Help
This topic is locked
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- OTL should now start. Change the following settings
- Change Drivers to All
- Change Standard Registry to All
- Under File Scans, change File age to 30
- Change Drivers to All
- Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt (first run only). These are saved in the same location as OTL.
- Please post the contents of the OTL.txt file and attach the Extras.Txt, if any, in your next reply.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt (first run only). These are saved in the same location as OTL.
Forum Guidelines
Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help
Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient. DO NOT RUN ComboFix unless requested to. Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log. When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc. Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
Inadvertantly disabled svc host pc won't boot
#16
- Master Surgeon General
-
- Group: Malware Response Team
- Posts: 5,956
- Joined: 04-March 06
- Gender:Male
- Location:Puerto Rico
Posted 13 February 2012 - 01:29 AM
If you are able to boot? if you do, Download OTL to your Desktop
No request for help throughout private messaging will be attended.
If I have helped you, consider making a donation to help me continue the fight against Malware!
If I have helped you, consider making a donation to help me continue the fight against Malware!
Back to top
#17
- Member
-
- Group: Members
- Posts: 26
- Joined: 10-February 12
Posted 13 February 2012 - 01:54 PM
Yes, I can see all files there, I think something has corrupted my hard drive in windows.
#18
- Member
-
- Group: Members
- Posts: 26
- Joined: 10-February 12
Posted 13 February 2012 - 02:22 PM
I can boot to windows but cannot get online,a s soon as I try to execute anything, error windows pop up and wants me to scan and fix the hard drive.
Can I download the program to the clean pc and use my zip drive to install it on the infected one?
Can I download the program to the clean pc and use my zip drive to install it on the infected one?
#19
- Member
-
- Group: Members
- Posts: 26
- Joined: 10-February 12
Posted 13 February 2012 - 03:29 PM
So, because I can not go online on the infected pc, I thought maybe I'd try another repair install of windows as the first time it was interrupted.........I get to the point of "registering componants" and get an error msg.: ngen.exe it will not go away even when clicking "ok" in the error msg. The install hangs there now for almost 20 mins.any idea if this may be what is causing the non-communication with windows and my c/ drive?
#20
- Master Surgeon General
-
- Group: Malware Response Team
- Posts: 5,956
- Joined: 04-March 06
- Gender:Male
- Location:Puerto Rico
Posted 13 February 2012 - 03:52 PM
Are you attempting a repair install with an Install CD other than SP3? See post 9. follow the instructions to Run bash rst.sh and post its report. No need to run dumpit.
This post has been edited by JSntgRvr: 13 February 2012 - 03:53 PM
No request for help throughout private messaging will be attended.
If I have helped you, consider making a donation to help me continue the fight against Malware!
If I have helped you, consider making a donation to help me continue the fight against Malware!
#21
- Master Surgeon General
-
- Group: Malware Response Team
- Posts: 5,956
- Joined: 04-March 06
- Gender:Male
- Location:Puerto Rico
Posted 13 February 2012 - 03:55 PM
Pressing Ctrl+Alt+Delete, would the task manager work?
No request for help throughout private messaging will be attended.
If I have helped you, consider making a donation to help me continue the fight against Malware!
If I have helped you, consider making a donation to help me continue the fight against Malware!
#22
- Member
-
- Group: Members
- Posts: 26
- Joined: 10-February 12
Posted 13 February 2012 - 05:28 PM
Here is all that was in the enum log:
30.8M Feb 13 2012 /mnt/sda2/WINDOWS/system32/config/software
5.0M Feb 13 2012 /mnt/sda2/WINDOWS/system32/config/system
30.7M Feb 13 2012 /sda2/~/RP1/~SOFTWARE
4.7M Feb 13 2012 /sda2/~/RP1/~SYSTEM
I am repair installing with the disc that came with my pc (windows xp media center, it was sp2 when new, I had upgraded to sp3 about 2 years ago)..........I think I have a virus in the hard drive when running windows... When I boot and go to my user account, 14 errors pop up, it directs me to scan problems with System check, and then tries to "repair" them, it repairs 7 of the 14 issues and then says I need to purchase the Full version to complete repairs. I have never seen this on my computer prior to the crash.
30.8M Feb 13 2012 /mnt/sda2/WINDOWS/system32/config/software
5.0M Feb 13 2012 /mnt/sda2/WINDOWS/system32/config/system
30.7M Feb 13 2012 /sda2/~/RP1/~SOFTWARE
4.7M Feb 13 2012 /sda2/~/RP1/~SYSTEM
I am repair installing with the disc that came with my pc (windows xp media center, it was sp2 when new, I had upgraded to sp3 about 2 years ago)..........I think I have a virus in the hard drive when running windows... When I boot and go to my user account, 14 errors pop up, it directs me to scan problems with System check, and then tries to "repair" them, it repairs 7 of the 14 issues and then says I need to purchase the Full version to complete repairs. I have never seen this on my computer prior to the crash.
#23
- Member
-
- Group: Members
- Posts: 26
- Joined: 10-February 12
Posted 13 February 2012 - 05:30 PM
JSntgRvr, on 13 February 2012 - 03:55 PM, said:
Pressing Ctrl+Alt+Delete, would the task manager work?
When it was hung during the repair install, no.
I ended up doing a re-start after 1.5 hours of waiting,booted to windows and had the same cascading errors on my user screen. I tried to pull up task manager then and it would not initiate.
#24
- Member
-
- Group: Members
- Posts: 26
- Joined: 10-February 12
Posted 13 February 2012 - 05:51 PM
Ok, I did some searching and I definately have a "system check" virus but I cannot access task manager or anything so i don't know how to remove or stop it from running.
#25
- Master Surgeon General
-
- Group: Malware Response Team
- Posts: 5,956
- Joined: 04-March 06
- Gender:Male
- Location:Puerto Rico
Posted 13 February 2012 - 09:24 PM
Compare that report with Post #12. I believe the Repair install erased various components of the Operating System.
I would suggest you post in the XP forum with a small explanation of what is happening. Perhaps you are using the wrong Windows version for the Repair and the file is hanging on, is not compatible with that version. The ngen.exe is not a bad file. It is part of Microsoft.NET Framework.
I am sure someone in the XP forum may be able to help you. The CD version you are using for the repair should be SP3.
I would suggest you post in the XP forum with a small explanation of what is happening. Perhaps you are using the wrong Windows version for the Repair and the file is hanging on, is not compatible with that version. The ngen.exe is not a bad file. It is part of Microsoft.NET Framework.
I am sure someone in the XP forum may be able to help you. The CD version you are using for the repair should be SP3.
No request for help throughout private messaging will be attended.
If I have helped you, consider making a donation to help me continue the fight against Malware!
If I have helped you, consider making a donation to help me continue the fight against Malware!
#26
- Member
-
- Group: Members
- Posts: 26
- Joined: 10-February 12
Posted 14 February 2012 - 12:03 AM
I have a virus called system check, it will not let me access any of my files and won't even show icons on my screen for any programs. If I boot with xPUD I can see all my files are there, but in windows it shows nothing and the virus will not allow me to open task manager.
