObjects\*.* /s
%systemroot%\*. /mp /s
%systemroot%\*. /rp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\drivers\*.sys /90
%SYSTEMDRIVE%\*.exe
/md5start
P17.SYS
volsnap.sys
atapi.sys
explorer.exe
winlogon.exe
wininit.exe
/md5stop
hklm\software\clients\startmenuinternet|command /rs

  • Push the Posted Image button.
  • One report will open, copy and paste it in a reply here:
    • OTL.txt <-- Will be opened

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.

#29 User is offline   djw23 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 30
  • Joined: 14-September 05
  • Gender:Female

Posted 16 February 2012 - 09:23 PM

Hi Agent ST

Okay I removed the file that was detected and ran the OTL Scan.
Here's the contents of the text file:

OTL logfile created on: 2/16/2012 9:11:51 PM - Run 5
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\WWAdmin\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.32 Gb Available Physical Memory | 66.18% Memory free
3.85 Gb Paging File | 3.28 Gb Available in Paging File | 85.34% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.77 Gb Total Space | 205.39 Gb Free Space | 88.24% Space Free | Partition Type: NTFS
Drive I: | 149.01 Gb Total Space | 90.04 Gb Free Space | 60.43% Space Free | Partition Type: FAT32

Computer Name: USER1-CEFFE37FC | User Name: WWAdmin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/02/03 11:56:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\WWAdmin\Desktop\OTL.exe
PRC - [2012/02/02 11:01:45 | 000,909,152 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
PRC - [2012/02/02 11:01:43 | 000,939,872 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2012/01/17 20:03:24 | 002,339,168 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/09/09 02:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/08/18 00:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/05/23 13:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/03/28 02:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/02/10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/06/25 19:15:32 | 001,311,312 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2010/06/22 14:09:20 | 000,112,208 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
PRC - [2009/07/10 16:53:52 | 000,372,736 | ---- | M] (Orbiscom Ltd. All rights reserved.) -- C:\Program Files\Virtual Account Numbers\CitiVAN.exe
PRC - [2009/07/10 16:50:36 | 000,145,920 | ---- | M] (Orbiscom Ltd.) -- C:\WINDOWS\system32\OBroker.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/02/28 17:50:50 | 000,180,224 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
PRC - [2006/08/14 00:07:00 | 000,102,400 | ---- | M] () -- C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
PRC - [2006/08/10 11:10:14 | 000,221,184 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
PRC - [2006/08/10 10:38:54 | 000,010,752 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
PRC - [2006/07/31 08:00:00 | 001,116,920 | ---- | M] (Sonic Solutions) -- C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
PRC - [2006/01/02 16:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2003/05/15 00:19:50 | 000,217,193 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
PRC - [2003/04/06 00:17:18 | 000,147,456 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
PRC - [2003/04/05 23:55:04 | 000,311,296 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposts08.exe
PRC - [2003/04/05 23:45:10 | 000,286,720 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe


========== Modules (No Company Name) ==========

MOD - [2012/02/02 11:01:45 | 000,909,152 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
MOD - [2012/02/02 11:01:43 | 000,939,872 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012/02/02 11:01:42 | 001,811,296 | ---- | M] () -- C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
MOD - [2012/01/01 12:08:51 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a0bcddf0\mscorlib.dll
MOD - [2012/01/01 12:08:48 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_37b9e16a\system.drawing.dll
MOD - [2012/01/01 12:08:39 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_33d3209a\system.xml.dll
MOD - [2012/01/01 12:08:31 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_f21d6765\system.windows.forms.dll
MOD - [2012/01/01 12:08:16 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_82ed1ae6\system.dll
MOD - [2012/01/01 12:07:48 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012/01/01 12:07:47 | 001,269,760 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2012/01/01 12:07:42 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2009/09/19 20:57:55 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2009/09/19 20:57:54 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2009/09/19 20:57:54 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2009/09/19 20:57:54 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2009/07/10 16:50:24 | 000,039,424 | ---- | M] () -- C:\Program Files\Virtual Account Numbers\VANRes.dll
MOD - [2007/05/07 19:59:08 | 000,137,216 | ---- | M] () -- C:\WINDOWS\system32\OemSpi.dll
MOD - [2006/08/14 00:07:00 | 000,102,400 | ---- | M] () -- C:\Program Files\Roxio\Media Experience\DMXLauncher.exe
MOD - [2006/08/10 10:42:00 | 000,516,096 | ---- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll
MOD - [2006/08/10 10:37:06 | 004,587,520 | R--- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
MOD - [2006/08/09 03:27:36 | 000,037,376 | ---- | M] () -- C:\Program Files\Common Files\Roxio Shared\DLLShared\apm.dll
MOD - [2006/08/08 08:18:18 | 000,056,056 | ---- | M] () -- C:\WINDOWS\system32\DLAAPI_W.DLL
MOD - [2003/05/15 00:03:46 | 000,147,456 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2012/02/02 11:01:45 | 000,909,152 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/11/10 08:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/02/08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/05/06 04:29:12 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2006/08/10 03:11:14 | 000,057,344 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe -- (Roxio UPnP Renderer 9)
SRV - [2006/08/10 03:10:50 | 000,294,912 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe -- (Roxio Upnp Server 9)
SRV - [2003/03/09 15:31:02 | 000,065,795 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2012/02/02 06:59:31 | 000,135,032 | ---- | M] (Doctor Web, Ltd.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\dwprot.sys -- (DwProt)
DRV - [2011/05/27 18:05:44 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/04 23:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 15:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 13:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 07:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 06:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 06:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 05:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/03/18 04:02:32 | 000,028,624 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2010/03/18 04:02:08 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010/03/18 04:01:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010/03/18 04:01:12 | 000,010,448 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2010/02/26 05:18:10 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/26 05:18:10 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/02/26 05:18:10 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2007/06/13 00:58:16 | 001,131,520 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2007/03/22 11:35:40 | 001,659,008 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\p17xfilt.sys -- (p17xfilt)
DRV - [2006/09/25 04:58:54 | 001,173,504 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17xfi.sys -- (P17xfi)
DRV - [2006/08/09 03:30:42 | 000,050,688 | ---- | M] (Sonic Solutions) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RxFilter.sys -- (RxFilter)
DRV - [2006/08/08 08:18:50 | 000,009,432 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/08 08:18:28 | 000,035,128 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/08 08:18:26 | 000,097,880 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/08 08:18:26 | 000,094,680 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/08 08:18:24 | 000,026,136 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/08 08:18:22 | 000,032,504 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/08 08:18:20 | 000,104,504 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/08 08:18:20 | 000,014,552 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/07 06:30:52 | 000,162,176 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctusfsyn.sys -- (CTUSFSYN)
DRV - [2006/08/01 19:06:20 | 000,012,952 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/01 19:06:18 | 000,028,216 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2006/06/07 16:08:58 | 001,580,544 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/05/10 14:00:16 | 000,156,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006/03/17 17:18:58 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2005/12/07 22:54:52 | 000,114,688 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005/12/07 22:54:44 | 000,142,336 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2005/10/17 17:50:06 | 000,245,376 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2500usb.sys -- (WUSB54GPV4SRV)
DRV - [2004/10/07 20:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1220945662-73586283-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1220945662-73586283-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1220945662-73586283-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1220945662-73586283-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 54 61 F9 19 82 E6 CC 01 [binary data]
IE - HKU\S-1-5-21-1220945662-73586283-682003330-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1220945662-73586283-682003330-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2012/02/03 12:07:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\citius@orbiscom: C:\Program Files\Virtual Account Numbers [2011/12/04 12:42:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\10.0.0.7\ [2012/02/02 11:01:53 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2012/02/07 22:37:32 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Virtual Account Numbers Helper) - {17424104-1444-4810-85D7-B4DA413C5A9A} - C:\Program Files\Virtual Account Numbers\CitiVANHelper.dll (Orbiscom Ltd. All rights reserved.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (radiojazz Toolbar) - {cbf6f119-ea59-4612-96c3-efd538c88c0a} - C:\Program Files\radiojazz\tbradi.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (Virtual Account Numbers) - {7A21A046-B886-4A62-9D69-EF2059B0A27B} - C:\Program Files\Virtual Account Numbers\CitiVANToolbar.dll (Orbiscom Ltd. All rights reserved.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (radiojazz Toolbar) - {cbf6f119-ea59-4612-96c3-efd538c88c0a} - C:\Program Files\radiojazz\tbradi.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1220945662-73586283-682003330-1005\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Citi Virtual Account Numbers] C:\Program Files\Virtual Account Numbers\CitiVAN.exe (Orbiscom Ltd. All rights reserved.)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Roxio\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\SPIRun.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (Sonic Solutions)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hp psc 1000 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe (Hewlett-Packard Co.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1220945662-73586283-682003330-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1220945662-73586283-682003330-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 36
O7 - HKU\S-1-5-21-1220945662-73586283-682003330-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF FF [binary data]
O7 - HKU\S-1-5-21-1220945662-73586283-682003330-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab (Device Detection)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B3F2BBB5-F5A6-4823-BFC2-9E54C4B3F974}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.dll) - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\WWAdmin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\WWAdmin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/09/19 19:18:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012/02/11 09:19:12 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2004/07/16 09:51:42 | 000,000,031 | ---- | M] () - I:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\INF\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivXNetworks)