#27
- Member
-
- Group: Members
- Posts: 26
- Joined: 10-February 12
Posted 14 February 2012 - 08:27 PM
So I downloaded rkill and malwarebytes to my zip drive and ran rkill on the sick pc, below is the report from rkill. I also have a report from malware but it was prior to running rkill so I don't know if it is accurate.
rkill:
rk-proxy.reg (193bytes)
Number of downloads: 1
mbam log
mbam-log-2012-02-14 (15-20-48).txt (11.32K)
Number of downloads: 2
rkill:
rk-proxy.reg (193bytes)
Number of downloads: 1
mbam log
mbam-log-2012-02-14 (15-20-48).txt (11.32K)
Number of downloads: 2
#28
- Master Surgeon General
-
- Group: Malware Response Team
- Posts: 5,956
- Joined: 04-March 06
- Gender:Male
- Location:Puerto Rico
Posted 15 February 2012 - 12:06 AM
See post 16. Rather than Malwarebytes Antimalware, run OTL using the same method.
No request for help throughout private messaging will be attended.
If I have helped you, consider making a donation to help me continue the fight against Malware!
If I have helped you, consider making a donation to help me continue the fight against Malware!
#29
- Member
-
- Group: Members
- Posts: 26
- Joined: 10-February 12
Posted 15 February 2012 - 02:28 AM
OTL scan results
OTL logfile created on: 2/15/2012 12:09:41 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = G:\
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1021.84 Mb Total Physical Memory | 366.18 Mb Available Physical Memory | 35.84% Memory free
2.40 Gb Paging File | 1.82 Gb Available in Paging File | 75.96% Paging File free
Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.13 Gb Total Space | 9.14 Gb Free Space | 4.00% Space Free | Partition Type: NTFS
Drive F: | 931.51 Gb Total Space | 839.03 Gb Free Space | 90.07% Space Free | Partition Type: NTFS
Drive G: | 485.73 Mb Total Space | 367.67 Mb Free Space | 75.70% Space Free | Partition Type: FAT
Drive H: | 465.76 Gb Total Space | 230.51 Gb Free Space | 49.49% Space Free | Partition Type: NTFS
Drive I: | 930.85 Gb Total Space | 256.95 Gb Free Space | 27.60% Space Free | Partition Type: NTFS
Drive J: | 644.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: CHRIS-366D8D1CA | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/02/15 00:03:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- G:\OTL.exe
PRC - [2012/02/09 19:37:22 | 000,283,136 | -H-- | M] () -- C:\Program Files\Internet Explorer\73F.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | -H-- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | -H-- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/27 05:06:44 | 000,267,488 | -H-- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2010/12/01 14:49:56 | 001,589,208 | -H-- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsGui.exe
PRC - [2010/11/19 06:57:14 | 001,150,936 | -H-- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsSvc.exe
PRC - [2010/11/17 21:29:22 | 000,075,048 | -H-- | M] (cyberlink) -- C:\Program Files\CyberLink\Shared files\brs.exe
PRC - [2010/03/15 14:02:36 | 000,366,840 | -H-- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsAuxs.exe
PRC - [2010/02/03 00:08:56 | 000,087,336 | -H-- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2009/03/08 04:31:54 | 000,013,312 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msfeedssync.exe
PRC - [2007/10/30 22:37:22 | 001,654,784 | -H-- | M] (Belkin) -- C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe
PRC - [2006/03/20 16:00:04 | 000,282,624 | -H-- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2004/08/10 05:00:00 | 001,032,192 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2012/02/09 19:37:22 | 000,283,136 | -H-- | M] () -- C:\Program Files\Internet Explorer\73F.exe
MOD - [2012/02/09 15:14:21 | 003,340,064 | -H-- | M] () -- c:\Program Files\Common Files\Akamai\netsession_win_7de0ed9.dll
MOD - [2011/07/27 05:06:44 | 000,267,488 | -H-- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
MOD - [2011/06/24 21:56:36 | 000,087,328 | -H-- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | -H-- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/08/30 16:05:52 | 000,157,656 | -H-- | M] () -- C:\Program Files\PC Tools Security\NetworkLayer\PCTCFHook.dll
MOD - [2010/08/10 17:59:26 | 001,263,576 | -H-- | M] () -- C:\Program Files\PC Tools Security\UserModeFileCache.dll
MOD - [2010/08/10 17:58:38 | 000,091,608 | -H-- | M] () -- C:\Program Files\PC Tools Security\avengine\sdkBSCtrl.dll
MOD - [2009/01/10 16:15:44 | 000,159,744 | -H-- | M] () -- C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll
MOD - [2009/01/10 16:14:06 | 000,023,552 | -H-- | M] () -- C:\Program Files\Haali\MatroskaSplitter\mkunicode.dll
MOD - [2007/11/26 11:45:34 | 000,188,416 | -H-- | M] () -- C:\Program Files\Belkin\F5D7050v3\BelkinwcuiDLL.dll
MOD - [2006/02/24 10:40:56 | 000,061,440 | -H-- | M] () -- C:\Program Files\Belkin\F5D7050v3\BelkinHWStatus.dll
MOD - [2004/08/10 05:00:00 | 001,287,680 | -H-- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2004/08/10 05:00:00 | 000,268,288 | -H-- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2004/08/10 05:00:00 | 000,059,904 | -H-- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2004/08/10 05:00:00 | 000,014,336 | -H-- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Win32 Services (SafeList) ==========
SRV - [2012/02/09 15:14:21 | 003,340,064 | -H-- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_7de0ed9.dll -- (Akamai)
SRV - [2012/01/13 14:53:18 | 000,652,360 | -H-- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/07/27 05:06:44 | 000,267,488 | -H-- | M] () [Auto | Running] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2010/11/19 06:57:14 | 001,150,936 | -H-- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/15 14:02:36 | 000,366,840 | -H-- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/01/15 06:49:20 | 000,227,232 | -H-- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
========== Driver Services (All) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ViaIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ultra)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (TosIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc8xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc810)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_u3)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_hi)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Sparrow)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Simbad)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1280)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1240)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql12160)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Ql10wnt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1080)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2hib)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (PCIIde)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (mraid35x)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (IntelIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ini910u)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (i2omp)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (hpn)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (dpti2o)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (dac960nt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Cpqarray)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (CmdIde)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (cd20xrnt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Atdisk)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3550)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3350p)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (amsint)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (AliIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78u2)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Aha154x)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (adpu160m)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (abp480n5)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Abiosdsk)
DRV - [2011/12/10 15:24:06 | 000,020,464 | -H-- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/05/10 07:06:08 | 000,042,496 | -H-- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2011/02/19 15:36:44 | 000,020,747 | -H-- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2010/11/25 10:43:00 | 000,239,168 | -H-- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/11/17 21:29:20 | 000,087,536 | -H-- | M] (CyberLink Corp.) [2011/02/24 01:49:19] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2010/07/16 14:59:54 | 000,338,880 | -H-- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pctDS.sys -- (pctDS)
DRV - [2009/08/26 22:41:08 | 000,049,920 | -H-- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2009/08/26 22:41:04 | 000,016,496 | -H-- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2009/08/26 22:40:06 | 000,021,568 | -H-- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2009/05/18 13:17:00 | 000,026,600 | -H-- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2008/04/13 10:36:05 | 000,144,384 | -H-- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/10/02 04:06:40 | 000,451,968 | -H-- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2006/09/28 19:00:34 | 000,082,944 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WudfRd.sys -- (WudfRd)
DRV - [2006/09/28 18:55:50 | 000,077,568 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\WudfPf.sys -- (WudfPf)
DRV - [2006/06/16 11:39:00 | 003,581,888 | -H-- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/05/11 10:30:52 | 000,247,808 | -H-- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iastor)
DRV - [2006/03/20 16:06:04 | 001,156,648 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/09/23 23:18:32 | 000,171,520 | -H-- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005/08/03 18:29:54 | 000,018,944 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb)
DRV - [2005/05/12 18:54:10 | 000,020,576 | -H-- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2004/12/13 15:14:00 | 000,039,904 | -H-- | M] (Adaptec, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\cercsr6.sys -- (cercsr6)
DRV - [2004/08/10 05:00:00 | 000,799,744 | -H-- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2004/08/10 05:00:00 | 000,574,592 | -H-- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2004/08/10 05:00:00 | 000,451,456 | -H-- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2004/08/10 05:00:00 | 000,359,040 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2004/08/10 05:00:00 | 000,336,256 | -H-- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2004/08/10 05:00:00 | 000,263,040 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2004/08/10 05:00:00 | 000,209,408 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2004/08/10 05:00:00 | 000,187,776 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ACPI.sys -- (ACPI)
DRV - [2004/08/10 05:00:00 | 000,182,912 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2004/08/10 05:00:00 | 000,181,248 | -H-- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2004/08/10 05:00:00 | 000,176,512 | -H-- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2004/08/10 05:00:00 | 000,171,776 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2004/08/10 05:00:00 | 000,162,816 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2004/08/10 05:00:00 | 000,153,344 | -H-- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dmio.sys -- (dmio)
DRV - [2004/08/10 05:00:00 | 000,143,360 | -H-- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2004/08/10 05:00:00 | 000,142,464 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2004/08/10 05:00:00 | 000,139,400 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2004/08/10 05:00:00 | 000,138,496 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2004/08/10 05:00:00 | 000,134,912 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2004/08/10 05:00:00 | 000,125,056 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ftdisk.sys -- (Ftdisk)
DRV - [2004/08/10 05:00:00 | 000,124,800 | -H-- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2004/08/10 05:00:00 | 000,119,936 | -H-- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2004/08/10 05:00:00 | 000,107,904 | -H-- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2004/08/10 05:00:00 | 000,095,360 | -H-- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\atapi.sys -- (atapi)
DRV - [2004/08/10 05:00:00 | 000,092,032 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2004/08/10 05:00:00 | 000,091,776 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2004/08/10 05:00:00 | 000,082,944 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2004/08/10 05:00:00 | 000,080,128 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\parport.sys -- (Parport)
DRV - [2004/08/10 05:00:00 | 000,074,752 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2004/08/10 05:00:00 | 000,073,472 | -H-- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sr.sys -- (sr)
DRV - [2004/08/10 05:00:00 | 000,069,120 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2004/08/10 05:00:00 | 000,068,224 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pci.sys -- (PCI)
DRV - [2004/08/10 05:00:00 | 000,066,176 | -H-- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2004/08/10 05:00:00 | 000,064,896 | -H-- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\serial.sys -- (Serial)
DRV - [2004/08/10 05:00:00 | 000,063,744 | -H-- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2004/08/10 05:00:00 | 000,061,824 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nic1394.sys -- (NIC1394)
DRV - [2004/08/10 05:00:00 | 000,061,056 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ohci1394.sys -- (ohci1394)
DRV - [2004/08/10 05:00:00 | 000,060,800 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2004/08/10 05:00:00 | 000,060,800 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\arp1394.sys -- (Arp1394)
DRV - [2004/08/10 05:00:00 | 000,059,904 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2004/08/10 05:00:00 | 000,057,600 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2004/08/10 05:00:00 | 000,054,272 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2004/08/10 05:00:00 | 000,052,352 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2004/08/10 05:00:00 | 000,051,328 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2004/08/10 05:00:00 | 000,049,536 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2004/08/10 05:00:00 | 000,048,384 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2004/08/10 05:00:00 | 000,043,136 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sbp2port.sys -- (sbp2port)
DRV - [2004/08/10 05:00:00 | 000,042,240 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2004/08/10 05:00:00 | 000,041,856 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2004/08/10 05:00:00 | 000,041,472 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2004/08/10 05:00:00 | 000,038,016 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2004/08/10 05:00:00 | 000,036,352 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\disk.sys -- (Disk)
DRV - [2004/08/10 05:00:00 | 000,036,096 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)
DRV - [2004/08/10 05:00:00 | 000,035,840 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\isapnp.sys -- (isapnp)
DRV - [2004/08/10 05:00:00 | 000,035,072 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2004/08/10 05:00:00 | 000,034,944 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2004/08/10 05:00:00 | 000,034,560 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2004/08/10 05:00:00 | 000,034,560 | -H-- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2004/08/10 05:00:00 | 000,032,896 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2004/08/10 05:00:00 | 000,032,512 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2004/08/10 05:00:00 | 000,031,616 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2004/08/10 05:00:00 | 000,030,848 | -H-- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2004/08/10 05:00:00 | 000,030,080 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2004/08/10 05:00:00 | 000,029,056 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - [2004/08/10 05:00:00 | 000,027,440 | -H-- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2004/08/10 05:00:00 | 000,027,392 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\fdc.sys -- (Fdc)
DRV - [2004/08/10 05:00:00 | 000,026,624 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2004/08/10 05:00:00 | 000,026,496 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbstor.sys -- (USBSTOR)
DRV - [2004/08/10 05:00:00 | 000,024,576 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2004/08/10 05:00:00 | 000,023,040 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2004/08/10 05:00:00 | 000,021,896 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2004/08/10 05:00:00 | 000,020,992 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2004/08/10 05:00:00 | 000,020,992 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2004/08/10 05:00:00 | 000,020,480 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2004/08/10 05:00:00 | 000,020,480 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2004/08/10 05:00:00 | 000,019,072 | -H-- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2004/08/10 05:00:00 | 000,018,688 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2004/08/10 05:00:00 | 000,018,688 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2004/08/10 05:00:00 | 000,017,792 | -H-- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/10 05:00:00 | 000,016,512 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2004/08/10 05:00:00 | 000,015,488 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2004/08/10 05:00:00 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\streamip.sys -- (streamip)
DRV - [2004/08/10 05:00:00 | 000,014,848 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2004/08/10 05:00:00 | 000,014,336 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2004/08/10 05:00:00 | 000,013,952 | -H-- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2004/08/10 05:00:00 | 000,012,928 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2004/08/10 05:00:00 | 000,012,416 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2004/08/10 05:00:00 | 000,012,160 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2004/08/10 05:00:00 | 000,012,040 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2004/08/10 05:00:00 | 000,012,032 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ws2ifsl.sys -- (WS2IFSL)
DRV - [2004/08/10 05:00:00 | 000,011,648 | -H-- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2004/08/10 05:00:00 | 000,011,392 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2004/08/10 05:00:00 | 000,011,264 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2004/08/10 05:00:00 | 000,011,136 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slip.sys -- (SLIP)
DRV - [2004/08/10 05:00:00 | 000,010,880 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ndisip.sys -- (NdisIP)
DRV - [2004/08/10 05:00:00 | 000,009,600 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2004/08/10 05:00:00 | 000,009,600 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (hidusb)
DRV - [2004/08/10 05:00:00 | 000,008,832 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2004/08/10 05:00:00 | 000,007,552 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2004/08/10 05:00:00 | 000,006,784 | -H-- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2004/08/10 05:00:00 | 000,005,888 | -H-- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dmload.sys -- (dmload)
DRV - [2004/08/10 05:00:00 | 000,005,376 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2004/08/10 05:00:00 | 000,004,992 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM)