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2012/02/16 01:42:42 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2012/02/16 01:42:42 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2012/02/16 01:42:41 | 002,000,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2012/02/16 01:42:40 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2012/02/15 16:57:06 | 000,073,728 | R--- | C] (Creative Technology Ltd) -- C:\WINDOWS\MIDIDEF.EXE
[2012/02/15 16:57:05 | 000,162,176 | R--- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\ctusfsyn.sys
[2012/02/15 16:57:05 | 000,142,336 | R--- | C] (Creative Technology Ltd) -- C:\WINDOWS\System32\drivers\ctsfm2k.sys
[2012/02/15 16:57:05 | 000,120,832 | R--- | C] (Creative Technology Ltd) -- C:\WINDOWS\System32\sfms32.dll
[2012/02/15 16:57:05 | 000,114,688 | R--- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\ctoss2k.sys
[2012/02/15 16:57:05 | 000,021,504 | R--- | C] (Creative Technology Ltd) -- C:\WINDOWS\System32\sfman32.dll
[2012/02/11 14:34:17 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2012/02/11 14:34:14 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2012/02/11 14:34:07 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2012/02/11 14:33:51 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2012/02/11 14:33:46 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2012/02/11 14:33:45 | 000,019,455 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys
[2012/02/11 14:33:42 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2012/02/11 14:33:41 | 000,012,063 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys
[2012/02/11 14:33:40 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2012/02/11 14:33:31 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiacpi.sys
[2012/02/11 14:33:29 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2012/02/11 14:33:26 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2012/02/11 14:33:20 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2012/02/11 14:33:16 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2012/02/11 14:33:13 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2012/02/11 14:33:13 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2012/02/11 14:33:13 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2012/02/11 14:33:09 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys
[2012/02/11 14:33:08 | 000,023,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys
[2012/02/11 14:33:07 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys
[2012/02/11 14:33:04 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2012/02/11 14:33:02 | 000,033,599 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys
[2012/02/11 14:33:02 | 000,019,551 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys
[2012/02/11 14:33:01 | 000,029,311 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys
[2012/02/11 14:33:00 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2012/02/11 14:32:59 | 000,011,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys
[2012/02/11 14:32:58 | 000,012,127 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys
[2012/02/11 14:32:57 | 000,012,415 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys
[2012/02/11 14:32:54 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2012/02/11 14:32:51 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2012/02/11 14:32:48 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2012/02/11 14:32:47 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2012/02/11 14:32:47 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2012/02/11 14:32:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2012/02/11 14:32:47 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2012/02/11 14:32:41 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2012/02/11 14:32:38 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2012/02/11 14:32:35 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2012/02/11 14:32:32 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2012/02/11 14:32:28 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys
[2012/02/11 14:32:28 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viaide.sys
[2012/02/11 14:32:26 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2012/02/11 14:32:22 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2012/02/11 14:32:19 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2012/02/11 14:32:16 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2012/02/11 14:32:13 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2012/02/11 14:32:10 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2012/02/11 14:32:07 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2012/02/11 14:32:04 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2012/02/11 14:32:01 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2012/02/11 14:31:59 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2012/02/11 14:31:58 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbohci.sys
[2012/02/11 14:31:57 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2012/02/11 14:31:56 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2012/02/11 14:31:52 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll
[2012/02/11 14:31:49 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2012/02/11 14:31:46 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2012/02/11 14:31:43 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll
[2012/02/11 14:31:40 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2012/02/11 14:31:37 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2012/02/11 14:31:34 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2012/02/11 14:31:32 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2012/02/11 14:31:29 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2012/02/11 14:31:26 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2012/02/11 14:31:23 | 000,036,736 | ---- | C] (Promise Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ultra.sys
[2012/02/11 14:31:19 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2012/02/11 14:31:19 | 000,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys
[2012/02/11 14:31:13 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2012/02/11 14:31:10 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2012/02/11 14:31:07 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2012/02/11 14:31:04 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2012/02/11 14:31:01 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2012/02/11 14:30:58 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2012/02/11 14:30:55 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys
[2012/02/11 14:30:52 | 000,042,496 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll
[2012/02/11 14:30:51 | 000,082,944 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4mon.exe
[2012/02/11 14:30:49 | 000,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll
[2012/02/11 14:30:45 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\toside.sys
[2012/02/11 14:30:42 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys
[2012/02/11 14:30:39 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys
[2012/02/11 14:30:36 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys
[2012/02/11 14:30:33 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2012/02/11 14:30:32 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2012/02/11 14:30:29 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2012/02/11 14:30:26 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2012/02/11 14:30:25 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2012/02/11 14:30:25 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2012/02/11 14:30:22 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2012/02/11 14:30:19 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2012/02/11 14:30:19 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2012/02/11 14:30:19 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2012/02/11 14:30:13 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys
[2012/02/11 14:30:10 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2012/02/11 14:30:07 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2012/02/11 14:30:04 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2012/02/11 14:30:00 | 000,032,640 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\symc8xx.sys
[2012/02/11 14:29:58 | 000,016,256 | ---- | C] (Symbios Logic Inc.) -- C:\WINDOWS\System32\dllcache\symc810.sys
[2012/02/11 14:29:55 | 000,030,688 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_u3.sys
[2012/02/11 14:29:52 | 000,028,384 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_hi.sys
[2012/02/11 14:29:50 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2012/02/11 14:29:47 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2012/02/11 14:29:44 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2012/02/11 14:29:42 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2012/02/11 14:29:39 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2012/02/11 14:29:36 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2012/02/11 14:29:34 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2012/02/11 14:29:32 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2012/02/11 14:29:30 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2012/02/11 14:29:27 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2012/02/11 14:29:24 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2012/02/11 14:29:21 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2012/02/11 14:29:21 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2012/02/11 14:29:17 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2012/02/11 14:29:14 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2012/02/11 14:29:14 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2012/02/11 14:29:08 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2012/02/11 14:29:05 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2012/02/11 14:29:02 | 000,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2012/02/11 14:28:59 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2012/02/11 14:28:57 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2012/02/11 14:28:54 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys
[2012/02/11 14:28:51 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll
[2012/02/11 14:28:49 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys
[2012/02/11 14:28:46 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2012/02/11 14:28:45 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2012/02/11 14:28:45 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys
[2012/02/11 14:28:42 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2012/02/11 14:28:42 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2012/02/11 14:28:41 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2012/02/11 14:28:39 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2012/02/11 14:28:39 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2012/02/11 14:28:36 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2012/02/11 14:28:36 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2012/02/11 14:28:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2012/02/11 14:28:33 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2012/02/11 14:28:30 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2012/02/11 14:28:28 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2012/02/11 14:28:25 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2012/02/11 14:28:23 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys
[2012/02/11 14:28:22 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys
[2012/02/11 14:28:21 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2012/02/11 14:28:21 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys
[2012/02/11 14:28:18 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll
[2012/02/11 14:28:16 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll
[2012/02/11 14:28:16 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2012/02/11 14:28:13 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2012/02/11 14:28:13 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll
[2012/02/11 14:28:13 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2012/02/11 14:28:12 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2012/02/11 14:28:10 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll
[2012/02/11 14:28:10 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2012/02/11 14:28:10 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2012/02/11 14:28:09 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2012/02/11 14:28:09 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2012/02/11 14:28:09 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2012/02/11 14:28:09 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2012/02/11 14:28:09 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2012/02/11 14:28:09 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2012/02/11 14:28:07 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2012/02/11 14:28:06 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2012/02/11 14:28:04 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2012/02/11 14:28:01 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2012/02/11 14:27:59 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll
[2012/02/11 14:27:56 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys
[2012/02/11 14:27:55 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2012/02/11 14:27:53 | 000,238,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrv.dll
[2012/02/11 14:27:50 | 000,104,064 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrp.sys
[2012/02/11 14:27:48 | 000,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll
[2012/02/11 14:27:45 | 000,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys
[2012/02/11 14:27:42 | 000,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll
[2012/02/11 14:27:40 | 000,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys
[2012/02/11 14:27:40 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2012/02/11 14:27:34 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2012/02/11 14:27:32 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2012/02/11 14:27:29 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2012/02/11 14:27:26 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2012/02/11 14:27:24 | 000,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys
[2012/02/11 14:27:20 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2012/02/11 14:27:18 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys
[2012/02/11 14:27:15 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2012/02/11 14:27:12 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys
[2012/02/11 14:27:11 | 000,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys
[2012/02/11 14:27:08 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2012/02/11 14:27:08 | 000,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys
[2012/02/11 14:27:05 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2012/02/11 14:27:03 | 000,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys
[2012/02/11 14:26:59 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2012/02/11 14:26:57 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2012/02/11 14:26:56 | 000,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys
[2012/02/11 14:26:53 | 000,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll
[2012/02/11 14:26:50 | 000,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys
[2012/02/11 14:26:47 | 000,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll
[2012/02/11 14:26:45 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2012/02/11 14:26:42 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2012/02/11 14:26:40 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2012/02/11 14:26:37 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2012/02/11 14:26:35 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2012/02/11 14:26:32 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2012/02/11 14:26:30 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2012/02/11 14:26:27 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2012/02/11 14:26:25 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2012/02/11 14:26:22 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2012/02/11 14:26:19 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2012/02/11 14:26:17 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2012/02/11 14:26:16 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012/02/11 14:26:16 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012/02/11 14:26:15 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2012/02/11 14:26:15 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2012/02/11 14:26:13 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8139.sys
[2012/02/11 14:26:11 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2012/02/11 14:26:08 | 000,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys
[2012/02/11 14:26:05 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2012/02/11 14:26:02 | 000,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys
[2012/02/11 14:26:00 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2012/02/11 14:25:57 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2012/02/11 14:25:54 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2012/02/11 14:25:54 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2012/02/11 14:25:53 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2012/02/11 14:25:48 | 000,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys
[2012/02/11 14:25:45 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2012/02/11 14:25:42 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2012/02/11 14:25:40 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2012/02/11 14:25:37 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2012/02/11 14:25:37 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2012/02/11 14:25:37 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[2012/02/11 14:25:31 | 000,049,024 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1280.sys
[2012/02/11 14:25:29 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql1240.sys
[2012/02/11 14:25:26 | 000,045,312 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql12160.sys
[2012/02/11 14:25:24 | 000,033,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql10wnt.sys
[2012/02/11 14:25:21 | 000,040,320 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1080.sys
[2012/02/11 14:25:20 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys
[2012/02/11 14:25:16 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2012/02/11 14:25:14 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2012/02/11 14:25:12 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2012/02/11 14:25:11 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll
[2012/02/11 14:25:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll
[2012/02/11 14:25:05 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll
[2012/02/11 14:25:02 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2012/02/11 14:25:00 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys
[2012/02/11 14:24:57 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys
[2012/02/11 14:24:57 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys
[2012/02/11 14:24:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys
[2012/02/11 14:24:53 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2012/02/11 14:24:53 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2012/02/11 14:24:53 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2012/02/11 14:24:49 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll
[2012/02/11 14:24:46 | 000,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys
[2012/02/11 14:24:44 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys
[2012/02/11 14:24:41 | 000,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys
[2012/02/11 14:24:39 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys
[2012/02/11 14:24:36 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll
[2012/02/11 14:24:34 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax
[2012/02/11 14:24:34 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2012/02/11 14:24:33 | 000,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll
[2012/02/11 14:24:32 | 000,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll
[2012/02/11 14:24:32 | 000,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys
[2012/02/11 14:24:31 | 000,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys
[2012/02/11 14:24:28 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2hib.sys
[2012/02/11 14:24:25 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2012/02/11 14:24:25 | 000,027,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2.sys
[2012/02/11 14:24:22 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2012/02/11 14:24:20 | 000,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys
[2012/02/11 14:24:17 | 000,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys
[2012/02/11 14:24:15 | 000,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[2012/02/11 14:24:12 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2012/02/11 14:24:11 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2012/02/11 14:24:09 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2012/02/11 14:24:08 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2012/02/11 14:24:08 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2012/02/11 14:24:08 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2012/02/11 14:24:03 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll
[2012/02/11 14:24:00 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll
[2012/02/11 14:23:58 | 000,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys
[2012/02/11 14:23:55 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe
[2012/02/11 14:23:53 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll
[2012/02/11 14:23:50 | 000,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys
[2012/02/11 14:23:48 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll
[2012/02/11 14:23:46 | 000,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys
[2012/02/11 14:23:43 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys
[2012/02/11 14:23:41 | 000,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys
[2012/02/11 14:23:38 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys
[2012/02/11 14:23:36 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2012/02/11 14:23:33 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2012/02/11 14:23:31 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2012/02/11 14:23:28 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2012/02/11 14:23:26 | 000,061,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ohci1394.sys
[2012/02/11 14:23:22 | 000,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys
[2012/02/11 14:23:19 | 000,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll
[2012/02/11 14:23:15 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2012/02/11 14:23:15 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2012/02/11 14:23:12 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys
[2012/02/11 14:23:09 | 000,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys
[2012/02/11 14:23:09 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys
[2012/02/11 14:23:05 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2012/02/11 14:23:03 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2012/02/11 14:23:00 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2012/02/11 14:23:00 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2012/02/11 14:22:57 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2012/02/11 14:22:53 | 000,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys
[2012/02/11 14:22:50 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2012/02/11 14:22:48 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2012/02/11 14:22:46 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys
[2012/02/11 14:22:45 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2012/02/11 14:22:44 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2012/02/11 14:22:41 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2012/02/11 14:22:39 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2012/02/11 14:22:37 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2012/02/11 14:22:35 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2012/02/11 14:22:32 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2012/02/11 14:22:30 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2012/02/11 14:22:28 | 000,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys
[2012/02/11 14:22:25 | 000,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys
[2012/02/11 14:22:23 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2012/02/11 14:22:21 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2012/02/11 14:22:18 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2012/02/11 14:22:16 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2012/02/11 14:22:14 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2012/02/11 14:22:13 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2012/02/11 14:22:11 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2012/02/11 14:22:06 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2012/02/11 14:22:05 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2012/02/11 14:22:02 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys
[2012/02/11 14:21:57 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmpu401.sys
[2012/02/11 14:21:56 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys
[2012/02/11 14:21:55 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2012/02/11 14:21:55 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2012/02/11 14:21:46 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys
[2012/02/11 14:21:44 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys
[2012/02/11 14:21:42 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2012/02/11 14:21:38 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2012/02/11 14:21:29 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2012/02/11 14:21:25 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys
[2012/02/11 14:21:21 | 000,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys
[2012/02/11 14:21:20 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migisol.exe
[2012/02/11 14:21:17 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys
[2012/02/11 14:21:15 | 000,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll
[2012/02/11 14:21:15 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2012/02/11 14:21:15 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2012/02/11 14:21:14 | 000,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys
[2012/02/11 14:21:12 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll
[2012/02/11 14:21:09 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2012/02/11 14:21:09 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys
[2012/02/11 14:21:06 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2012/02/11 14:21:03 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys
[2012/02/11 14:21:02 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2012/02/11 14:21:00 | 000,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys
[2012/02/11 14:20:58 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll
[2012/02/11 14:20:55 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll
[2012/02/11 14:20:53 | 000,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys
[2012/02/11 14:20:53 | 000,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys
[2012/02/11 14:20:50 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2012/02/11 14:20:48 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2012/02/11 14:20:48 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys
[2012/02/11 14:20:47 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2012/02/11 14:20:45 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2012/02/11 14:20:45 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2012/02/11 14:20:43 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2012/02/11 14:20:40 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2012/02/11 14:20:40 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys
[2012/02/11 14:20:37 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2012/02/11 14:20:35 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2012/02/11 14:20:32 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2012/02/11 14:20:30 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2012/02/11 14:20:29 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2012/02/11 14:20:26 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2012/02/11 14:20:24 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2012/02/11 14:20:24 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2012/02/11 14:20:24 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2012/02/11 14:20:23 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2012/02/11 14:20:20 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2012/02/11 14:20:20 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2012/02/11 14:20:19 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll
[2012/02/11 14:20:18 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll
[2012/02/11 14:20:18 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2012/02/11 14:20:18 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2012/02/11 14:20:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2012/02/11 14:20:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2012/02/11 14:20:17 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2012/02/11 14:20:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2012/02/11 14:20:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2012/02/11 14:20:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2012/02/11 14:20:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2012/02/11 14:20:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2012/02/11 14:20:14 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2012/02/11 14:20:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2012/02/11 14:20:11 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2012/02/11 14:20:09 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2012/02/11 14:20:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2012/02/11 14:20:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2012/02/11 14:20:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2012/02/11 14:20:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2012/02/11 14:20:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2012/02/11 14:20:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2012/02/11 14:20:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2012/02/11 14:20:07 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2012/02/11 14:20:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2012/02/11 14:20:06 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2012/02/11 14:20:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2012/02/11 14:20:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2012/02/11 14:20:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2012/02/11 14:20:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2012/02/11 14:20:04 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2012/02/11 14:20:04 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2012/02/11 14:20:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2012/02/11 14:20:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2012/02/11 14:20:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2012/02/11 14:20:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2012/02/11 14:19:58 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2012/02/11 14:19:56 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2012/02/11 14:19:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2012/02/11 14:19:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2012/02/11 14:19:55 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2012/02/11 14:19:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2012/02/11 14:19:53 | 000,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys
[2012/02/11 14:19:51 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2012/02/11 14:19:50 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll
[2012/02/11 14:19:48 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2012/02/11 14:19:48 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2012/02/11 14:19:47 | 000,088,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys
[2012/02/11 14:19:46 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2012/02/11 14:19:43 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2012/02/11 14:19:41 | 000,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll
[2012/02/11 14:19:39 | 000,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys
[2012/02/11 14:19:39 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\intelide.sys
[2012/02/11 14:19:36 | 000,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys
[2012/02/11 14:19:34 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ini910u.sys
[2012/02/11 14:19:34 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2012/02/11 14:19:32 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2012/02/11 14:19:32 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2012/02/11 14:19:31 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2012/02/11 14:19:30 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2012/02/11 14:19:29 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2012/02/11 14:19:29 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2012/02/11 14:19:28 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2012/02/11 14:19:27 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2012/02/11 14:19:27 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2012/02/11 14:19:26 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2012/02/11 14:19:26 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2012/02/11 14:19:20 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2012/02/11 14:19:17 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys
[2012/02/11 14:19:15 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll
[2012/02/11 14:19:13 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll
[2012/02/11 14:19:11 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2012/02/11 14:19:09 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2012/02/11 14:19:07 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2012/02/11 14:19:05 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2012/02/11 14:19:03 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2012/02/11 14:19:01 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2012/02/11 14:18:59 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys
[2012/02/11 14:18:57 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys
[2012/02/11 14:18:55 | 000,009,216 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[2012/02/11 14:18:53 | 000,161,020 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys
[2012/02/11 14:18:53 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys
[2012/02/11 14:18:52 | 000,702,845 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll
[2012/02/11 14:18:50 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys
[2012/02/11 14:18:48 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll
[2012/02/11 14:18:48 | 000,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omp.sys
[2012/02/11 14:18:48 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2012/02/11 14:18:46 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2012/02/11 14:18:41 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2012/02/11 14:18:36 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys
[2012/02/11 14:18:34 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys
[2012/02/11 14:18:32 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys
[2012/02/11 14:18:30 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys
[2012/02/11 14:18:28 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys
[2012/02/11 14:18:26 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys
[2012/02/11 14:18:24 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys
[2012/02/11 14:18:22 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll
[2012/02/11 14:18:20 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys
[2012/02/11 14:18:18 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys
[2012/02/11 14:18:16 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys
[2012/02/11 14:18:14 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys
[2012/02/11 14:18:12 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys
[2012/02/11 14:18:10 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2012/02/11 14:18:08 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2012/02/11 14:18:06 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2012/02/11 14:18:04 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2012/02/11 14:18:02 | 000,025,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpn.sys