DRV - [2004/08/10 05:00:00 | 000,004,352 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2004/08/10 05:00:00 | 000,004,224 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2004/08/10 05:00:00 | 000,004,224 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2004/08/10 05:00:00 | 000,004,224 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2004/08/10 05:00:00 | 000,002,944 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2004/08/10 05:00:00 | 000,002,944 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2004/08/10 03:45:04 | 000,011,008 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mhndrv.sys -- (MHNDRV)
DRV - [2004/08/04 01:01:08 | 000,040,840 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2004/08/03 23:10:30 | 000,085,376 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nabtsfec.sys -- (NABTSFEC)
DRV - [2004/08/03 23:10:22 | 000,019,328 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wstcodec.sys -- (WSTCODEC)
DRV - [2004/08/03 23:10:18 | 000,017,024 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdecode.sys -- (CCDECODE)
DRV - [2004/08/03 23:10:12 | 000,048,128 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2004/08/03 23:10:12 | 000,038,912 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2004/08/03 23:10:00 | 000,051,328 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2004/08/03 23:07:56 | 000,059,264 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2004/08/03 23:07:48 | 000,006,400 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2004/08/03 23:07:40 | 000,052,864 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic)
DRV - [2004/08/03 23:01:26 | 000,025,856 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2004/08/03 23:01:16 | 000,196,864 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2004/08/03 22:59:38 | 000,057,472 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2004/08/03 22:58:46 | 000,015,104 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2004/08/03 22:58:40 | 000,005,504 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mstee.sys -- (MSTEE)
DRV - [2001/08/17 07:59:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox.com/help/sa_customize.aspx?tbid=80291
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.mg5.mail.yahoo.com/neo/launch?.rand=b48mpu5qati8a
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://us.mg5.mail.yahoo.com/neo/launch?.rand=1lnrt848vpj7u
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:64848
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2011/02/20 00:11:19 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011/02/21 03:16:47 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\siteranker@siteranker.com: C:\Program Files\SiteRanker\firefox\
O1 HOSTS File: ([2004/08/10 05:00:00 | 000,000,734 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\PROGRA~1\SITERA~1\SiteRank.dll File not found
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll File not found
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (ShopAtHomeIEHelper Class) - {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll File not found
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O3 - HKLM\..\Toolbar: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll File not found
O4 - HKLM..\Run: [2FB.exe] C:\Program Files\LP\D975\2FB.exe ()
O4 - HKLM..\Run: [73F.exe] C:\Program Files\Internet Explorer\73F.exe ()
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [DVDUpgrade] C:\WINDOWS\System32\dvdupgrd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [F5D7050v3] C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe (Belkin)
O4 - HKLM..\Run: [IFEvuifXpHuouiv.exe] C:\Documents and Settings\All Users\Application Data\IFEvuifXpHuouiv.exe (Mioft)
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SelectRebates] C:\Program Files\SelectRebates\SelectRebates.exe File not found
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SiteRanker] "C:\Program Files\SiteRanker\SiteRankTray.exe" File not found
O4 - HKLM..\Run: [StartNowToolbarHelper] "C:\Program Files\StartNow Toolbar\ToolbarHelper.exe" File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Documents and Settings\Chris\Local Settings\Application Data\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/images/global/js/scanner/SysProExe.cab (Scanner.SysScanner)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1298162705062 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 216.165.129.158
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) -C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) -C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Chris\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Chris\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) -C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) -C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) -C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) -C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) -C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/02/03 16:34:11 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/01/16 00:23:52 | 000,000,095 | -H-- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/06/18 15:12:18 | 000,000,088 | R--- | M] () - J:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sprestrt)
O34 - HKLM BootExecute: (sprestrt)
O34 - HKLM BootExecute: (sprestrt)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/02/14 19:13:50 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Chris\Recent
[2012/02/13 23:56:50 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Chris\Application Data\Malwarebytes
[2012/02/13 23:56:39 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/02/13 23:56:39 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/02/13 23:56:38 | 000,020,464 | -H-- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/02/13 23:56:38 | 000,000,000 | -H-D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/02/13 23:33:07 | 000,656,320 | -H-- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctEFA.sys
[2012/02/13 23:33:07 | 000,338,880 | -H-- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctDS.sys
[2012/02/13 23:33:07 | 000,249,616 | -H-- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2012/02/13 23:33:03 | 000,239,168 | -H-- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2012/02/13 23:33:03 | 000,160,448 | -H-- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2012/02/13 23:33:02 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PC Tools Security
[2012/02/13 23:33:00 | 000,070,536 | -H-- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2012/02/13 23:32:54 | 000,000,000 | -H-D | C] -- C:\Program Files\PC Tools Security
[2012/02/13 23:32:54 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\PC Tools
[2012/02/13 23:32:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2012/02/13 20:10:48 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2012/02/13 15:52:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Prefetch
[2012/02/13 14:31:27 | 000,069,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresko.dll
[2012/02/13 14:31:26 | 000,073,728 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresja.dll
[2012/02/13 14:31:26 | 000,069,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresfr.dll
[2012/02/13 14:31:25 | 000,069,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresde.dll
[2012/02/13 14:31:22 | 000,061,440 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehreschs.dll
[2012/02/13 14:31:04 | 000,221,184 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2012/02/13 14:31:00 | 000,156,672 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2012/02/13 14:30:59 | 000,156,672 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2012/02/13 14:30:59 | 000,156,672 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2012/02/13 14:30:58 | 000,079,360 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2012/02/13 14:30:58 | 000,069,120 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2012/02/13 14:30:58 | 000,065,536 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2012/02/13 14:30:56 | 000,041,600 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2012/02/13 14:30:56 | 000,031,232 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2012/02/13 14:30:55 | 000,076,800 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2012/02/13 14:30:55 | 000,053,248 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2012/02/13 14:30:55 | 000,009,216 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2012/02/13 14:30:54 | 000,363,520 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2012/02/13 14:30:54 | 000,073,728 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2012/02/13 14:30:54 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2012/02/13 14:30:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2012/02/13 14:30:53 | 000,426,041 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2012/02/13 14:30:53 | 000,086,073 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2012/02/13 14:30:53 | 000,048,256 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2012/02/13 14:30:49 | 000,103,424 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2012/02/13 14:30:49 | 000,076,288 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2012/02/13 14:30:49 | 000,065,024 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2012/02/13 14:30:48 | 000,014,336 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2012/02/13 14:30:47 | 000,031,232 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2012/02/13 14:30:46 | 000,571,392 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2012/02/13 14:30:46 | 000,455,168 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2012/02/13 14:30:46 | 000,185,344 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2012/02/13 14:30:46 | 000,044,032 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2012/02/13 14:30:46 | 000,010,240 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2012/02/13 14:30:45 | 000,021,896 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2012/02/13 14:30:45 | 000,019,464 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2012/02/13 14:30:45 | 000,013,192 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2012/02/13 14:30:43 | 000,046,592 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2012/02/13 14:30:42 | 000,016,896 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2012/02/13 14:30:41 | 000,046,592 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2012/02/13 14:30:41 | 000,045,056 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2012/02/13 14:30:40 | 000,101,376 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2012/02/13 14:30:38 | 000,143,422 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2012/02/13 14:30:38 | 000,040,448 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2012/02/13 14:30:38 | 000,008,704 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2012/02/13 14:30:38 | 000,007,168 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2012/02/13 14:30:37 | 000,456,704 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2012/02/13 14:30:37 | 000,358,400 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2012/02/13 14:30:37 | 000,259,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2012/02/13 14:30:37 | 000,188,416 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2012/02/13 14:30:37 | 000,032,768 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2012/02/13 14:30:37 | 000,010,240 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2012/02/13 14:30:37 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2012/02/13 14:30:36 | 000,236,544 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2012/02/13 14:30:36 | 000,031,744 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2012/02/13 14:30:36 | 000,015,872 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2012/02/13 14:30:36 | 000,012,288 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2012/02/13 14:30:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2012/02/13 14:30:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2012/02/13 14:30:35 | 000,038,912 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2012/02/13 14:30:35 | 000,031,744 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2012/02/13 14:30:35 | 000,030,208 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2012/02/13 14:30:35 | 000,029,184 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2012/02/13 14:30:35 | 000,026,624 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2012/02/13 14:30:35 | 000,026,624 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2012/02/13 14:30:35 | 000,026,112 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2012/02/13 14:30:35 | 000,026,112 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2012/02/13 14:30:35 | 000,026,112 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2012/02/13 14:30:35 | 000,026,112 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2012/02/13 14:30:34 | 000,030,208 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2012/02/13 14:30:34 | 000,025,088 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2012/02/13 14:30:34 | 000,018,944 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2012/02/13 14:30:29 | 000,026,112 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2012/02/13 14:30:28 | 000,057,856 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2012/02/13 14:30:27 | 000,079,872 | -H-- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012/02/13 14:30:26 | 000,079,872 | -H-- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012/02/13 14:30:26 | 000,026,624 | -H-- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2012/02/13 14:30:26 | 000,024,576 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2012/02/13 14:30:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2012/02/13 14:30:24 | 000,026,112 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2012/02/13 14:30:23 | 000,023,040 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2012/02/13 14:30:23 | 000,014,848 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2012/02/13 14:30:21 | 000,077,824 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2012/02/13 14:30:21 | 000,020,736 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2012/02/13 14:30:21 | 000,016,384 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2012/02/13 14:30:20 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2012/02/13 14:30:19 | 000,007,680 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2012/02/13 14:30:17 | 000,131,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2012/02/13 14:30:17 | 000,070,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2012/02/13 14:30:17 | 000,068,608 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\plugin.ocx
[2012/02/13 14:30:17 | 000,067,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2012/02/13 14:30:17 | 000,011,264 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2012/02/13 14:30:17 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2012/02/13 14:30:16 | 000,482,304 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2012/02/13 14:30:16 | 000,079,360 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2012/02/13 14:30:16 | 000,053,760 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2012/02/13 14:30:16 | 000,020,992 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2012/02/13 14:30:14 | 000,036,927 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2012/02/13 14:30:14 | 000,031,744 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2012/02/13 14:30:14 | 000,015,872 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2012/02/13 14:30:14 | 000,015,360 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2012/02/13 14:30:14 | 000,014,336 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2012/02/13 14:30:09 | 000,226,816 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2012/02/13 14:30:09 | 000,044,544 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2012/02/13 14:30:09 | 000,038,912 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2012/02/13 14:30:07 | 000,053,248 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2012/02/13 14:30:04 | 000,229,439 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2012/02/13 14:30:04 | 000,111,104 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2012/02/13 14:29:58 | 001,875,968 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2012/02/13 14:29:58 | 000,098,304 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2012/02/13 14:29:48 | 000,007,680 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2012/02/13 14:29:47 | 000,092,416 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2012/02/13 14:29:47 | 000,092,032 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2012/02/13 14:29:47 | 000,085,504 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2012/02/13 14:29:47 | 000,037,888 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2012/02/13 14:29:47 | 000,026,624 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2012/02/13 14:29:46 | 000,065,536 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2012/02/13 14:29:45 | 000,022,528 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2012/02/13 14:29:45 | 000,018,944 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2012/02/13 14:29:45 | 000,013,312 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2012/02/13 14:29:44 | 000,022,016 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2012/02/13 14:29:43 | 000,033,792 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2012/02/13 14:29:42 | 000,070,656 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2012/02/13 14:29:42 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2012/02/13 14:29:41 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2012/02/13 14:29:41 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2012/02/13 14:29:41 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2012/02/13 14:29:41 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2012/02/13 14:29:41 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2012/02/13 14:29:41 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2012/02/13 14:29:41 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2012/02/13 14:29:40 | 000,007,680 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2012/02/13 14:29:40 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2012/02/13 14:29:39 | 000,009,216 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2012/02/13 14:29:39 | 000,007,168 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2012/02/13 14:29:39 | 000,006,656 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2012/02/13 14:29:39 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2012/02/13 14:29:39 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2012/02/13 14:29:39 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2012/02/13 14:29:38 | 000,007,168 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2012/02/13 14:29:38 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2012/02/13 14:29:38 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2012/02/13 14:29:38 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2012/02/13 14:29:38 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2012/02/13 14:29:38 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2012/02/13 14:29:38 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2012/02/13 14:29:38 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2012/02/13 14:29:37 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2012/02/13 14:29:37 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2012/02/13 14:29:37 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2012/02/13 14:29:37 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2012/02/13 14:29:36 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2012/02/13 14:29:36 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2012/02/13 14:29:36 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2012/02/13 14:29:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2012/02/13 14:29:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2012/02/13 14:29:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2012/02/13 14:29:36 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2012/02/13 14:29:36 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2012/02/13 14:29:35 | 000,026,624 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2012/02/13 14:29:35 | 000,018,432 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2012/02/13 14:29:35 | 000,009,216 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2012/02/13 14:29:35 | 000,007,168 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2012/02/13 14:29:35 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2012/02/13 14:29:33 | 000,035,328 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2012/02/13 14:29:32 | 000,315,452 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2012/02/13 14:29:32 | 000,257,024 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2012/02/13 14:29:32 | 000,015,872 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2012/02/13 14:29:32 | 000,008,704 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2012/02/13 14:29:31 | 000,471,102 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2012/02/13 14:29:31 | 000,274,489 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2012/02/13 14:29:31 | 000,262,200 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2012/02/13 14:29:31 | 000,233,527 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2012/02/13 14:29:31 | 000,208,952 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2012/02/13 14:29:31 | 000,102,456 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2012/02/13 14:29:31 | 000,059,904 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2012/02/13 14:29:31 | 000,045,109 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2012/02/13 14:29:30 | 000,811,064 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2012/02/13 14:29:30 | 000,716,856 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2012/02/13 14:29:30 | 000,368,696 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2012/02/13 14:29:30 | 000,340,023 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2012/02/13 14:29:30 | 000,311,359 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2012/02/13 14:29:30 | 000,307,257 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2012/02/13 14:29:30 | 000,155,705 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2012/02/13 14:29:30 | 000,081,976 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2012/02/13 14:29:30 | 000,057,398 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2012/02/13 14:29:29 | 000,106,496 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2012/02/13 14:29:29 | 000,102,463 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2012/02/13 14:29:29 | 000,094,720 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2012/02/13 14:29:29 | 000,086,016 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2012/02/13 14:29:29 | 000,079,872 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2012/02/13 14:29:29 | 000,044,032 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2012/02/13 14:29:29 | 000,006,656 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2012/02/13 14:29:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2012/02/13 14:29:28 | 000,145,408 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2012/02/13 14:29:28 | 000,060,928 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2012/02/13 14:29:28 | 000,025,088 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2012/02/13 14:29:28 | 000,019,456 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2012/02/13 14:29:28 | 000,007,168 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2012/02/13 14:29:25 | 010,129,408 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2012/02/13 14:29:22 | 010,096,640 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2012/02/13 14:29:22 | 000,268,288 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2012/02/13 14:29:22 | 000,061,440 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2012/02/13 14:29:22 | 000,008,192 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2012/02/13 14:29:21 | 000,039,936 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2012/02/13 14:29:20 | 000,036,864 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2012/02/13 14:29:19 | 000,032,256 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2012/02/13 14:29:18 | 000,562,176 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2012/02/13 14:29:18 | 000,400,384 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2012/02/13 14:29:18 | 000,397,312 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2012/02/13 14:29:18 | 000,267,776 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2012/02/13 14:29:18 | 000,246,272 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2012/02/13 14:29:18 | 000,192,512 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2012/02/13 14:29:18 | 000,154,112 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2012/02/13 14:29:17 | 000,285,184 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2012/02/13 14:29:17 | 000,229,376 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2012/02/13 14:29:17 | 000,055,296 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2012/02/13 14:29:17 | 000,031,744 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2012/02/13 14:29:17 | 000,027,136 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2012/02/13 14:29:17 | 000,023,552 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2012/02/13 14:29:17 | 000,023,552 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2012/02/13 14:29:17 | 000,011,264 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2012/02/13 14:29:17 | 000,008,704 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2012/02/13 14:29:17 | 000,006,656 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2012/02/13 14:29:16 | 000,452,096 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2012/02/13 14:29:16 | 000,143,360 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2012/02/13 14:29:16 | 000,132,608 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2012/02/13 14:29:16 | 000,125,952 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2012/02/13 14:29:16 | 000,111,104 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2012/02/13 14:29:16 | 000,072,192 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2012/02/13 14:29:16 | 000,007,680 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2012/02/13 14:29:16 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2012/02/13 14:29:15 | 000,024,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2012/02/13 14:29:15 | 000,020,541 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2012/02/13 14:29:15 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2012/02/13 14:29:14 | 000,014,848 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2012/02/13 14:29:13 | 000,092,160 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2012/02/13 14:29:13 | 000,043,520 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2012/02/13 14:29:13 | 000,024,064 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2012/02/13 14:29:13 | 000,014,336 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2012/02/13 14:29:13 | 000,007,168 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2012/02/13 14:29:12 | 000,101,888 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2012/02/13 14:29:12 | 000,057,856 | -H-- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2012/02/13 14:29:12 | 000,045,056 | -H-- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2012/02/13 14:29:12 | 000,031,744 | -H-- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2012/02/13 14:29:12 | 000,025,856 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2012/02/13 14:29:04 | 000,078,848 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2012/02/13 14:29:04 | 000,042,496 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2012/02/13 14:29:02 | 000,057,399 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2012/02/13 14:29:02 | 000,020,480 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2012/02/13 14:29:02 | 000,018,944 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2012/02/13 14:29:01 | 000,056,320 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2012/02/13 14:29:01 | 000,033,792 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2012/02/13 14:29:00 | 000,024,064 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2012/02/13 14:28:58 | 000,838,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2012/02/13 14:28:58 | 000,480,256 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2012/02/13 14:28:58 | 000,198,656 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2012/02/13 14:28:58 | 000,097,792 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2012/02/13 14:28:58 | 000,056,320 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2012/02/13 14:28:58 | 000,021,504 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2012/02/13 14:28:57 | 001,677,824 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2012/02/13 14:28:57 | 000,078,336 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2012/02/13 14:28:57 | 000,015,872 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2012/02/13 14:28:57 | 000,014,336 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2012/02/13 14:28:57 | 000,013,312 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2012/02/13 14:28:57 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2012/02/13 14:28:56 | 000,054,528 | -H-- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012/02/13 14:28:55 | 000,218,112 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2012/02/13 14:28:55 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2012/02/13 14:28:55 | 000,006,656 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2012/02/13 14:28:47 | 000,045,568 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2012/02/13 14:28:45 | 000,009,216 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2012/02/13 14:28:43 | 000,369,664 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2012/02/13 14:28:43 | 000,331,264 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2012/02/13 14:28:43 | 000,029,184 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2012/02/13 14:28:43 | 000,010,240 