[2012/02/11 14:18:00 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2012/02/11 14:17:59 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2012/02/11 14:17:55 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2012/02/11 14:17:51 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2012/02/11 14:17:47 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2012/02/11 14:17:44 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2012/02/11 14:17:40 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2012/02/11 14:17:37 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2012/02/11 14:17:37 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2012/02/11 14:17:35 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2012/02/11 14:17:35 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2012/02/11 14:17:33 | 000,907,456 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys
[2012/02/11 14:17:32 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2012/02/11 14:17:31 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2012/02/11 14:17:29 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2012/02/11 14:17:27 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2012/02/11 14:17:26 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys
[2012/02/11 14:17:26 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2012/02/11 14:17:24 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys
[2012/02/11 14:17:23 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll
[2012/02/11 14:17:21 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys
[2012/02/11 14:17:19 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll
[2012/02/11 14:17:18 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2012/02/11 14:17:16 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2012/02/11 14:17:16 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2012/02/11 14:17:15 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2012/02/11 14:17:14 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2012/02/11 14:17:12 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2012/02/11 14:17:11 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2012/02/11 14:17:09 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2012/02/11 14:17:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2012/02/11 14:17:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2012/02/11 14:17:06 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2012/02/11 14:17:04 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2012/02/11 14:17:03 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2012/02/11 14:17:02 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2012/02/11 14:17:00 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2012/02/11 14:16:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2012/02/11 14:16:57 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2012/02/11 14:16:53 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys
[2012/02/11 14:16:52 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2012/02/11 14:16:50 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2012/02/11 14:16:48 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys
[2012/02/11 14:16:47 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2012/02/11 14:16:45 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2012/02/11 14:16:43 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2012/02/11 14:16:42 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys
[2012/02/11 14:16:41 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2012/02/11 14:16:41 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2012/02/11 14:16:39 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2012/02/11 14:16:38 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2012/02/11 14:16:37 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2012/02/11 14:16:36 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2012/02/11 14:16:36 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2012/02/11 14:16:32 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys
[2012/02/11 14:16:32 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2012/02/11 14:16:30 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2012/02/11 14:16:28 | 000,347,550 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2012/02/11 14:16:27 | 000,594,238 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys
[2012/02/11 14:16:25 | 000,595,647 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2012/02/11 14:16:24 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2012/02/11 14:16:22 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2012/02/11 14:16:21 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2012/02/11 14:16:20 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2012/02/11 14:16:18 | 000,061,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2012/02/11 14:16:16 | 000,051,200 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2012/02/11 14:16:15 | 000,053,248 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2012/02/11 14:16:13 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2012/02/11 14:16:12 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2012/02/11 14:16:11 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2012/02/11 14:16:09 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2012/02/11 14:16:08 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\enum1394.sys
[2012/02/11 14:16:07 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys
[2012/02/11 14:16:04 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2012/02/11 14:16:03 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2012/02/11 14:16:02 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2012/02/11 14:16:01 | 000,171,520 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2012/02/11 14:16:00 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2012/02/11 14:15:59 | 000,455,199 | ---- | C] (3Com Corporation.) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2012/02/11 14:15:58 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2012/02/11 14:15:57 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2012/02/11 14:15:56 | 000,241,206 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2012/02/11 14:15:55 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2012/02/11 14:15:54 | 000,634,134 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2012/02/11 14:15:53 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2012/02/11 14:15:52 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2012/02/11 14:15:51 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2012/02/11 14:15:50 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2012/02/11 14:15:49 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2012/02/11 14:15:48 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2012/02/11 14:15:47 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2012/02/11 14:15:43 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100b325.sys
[2012/02/11 14:15:43 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2012/02/11 14:15:42 | 000,050,719 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2012/02/11 14:15:39 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2012/02/11 14:15:38 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2012/02/11 14:15:36 | 000,020,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpti2o.sys
[2012/02/11 14:15:34 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2012/02/11 14:15:33 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2012/02/11 14:15:32 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2012/02/11 14:15:32 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2012/02/11 14:15:31 | 000,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys
[2012/02/11 14:15:28 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2012/02/11 14:15:28 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2012/02/11 14:15:27 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2012/02/11 14:15:26 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2012/02/11 14:15:23 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2012/02/11 14:15:22 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2012/02/11 14:15:21 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2012/02/11 14:15:20 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2012/02/11 14:15:19 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2012/02/11 14:15:18 | 000,614,429 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2012/02/11 14:15:17 | 000,042,432 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2012/02/11 14:15:16 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2012/02/11 14:15:15 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2012/02/11 14:15:14 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2012/02/11 14:15:13 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2012/02/11 14:15:12 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2012/02/11 14:15:12 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2012/02/11 14:15:11 | 000,090,525 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2012/02/11 14:15:10 | 000,103,044 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2012/02/11 14:15:09 | 000,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2012/02/11 14:15:08 | 000,037,735 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2012/02/11 14:15:07 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2012/02/11 14:15:05 | 000,419,357 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2012/02/11 14:15:05 | 000,029,531 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2012/02/11 14:15:04 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2012/02/11 14:15:03 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2012/02/11 14:15:02 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe
[2012/02/11 14:15:01 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll
[2012/02/11 14:15:00 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2012/02/11 14:14:59 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2012/02/11 14:14:58 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2012/02/11 14:14:57 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2012/02/11 14:14:56 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2012/02/11 14:14:55 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2012/02/11 14:14:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2012/02/11 14:14:53 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dac960nt.sys
[2012/02/11 14:14:52 | 000,179,584 | ---- | C] (Mylex Corporation) -- C:\WINDOWS\System32\dllcache\dac2w2k.sys
[2012/02/11 14:14:50 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2012/02/11 14:14:49 | 000,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2012/02/11 14:14:49 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2012/02/11 14:14:48 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2012/02/11 14:14:47 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2012/02/11 14:14:46 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2012/02/11 14:14:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2012/02/11 14:14:44 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2012/02/11 14:14:44 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2012/02/11 14:14:43 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2012/02/11 14:14:43 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2012/02/11 14:14:42 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2012/02/11 14:14:41 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2012/02/11 14:14:40 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2012/02/11 14:14:39 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2012/02/11 14:14:39 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2012/02/11 14:14:38 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll
[2012/02/11 14:14:37 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2012/02/11 14:14:36 | 000,096,256 | ---- | C] (Copyright © Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2012/02/11 14:14:36 | 000,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2012/02/11 14:14:35 | 000,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys
[2012/02/11 14:14:33 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll
[2012/02/11 14:14:33 | 000,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2012/02/11 14:14:32 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2012/02/11 14:14:32 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2012/02/11 14:14:31 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2012/02/11 14:14:30 | 000,021,533 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2012/02/11 14:14:29 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2012/02/11 14:14:29 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2012/02/11 14:14:29 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2012/02/11 14:14:29 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cpqarray.sys