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2012/02/13 14:28:42 | 000,108,544 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2012/02/13 14:28:42 | 000,045,056 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2012/02/13 14:28:42 | 000,019,456 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2012/02/13 14:28:41 | 000,019,456 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2012/02/13 14:28:41 | 000,019,456 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2012/02/13 14:28:41 | 000,019,456 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2012/02/13 14:28:41 | 000,019,456 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2012/02/13 14:28:41 | 000,019,456 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2012/02/13 14:28:40 | 000,049,664 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2012/02/13 14:28:40 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2012/02/13 14:28:39 | 000,029,696 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2012/02/13 14:28:39 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2012/02/13 14:28:37 | 000,364,544 | -H-- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2012/02/13 14:28:37 | 000,010,240 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2012/02/13 14:28:34 | 000,032,827 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2012/02/13 14:28:34 | 000,016,384 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2012/02/13 14:28:34 | 000,007,168 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2012/02/13 14:28:33 | 000,020,536 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2012/02/13 14:28:33 | 000,016,437 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2012/02/13 14:28:33 | 000,008,192 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2012/02/13 14:28:28 | 000,076,800 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2012/02/13 14:28:28 | 000,068,608 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2012/02/13 14:28:28 | 000,019,968 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2012/02/13 14:28:28 | 000,013,312 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2012/02/13 14:28:27 | 000,829,440 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2012/02/13 14:28:27 | 000,169,984 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2012/02/13 14:28:27 | 000,133,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2012/02/13 14:28:27 | 000,068,608 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2012/02/13 14:28:27 | 000,064,512 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2012/02/13 14:28:27 | 000,030,720 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2012/02/13 14:28:27 | 000,014,336 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2012/02/13 14:28:27 | 000,007,680 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2012/02/13 14:28:27 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2012/02/13 14:28:26 | 000,598,071 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2012/02/13 14:28:26 | 000,208,896 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2012/02/13 14:28:26 | 000,020,541 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2012/02/13 14:28:26 | 000,020,538 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2012/02/13 14:28:26 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2012/02/13 14:28:25 | 000,876,653 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2012/02/13 14:28:25 | 000,188,494 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2012/02/13 14:28:25 | 000,109,328 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2012/02/13 14:28:25 | 000,049,212 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2012/02/13 14:28:25 | 000,032,826 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2012/02/13 14:28:25 | 000,014,608 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2012/02/13 14:28:24 | 000,184,435 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2012/02/13 14:28:24 | 000,147,513 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2012/02/13 14:28:24 | 000,102,509 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2012/02/13 14:28:24 | 000,082,035 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2012/02/13 14:28:24 | 000,049,210 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2012/02/13 14:28:24 | 000,041,020 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2012/02/13 14:28:23 | 000,188,480 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2012/02/13 14:28:23 | 000,076,288 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2012/02/13 14:28:23 | 000,046,592 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2012/02/13 14:28:22 | 000,275,968 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2012/02/13 14:28:22 | 000,094,720 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2012/02/13 14:28:22 | 000,020,540 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2012/02/13 14:28:22 | 000,016,439 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2012/02/13 14:28:21 | 000,290,816 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2012/02/13 14:28:21 | 000,043,520 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2012/02/13 14:28:21 | 000,016,439 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2012/02/13 14:28:20 | 000,020,540 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2012/02/13 13:47:10 | 000,024,661 | -H-- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2012/02/13 13:47:10 | 000,024,661 | -H-- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2012/02/13 13:47:10 | 000,013,312 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2012/02/13 13:47:10 | 000,013,312 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2012/02/13 13:20:23 | 000,359,936 | -H-- | C] (Mioft) -- C:\Documents and Settings\All Users\Application Data\IjmPGGi0RYN62W.exe
[2012/02/12 17:50:08 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Chris\Start Menu\Programs\System Check
[2012/02/12 17:49:38 | 000,359,936 | -H-- | C] (Mioft) -- C:\Documents and Settings\All Users\Application Data\Vc3pjRJmRIGD8W.exe
[2012/02/12 17:40:55 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Chris\Application Data\54624
[2012/02/12 09:27:18 | 000,016,384 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2012/02/09 19:44:08 | 000,447,488 | -H-- | C] (Mioft) -- C:\Documents and Settings\All Users\Application Data\IFEvuifXpHuouiv.exe
[2012/02/09 19:37:47 | 000,000,000 | -H-D | C] -- C:\Program Files\243BA
[2012/02/09 19:36:58 | 000,000,000 | -H-D | C] -- C:\Program Files\LP
[2012/02/09 19:36:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2012/02/09 19:35:56 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\LocalService\Application Data\Sun
[2012/02/09 19:35:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2012/02/09 04:46:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\eventEvent90
[2012/01/27 18:07:45 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Chris\My Documents\Closed captioning agreement
[2012/01/22 22:39:42 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Chris\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/01/22 22:39:36 | 000,000,000 | -H-D | C] -- C:\Program Files\Adobe Download Assistant
[32 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Chris\My Documents\*.tmp files -> C:\Documents and Settings\Chris\My Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/02/15 00:59:51 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{23C4EF3D-BF16-4663-B0C9-055FF2F18B76}.job
[2012/02/15 00:30:01 | 000,000,884 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/14 19:16:08 | 000,000,193 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\rk-proxy.reg
[2012/02/14 18:21:55 | 000,000,880 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/14 18:21:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/13 15:53:56 | 000,023,392 | -H-- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/02/13 15:53:56 | 000,016,832 | -H-- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/02/13 15:53:53 | 000,316,640 | -H-- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/02/13 15:53:49 | 000,004,161 | -H-- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012/02/13 15:52:26 | 000,261,432 | -H-- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/13 14:35:08 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/13 14:33:31 | 000,000,263 | -H-- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012/02/13 13:54:54 | 000,034,344 | -H-- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/02/13 13:54:02 | 000,000,209 | -HS- | M] () -- C:\boot.ini
[2012/02/13 13:20:35 | 000,000,336 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\IjmPGGi0RYN62W
[2012/02/13 13:20:24 | 000,359,936 | -H-- | M] (Mioft) -- C:\Documents and Settings\All Users\Application Data\IjmPGGi0RYN62W.exe
[2012/02/13 13:20:12 | 000,405,515 | -H-- | M] () -- C:\WINDOWS\setupapi.old
[2012/02/13 12:50:54 | 000,000,853 | -H-- | M] () -- C:\Documents and Settings\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\System Check.lnk
[2012/02/12 17:58:54 | 000,441,764 | -H-- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/12 17:58:54 | 000,071,700 | -H-- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/02/12 17:50:08 | 000,000,835 | -H-- | M] () -- C:\Documents and Settings\Chris\Desktop\System Check.lnk
[2012/02/12 17:49:48 | 000,000,344 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\Vc3pjRJmRIGD8W
[2012/02/12 17:49:38 | 000,359,936 | -H-- | M] (Mioft) -- C:\Documents and Settings\All Users\Application Data\Vc3pjRJmRIGD8W.exe
[2012/02/12 17:46:54 | 000,039,472 | -H-- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/02/12 17:42:03 | 000,000,349 | -H-- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI
[2012/02/12 10:05:14 | 000,004,382 | -H-- | M] () -- C:\WINDOWS\imsins.BAK
[2012/02/09 19:50:09 | 000,001,324 | -H-- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/02/09 19:40:28 | 000,447,488 | -H-- | M] (Mioft) -- C:\Documents and Settings\All Users\Application Data\IFEvuifXpHuouiv.exe