[2012/02/11 14:14:26 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compbatt.sys
[2012/02/11 14:14:25 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2012/02/11 14:14:25 | 000,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2012/02/11 14:14:23 | 000,006,656 | ---- | C] (CMD Technology, Inc.) -- C:\WINDOWS\System32\dllcache\cmdide.sys
[2012/02/11 14:14:22 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2012/02/11 14:14:22 | 000,013,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmbatt.sys
[2012/02/11 14:14:21 | 000,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2012/02/11 14:14:20 | 000,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2012/02/11 14:14:20 | 000,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2012/02/11 14:14:19 | 000,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2012/02/11 14:14:19 | 000,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2012/02/11 14:14:18 | 000,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2012/02/11 14:14:17 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2012/02/11 14:14:16 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2012/02/11 14:14:16 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2012/02/11 14:14:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2012/02/11 14:14:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2012/02/11 14:14:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2012/02/11 14:14:14 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2012/02/11 14:14:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2012/02/11 14:14:13 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2012/02/11 14:14:13 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2012/02/11 14:14:12 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2012/02/11 14:14:12 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2012/02/11 14:14:11 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2012/02/11 14:14:10 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2012/02/11 14:14:10 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cd20xrnt.sys
[2012/02/11 14:14:09 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2012/02/11 14:14:09 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2012/02/11 14:14:08 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2012/02/11 14:14:08 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2012/02/11 14:14:07 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2012/02/11 14:14:06 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2012/02/11 14:14:06 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012/02/11 14:14:05 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2012/02/11 14:14:05 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2012/02/11 14:14:04 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2012/02/11 14:14:04 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2012/02/11 14:14:03 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2012/02/11 14:14:03 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2012/02/11 14:14:02 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2012/02/11 14:14:02 | 000,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2012/02/11 14:14:01 | 000,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2012/02/11 14:14:01 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2012/02/11 14:14:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2012/02/11 14:13:48 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2012/02/11 14:13:47 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2012/02/11 14:13:47 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2012/02/11 14:13:46 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2012/02/11 14:13:46 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2012/02/11 14:13:45 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2012/02/11 14:13:45 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2012/02/11 14:13:44 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2012/02/11 14:13:44 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2012/02/11 14:13:43 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2012/02/11 14:13:43 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2012/02/11 14:13:42 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2012/02/11 14:13:42 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2012/02/11 14:13:42 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2012/02/11 14:13:41 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2012/02/11 14:13:41 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2012/02/11 14:13:40 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2012/02/11 14:13:40 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2012/02/11 14:13:39 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2012/02/11 14:13:39 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2012/02/11 14:13:39 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2012/02/11 14:13:37 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2012/02/11 14:13:37 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2012/02/11 14:13:36 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2012/02/11 14:13:36 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2012/02/11 14:13:36 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2012/02/11 14:13:35 | 000,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys
[2012/02/11 14:13:35 | 000,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys
[2012/02/11 14:13:34 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2012/02/11 14:13:34 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2012/02/11 14:13:34 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\battc.sys
[2012/02/11 14:13:33 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2012/02/11 14:13:33 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2012/02/11 14:13:32 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2012/02/11 14:13:32 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2012/02/11 14:13:32 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2012/02/11 14:13:31 | 000,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2012/02/11 14:13:31 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2012/02/11 14:13:30 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2012/02/11 14:13:30 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2012/02/11 14:13:26 | 000,070,528 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys
[2012/02/11 14:13:25 | 000,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll
[2012/02/11 14:13:24 | 000,281,600 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys
[2012/02/11 14:13:24 | 000,075,136 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys
[2012/02/11 14:13:23 | 000,289,664 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys
[2012/02/11 14:13:23 | 000,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll
[2012/02/11 14:13:23 | 000,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll
[2012/02/11 14:13:23 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2012/02/11 14:13:22 | 000,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll
[2012/02/11 14:13:21 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2012/02/11 14:13:20 | 000,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2012/02/11 14:13:20 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2012/02/11 14:13:20 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2012/02/11 14:13:19 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2012/02/11 14:13:18 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2012/02/11 14:13:18 | 000,026,496 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc.sys
[2012/02/11 14:13:18 | 000,022,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asc3350p.sys
[2012/02/11 14:13:18 | 000,014,848 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc3550.sys
[2012/02/11 14:13:16 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2012/02/11 14:13:16 | 000,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\amsint.sys
[2012/02/11 14:13:16 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2012/02/11 14:13:15 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys
[2012/02/11 14:13:15 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys
[2012/02/11 14:13:15 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2012/02/11 14:13:15 | 000,005,248 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\aliide.sys
[2012/02/11 14:13:14 | 000,056,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78xx.sys
[2012/02/11 14:13:14 | 000,055,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78u2.sys
[2012/02/11 14:13:14 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aha154x.sys
[2012/02/11 14:13:10 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2012/02/11 14:13:09 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adpu160m.sys
[2012/02/11 14:13:09 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2012/02/11 14:13:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2012/02/11 14:13:08 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2012/02/11 14:13:08 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2012/02/11 14:13:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2012/02/11 14:13:07 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2012/02/11 14:13:07 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2012/02/11 14:13:06 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2012/02/11 14:13:06 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2012/02/11 14:13:06 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2012/02/11 14:13:05 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2012/02/11 14:13:04 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2012/02/11 14:13:04 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2012/02/11 14:13:04 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2012/02/11 14:13:04 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2012/02/11 14:13:03 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2012/02/11 14:13:03 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2012/02/11 14:13:03 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\abp480n5.sys
[2012/02/11 14:13:02 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2012/02/11 14:13:02 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2012/02/11 14:13:02 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2012/02/11 14:13:02 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2012/02/11 14:13:02 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2012/02/11 14:13:01 | 000,053,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394bus.sys
[2012/02/11 14:13:01 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2012/02/11 14:12:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2012/02/11 14:12:45 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2012/02/11 14:12:37 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2012/02/11 14:12:37 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2012/02/11 14:12:36 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2012/02/11 14:12:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2012/02/11 14:12:35 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2012/02/11 14:12:35 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2012/02/11 14:12:29 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2012/02/11 10:09:35 | 000,072,704 | ---- | C] (GravityGripp) -- C:\Documents and Settings\WWAdmin\Desktop\ZipIt2.exe
[2012/02/11 09:19:12 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2012/02/10 11:06:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\WWAdmin\Local Settings\Application Data\Sun
[2012/02/10 11:02:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\WWAdmin\Desktop\Bleep
[2012/02/10 10:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/02/10 10:38:38 | 000,637,848 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npdeployJava1.dll
[2012/02/10 10:38:38 | 000,223,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/02/10 10:38:38 | 000,141,312 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012/02/10 10:38:37 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/02/10 10:38:37 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/02/10 10:35:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2012/02/10 10:29:52 | 020,290,952 | ---- | C] (Oracle Corporation) -- C:\Documents and Settings\WWAdmin\Desktop\jre-7u2-windows-i586.exe
[2012/02/08 13:26:14 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/02/08 13:19:02 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/02/08 11:59:22 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\WWAdmin\Desktop\mbam--setup-1.60.1.1000.exe
[2012/02/08 11:51:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/02/05 08:32:57 | 004,396,367 | R--- | C] (Swearware) -- C:\Documents and Settings\WWAdmin\Desktop\ComboFix.exe
[2012/02/04 11:15:23 | 004,733,440 | ---- | C] (AVAST Software) -- C:\Documents and Settings\WWAdmin\Desktop\aswMBR.exe
[2012/02/04 10:47:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/02/03 12:12:21 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\WWAdmin\Desktop\OTL.exe
[2012/02/03 12:03:50 | 002,059,312 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\WWAdmin\Desktop\tdsskiller.exe
[2012/02/02 06:59:31 | 000,135,032 | ---- | C] (Doctor Web, Ltd.) -- C:\WINDOWS\System32\drivers\dwprot.sys
[2012/02/01 19:02:58 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serial.sys
[2012/02/01 11:56:59 | 000,092,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mqac.svs
[2012/02/01 11:53:21 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/02/01 11:50:38 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/02/01 11:50:38 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/02/01 11:50:38 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/02/01 11:50:38 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/02/01 11:48:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/02/01 11:42:13 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/02/01 11:42:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\WWAdmin\My Documents\My Videos
[2012/02/01 11:42:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\WWAdmin\Start Menu\Programs\Administrative Tools
[2012/02/01 11:41:48 | 004,398,288 | R--- | C] (Swearware) -- C:\ComboFix.exe
[2009/09/19 21:18:05 | 000,065,536 | R--- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[2006/07/11 13:29:00 | 000,028,672 | R--- | C] ( ) -- C:\WINDOWS\System32\DivXGraphBuilderCallback.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/02/16 21:16:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{99796CAB-0E9B-437F-A13D-980353FC50B3}.job
[2012/02/16 21:08:11 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2012/02/16 09:23:33 | 089,188,715 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/02/16 03:24:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/16 03:24:27 | 000,159,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/16 03:02:05 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/02/15 17:22:23 | 000,000,584 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2012/02/15 17:22:23 | 000,000,584 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2012/02/15 16:57:20 | 000,000,935 | RH-- | M] () -- C:\WINDOWS\ctfile.rfc
[2012/02/15 16:56:59 | 000,409,600 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2012/02/15 16:56:59 | 000,114,688 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2012/02/15 16:55:43 | 000,000,029 | ---- | M] () -- C:\WINDOWS\sfbm.INI
[2012/02/15 16:49:51 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/11 17:53:10 | 000,233,629 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/02/11 10:09:36 | 000,072,704 | ---- | M] (GravityGripp) -- C:\Documents and Settings\WWAdmin\Desktop\ZipIt2.exe
[2012/02/11 09:18:32 | 000,132,597 | ---- | M] () -- C:\Documents and Settings\WWAdmin\Desktop\Flash_Disinfector.exe
[2012/02/10 10:38:24 | 000,223,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/02/10 10:38:24 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/02/10 10:38:24 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/02/10 10:38:24 | 000,141,312 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012/02/10 10:38:23 | 000,637,848 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npdeployJava1.dll
[2012/02/10 10:38:22 | 000,567,184 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012/02/10 10:30:05 | 020,290,952 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\WWAdmin\Desktop\jre-7u2-windows-i586.exe
[2012/02/08 15:23:34 | 000,869,194 | ---- | M] () -- C:\Documents and Settings\WWAdmin\Desktop\SecurityCheck.exe
[2012/02/08 11:59:25 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\WWAdmin\Desktop\mbam--setup-1.60.1.1000.exe
[2012/02/07 22:37:32 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/02/07 21:37:22 | 004,398,288 | R--- | M] (Swearware) -- C:\ComboFix.exe
[2012/02/05 08:32:59 | 004,396,367 | R--- | M] (Swearware) -- C:\Documents and Settings\WWAdmin\Desktop\ComboFix.exe
[2012/02/04 10:09:48 | 004,733,440 | ---- | M] (AVAST Software) -- C:\Documents and Settings\WWAdmin\Desktop\aswMBR.exe
[2012/02/03 12:07:54 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2012/02/03 11:56:06 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\WWAdmin\Desktop\OTL.exe
[2012/02/03 11:55:10 | 000,335,593 | ---- | M] () -- C:\Documents and Settings\WWAdmin\Desktop\FSS.exe
[2012/02/03 11:53:38 | 002,059,312 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\WWAdmin\Desktop\tdsskiller.exe
[2012/02/02 22:21:18 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\WWAdmin\defogger_reenable
[2012/02/02 21:36:59 | 000,256,000 | R--- | M] () -- C:\WINDOWS\PEV.exe
[2012/02/02 07:18:04 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2012/02/02 06:59:31 | 000,135,032 | ---- | M] (Doctor Web, Ltd.) -- C:\WINDOWS\System32\drivers\dwprot.sys
[2012/02/01 13:13:32 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/02/01 11:53:25 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/02/16 01:42:32 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/16 01:42:32 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/02/15 16:57:19 | 000,000,584 | ---- | C] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2012/02/15 16:57:19 | 000,000,584 | ---- | C] () -- C:\WINDOWS\System32\settings.sfm
[2012/02/15 16:57:05 | 000,000,059 | R--- | C] () -- C:\WINDOWS\System32\default4.sfm
[2012/02/15 16:55:43 | 000,000,029 | ---- | C] () -- C:\WINDOWS\sfbm.INI
[2012/02/11 14:34:13 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2012/02/11 14:34:10 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2012/02/11 14:25:08 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012/02/11 14:25:04 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012/02/11 14:21:43 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012/02/11 14:20:20 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/02/11 14:19:28 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/02/11 14:17:57 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2012/02/11 14:17:53 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2012/02/11 14:17:49 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2012/02/11 14:17:46 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2012/02/11 14:17:42 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2012/02/11 14:17:32 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/02/11 14:15:25 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2012/02/11 14:15:24 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2012/02/11 14:15:23 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2012/02/11 14:13:28 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2012/02/11 14:13:28 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2012/02/11 14:13:28 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2012/02/11 14:13:27 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2012/02/11 14:13:27 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2012/02/11 14:13:26 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2012/02/11 14:13:26 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2012/02/11 14:13:26 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2012/02/11 14:13:25 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2012/02/11 14:13:22 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2012/02/11 09:18:32 | 000,132,597 | ---- | C] () -- C:\Documents and Settings\WWAdmin\Desktop\Flash_Disinfector.exe
[2012/02/08 15:23:31 | 000,869,194 | ---- | C] () -- C:\Documents and Settings\WWAdmin\Desktop\SecurityCheck.exe
[2012/02/03 12:12:17 | 000,335,593 | ---- | C] () -- C:\Documents and Settings\WWAdmin\Desktop\FSS.exe
[2012/02/02 22:21:18 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\WWAdmin\defogger_reenable
[2012/02/01 11:53:25 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/02/01 11:53:23 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/02/01 11:50:38 | 000,256,000 | R--- | C] () -- C:\WINDOWS\PEV.exe
[2012/02/01 11:50:38 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/02/01 11:50:38 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/02/01 11:50:38 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/02/01 11:50:38 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/05/09 18:13:01 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/24 17:45:43 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/04/24 17:45:43 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2010/05/14 17:33:21 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\WWAdmin\Local Settings\Application Data\fusioncache.dat
[2010/04/19 21:05:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2010/03/27 09:07:14 | 000,029,452 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/10/02 16:36:07 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2009/10/02 16:21:07 | 000,020,454 | ---- | C] () -- C:\WINDOWS\hpoins01.dat
[2009/10/02 16:21:07 | 000,016,618 | ---- | C] () -- C:\WINDOWS\hpomdl01.dat
[2009/09/20 08:17:59 | 000,373,248 | ---- | C] () -- C:\WINDOWS\EyeCand3.INI
[2009/09/19 22:17:06 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/09/19 22:09:24 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2009/09/19 21:59:14 | 000,000,210 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/09/19 21:31:55 | 000,003,118 | ---- | C] () -- C:\WINDOWS\System32\AudioDrv.ini
[2009/09/19 21:31:23 | 000,008,251 | R--- | C] () -- C:\WINDOWS\sfsyn.ini
[2009/09/19 21:31:22 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[2009/09/19 21:31:21 | 000,137,216 | ---- | C] () -- C:\WINDOWS\System32\OemSpi.dll
[2009/09/19 20:50:38 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009/09/19 20:50:04 | 000,129,112 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009/09/19 19:20:23 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/09/19 19:15:41 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/09/19 14:54:29 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/09/19 14:53:25 | 000,159,544 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2007/07/02 00:58:14 | 000,001,970 | ---- | C] () -- C:\WINDOWS\P17EP.ini
[2007/06/13 00:58:16 | 001,131,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\P17.sys
[2007/06/06 00:24:24 | 000,022,478 | R--- | C] () -- C:\WINDOWS\System32\ludap17.ini
[2007/04/09 00:42:00 | 000,148,480 | ---- | C] () -- C:\WINDOWS\System32\OemSpiE.dll
[2007/04/09 00:40:00 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\P17RunE.dll
[2006/12/15 01:41:26 | 000,008,192 | ---- | C] () -- C:\WINDOWS\ResDefE.exe
[2006/08/15 14:54:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/08/09 03:19:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/08/09 03:19:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2006/08/09 00:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\besch.exe
[2006/08/09 00:00:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\besched.dll
[2005/07/15 13:36:35 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005/07/15 13:35:56 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/07/15 13:35:56 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/07/15 13:35:24 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/03/21 18:48:05 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/21 18:48:05 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/03/08 05:17:00 | 000,000,054 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2004/08/04 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 05:00:00 | 000,380,702 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 05:00:00 | 000,052,936 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 05:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 05:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 05:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/10/02 00:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2003/10/02 00:00:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\lockres.dll
[2003/03/09 15:31:04 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll

========== Custom Scans ==========


< C:\Program Files\Common Files\ComObjects\*.* /s >

< %systemroot%\*. /mp /s >

< %systemroot%\*. /rp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\drivers\*.sys /90 >
[2012/02/02 06:59:31 | 000,135,032 | ---- | M] (Doctor Web, Ltd.) -- C:\WINDOWS\system32\drivers\dwprot.sys

< %SYSTEMDRIVE%\*.exe >
[2012/02/07 21:37:22 | 004,398,288 | R--- | M] (Swearware) -- C:\ComboFix.exe


< MD5 for: ATAPI.SYS >
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/09/27 08:49:30 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009/09/27 08:49:30 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/04 05:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004/08/03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

< MD5 for: EXPLORER.EXE >
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2004/08/04 05:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: P17.SYS >
[2007/06/13 00:58:16 | 001,131,520 | ---- | M] () MD5=2AAFDA3F9E15A225F632F0363B194189 -- C:\WINDOWS\system32\drivers\P17.sys
[2007/04/04 21:47:20 | 001,126,400 | ---- | M] (Creative Technology Ltd.) MD5=68BD22788B679A30FFCEA1D2EC141AF1 -- C:\Program Files\Creative\Sound Blaster X-Fi\Program\vista\Win2k_xp\I386\p17.sys
[2007/04/04 21:40:36 | 001,265,152 | ---- | M] (Creative Technology Ltd.) MD5=D22F07F40D3C7681CF373B325BDFBFFD -- C:\Program Files\Creative\Sound Blaster X-Fi\Program\vista\Win2k_xp\AMD64\P17.sys

< MD5 for: VOLSNAP.SYS >
[2008/04/13 13:41:01 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- C:\WINDOWS\ServicePackFiles\i386\volsnap.sys
[2008/04/13 13:41:01 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- C:\WINDOWS\system32\dllcache\volsnap.sys
[2008/04/13 13:41:01 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- C:\WINDOWS\system32\drivers\volsnap.sys
[2004/08/04 05:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=EE4660083DEBA849FF6C485D944B379B -- C:\WINDOWS\$NtServicePackUninstall$\volsnap.sys

< MD5 for: WINLOGON.EXE >
[2004/08/04 05:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/12/16 07:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/12/16 07:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/12/16 07:23:08 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\WWAdmin\Desktop\Bleep:Roxio EMC Stream

< End of report >



Thank you, Dona

#30 User is offline   SweetTech 

  • Agent ST
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 12,666
  • Joined: 15-March 09
  • Gender:Male
  • Location:Antarctica

Posted 17 February 2012 - 02:30 AM

Hi Dona!

Your logs are looking good!

Enable CD Emulation Driver

If you don't have Defogger on your Desktop anymore, please download a new copy DeFogger to your desktop.

To re-enable your Emulation drivers, double click DeFogger to run the tool.
  • The application window will appear
  • Click the Re-enable button to re-enable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger will now ask to reboot the machine - click OK

IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_enable which will appear on your desktop.

Your Emulation drivers are now re-enabled.


NEXT:



OTL Fix

We need to run an OTL Fix

  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.
    :Services
:Processes
:OTL
O3 - HKU\S-1-5-21-1220945662-73586283-682003330-1005\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
[2012/02/11 10:09:35 | 000,072,704 | ---- | C] (GravityGripp) -- C:\Documents and Settings\WWAdmin\Desktop\ZipIt2.exe
[2012/02/10 10:29:52 | 020,290,952 | ---- | C] (Oracle Corporation) -- C:\Documents and Settings\WWAdmin\Desktop\jre-7u2-windows-i586.exe
[2012/02/08 11:59:22 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\WWAdmin\Desktop\mbam--setup-1.60.1.1000.exe
[2012/02/04 11:15:23 | 004,733,440 | ---- | C] (AVAST Software) -- C:\Documents and Settings\WWAdmin\Desktop\aswMBR.exe
[2012/02/03 12:03:50 | 002,059,312 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\WWAdmin\Desktop\tdsskiller.exe
[2012/02/11 09:18:32 | 000,132,597 | ---- | M] () -- C:\Documents and Settings\WWAdmin\Desktop\Flash_Disinfector.exe
[2012/02/02 22:21:18 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\WWAdmin\defogger_reenable
[2012/02/08 15:23:31 | 000,869,194 | ---- | C] () -- C:\Documents and Settings\WWAdmin\Desktop\SecurityCheck.exe
[2012/02/03 12:12:17 | 000,335,593 | ---- | C] () -- C:\Documents and Settings\WWAdmin\Desktop\FSS.exe

:Reg

:Files
:Commands
[CreateRestorePoint]
[emptytemp]
[EMPTYFLASH]
[EMPTYJAVA]

  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date of the tool run.



NEXT:



If all goes well with the above fix, we should be able to clean-up our tools in the next reply.
Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.

Share this topic:


  • 3 Pages +
  • 1
  • 2
  • 3
  • You cannot start a new topic
  • This topic is locked

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users