[2012/02/08 18:56:17 | 000,002,483 | -H-- | M] () -- C:\Documents and Settings\Chris\Desktop\Microsoft Word.lnk
[2012/02/06 16:47:05 | 000,930,374 | -H-- | M] () -- C:\Documents and Settings\Chris\My Documents\cliff casey logo.jpg
[2012/02/04 11:18:52 | 000,072,192 | -H-- | M] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/04 09:47:09 | 000,000,284 | -H-- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/01/27 18:07:30 | 003,382,617 | -H-- | M] () -- C:\Documents and Settings\Chris\My Documents\Closed captioning agreement.zip
[2012/01/16 16:55:33 | 005,947,635 | -H-- | M] () -- C:\Documents and Settings\Chris\My Documents\wild TV media kit.zip
[32 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Chris\My Documents\*.tmp files -> C:\Documents and Settings\Chris\My Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2049/12/31 16:00:00 | 000,768,120 | -H-- | C] () -- C:\Documents and Settings\Chris\My Documents\DSCF1668.JPG
[2012/02/14 19:16:08 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\rk-proxy.reg
[2012/02/13 14:30:16 | 000,175,104 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012/02/13 14:29:42 | 001,158,818 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/02/13 14:29:31 | 000,059,392 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012/02/13 14:29:30 | 000,196,665 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2012/02/13 14:29:29 | 000,134,339 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/02/13 14:29:24 | 013,463,552 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012/02/13 14:29:20 | 000,108,827 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/02/13 14:29:15 | 000,094,208 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2012/02/13 14:28:58 | 000,173,568 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012/02/13 14:28:35 | 000,004,639 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2012/02/13 13:51:45 | 000,039,550 | -H-- | C] () -- C:\WINDOWS\System32\nvapps.nvb
[2012/02/13 13:47:06 | 000,141,702 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2012/02/13 13:47:06 | 000,130,715 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2012/02/13 13:47:06 | 000,110,116 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2012/02/13 13:47:06 | 000,077,881 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\plus.cat
[2012/02/13 13:47:06 | 000,037,484 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012/02/13 13:47:06 | 000,024,209 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2012/02/13 13:47:06 | 000,017,916 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\sonic.cat
[2012/02/13 13:47:06 | 000,013,472 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012/02/13 13:47:06 | 000,011,651 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2012/02/13 13:47:06 | 000,008,574 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012/02/13 13:47:06 | 000,007,710 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012/02/13 13:47:06 | 000,007,245 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012/02/13 13:47:05 | 002,008,817 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2012/02/13 13:47:05 | 000,797,189 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012/02/13 13:47:05 | 000,399,645 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012/02/13 13:47:05 | 000,106,147 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2012/02/13 13:47:05 | 000,031,281 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2012/02/13 13:47:05 | 000,013,753 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2012/02/13 13:47:05 | 000,009,581 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012/02/13 13:47:04 | 000,505,647 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012/02/13 13:20:35 | 000,000,336 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\IjmPGGi0RYN62W
[2012/02/13 12:50:54 | 000,000,853 | -H-- | C] () -- C:\Documents and Settings\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\System Check.lnk
[2012/02/12 17:50:08 | 000,000,835 | -H-- | C] () -- C:\Documents and Settings\Chris\Desktop\System Check.lnk
[2012/02/12 17:49:48 | 000,000,344 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\Vc3pjRJmRIGD8W
[2012/02/12 08:55:48 | 000,405,515 | -H-- | C] () -- C:\WINDOWS\setupapi.old
[2012/02/06 16:46:50 | 000,930,374 | -H-- | C] () -- C:\Documents and Settings\Chris\My Documents\cliff casey logo.jpg
[2012/01/27 18:07:13 | 003,382,617 | -H-- | C] () -- C:\Documents and Settings\Chris\My Documents\Closed captioning agreement.zip
[2012/01/16 16:54:00 | 005,947,635 | -H-- | C] () -- C:\Documents and Settings\Chris\My Documents\wild TV media kit.zip
[2011/06/10 21:40:07 | 000,103,535 | -H-- | C] () -- C:\WINDOWS\hpoins04.dat.temp
[2011/06/10 21:40:07 | 000,017,176 | -H-- | C] () -- C:\WINDOWS\hpomdl04.dat.temp
[2011/06/10 09:23:21 | 000,001,159 | -H-- | C] () -- C:\WINDOWS\hpomdl42.dat.temp
[2011/03/14 01:54:20 | 000,000,153 | -H-- | C] () -- C:\WINDOWS\IfoEdit.INI
[2011/02/26 16:55:51 | 000,059,032 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/02/24 01:50:33 | 000,103,535 | -H-- | C] () -- C:\WINDOWS\hpoins04.dat
[2011/02/24 01:50:33 | 000,017,176 | -H-- | C] () -- C:\WINDOWS\hpomdl04.dat
[2011/02/21 03:37:56 | 000,383,096 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/02/20 02:06:03 | 000,057,344 | -H-- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/02/20 00:34:59 | 000,090,112 | -H-- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2011/02/20 00:32:51 | 000,000,552 | -H-- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/02/20 00:30:58 | 000,200,704 | -H-- | C] () -- C:\WINDOWS\System32\UpdateDriver.exe
[2011/02/20 00:30:57 | 000,005,224 | -H-- | C] () -- C:\WINDOWS\System32\ucuiinfo.ini
[2011/02/20 00:26:14 | 000,175,977 | -H-- | C] () -- C:\WINDOWS\hpoins42.dat
[2011/02/20 00:26:14 | 000,001,159 | -H-- | C] () -- C:\WINDOWS\hpomdl42.dat
[2011/02/19 21:37:03 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2011/02/19 18:13:34 | 000,072,192 | -H-- | C] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/05 16:39:19 | 000,001,324 | -H-- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/02/05 16:37:31 | 000,237,568 | RH-- | C] () -- C:\WINDOWS\System32\qtmlClient.dll
[2011/02/05 16:37:31 | 000,002,209 | -H-- | C] () -- C:\WINDOWS\Graffiti5.2Pin.ini
[2011/02/03 17:41:28 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\fusioncache.dat
[2011/02/03 16:36:32 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/02/03 16:31:02 | 000,034,344 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/02/03 09:51:14 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/02/03 09:50:28 | 000,261,432 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/01/26 02:04:12 | 000,138,752 | -H-- | C] () -- C:\WINDOWS\System32\mase32.dll
[2007/01/26 02:04:12 | 000,027,648 | -H-- | C] () -- C:\WINDOWS\System32\ma32.dll
[2005/03/22 16:38:24 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/22 16:38:24 | 000,004,627 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 05:00:00 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 05:00:00 | 000,441,764 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 05:00:00 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 05:00:00 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 05:00:00 | 000,081,920 | -H-- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/10 05:00:00 | 000,071,700 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 05:00:00 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 05:00:00 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 05:00:00 | 000,027,440 | -H-- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/10 05:00:00 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 05:00:00 | 000,001,788 | -H-- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/10 05:00:00 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/09 22:11:42 | 000,185,856 | -H-- | C] () -- C:\WINDOWS\System32\psisdecd.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:DFC5A2B2
< End of report >
OTL logfile created on: 2/15/2012 12:09:41 AM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = G:\
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1021.84 Mb Total Physical Memory | 366.18 Mb Available Physical Memory | 35.84% Memory free
2.40 Gb Paging File | 1.82 Gb Available in Paging File | 75.96% Paging File free
Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 228.13 Gb Total Space | 9.14 Gb Free Space | 4.00% Space Free | Partition Type: NTFS
Drive F: | 931.51 Gb Total Space | 839.03 Gb Free Space | 90.07% Space Free | Partition Type: NTFS
Drive G: | 485.73 Mb Total Space | 367.67 Mb Free Space | 75.70% Space Free | Partition Type: FAT
Drive H: | 465.76 Gb Total Space | 230.51 Gb Free Space | 49.49% Space Free | Partition Type: NTFS
Drive I: | 930.85 Gb Total Space | 256.95 Gb Free Space | 27.60% Space Free | Partition Type: NTFS
Drive J: | 644.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: CHRIS-366D8D1CA | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/02/15 00:03:48 | 000,584,192 | ---- | M] (OldTimer Tools) -- G:\OTL.exe
PRC - [2012/02/09 19:37:22 | 000,283,136 | -H-- | M] () -- C:\Program Files\Internet Explorer\73F.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | -H-- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | -H-- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/27 05:06:44 | 000,267,488 | -H-- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2010/12/01 14:49:56 | 001,589,208 | -H-- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsGui.exe
PRC - [2010/11/19 06:57:14 | 001,150,936 | -H-- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsSvc.exe
PRC - [2010/11/17 21:29:22 | 000,075,048 | -H-- | M] (cyberlink) -- C:\Program Files\CyberLink\Shared files\brs.exe
PRC - [2010/03/15 14:02:36 | 000,366,840 | -H-- | M] (PC Tools) -- C:\Program Files\PC Tools Security\pctsAuxs.exe
PRC - [2010/02/03 00:08:56 | 000,087,336 | -H-- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2009/03/08 04:31:54 | 000,013,312 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msfeedssync.exe
PRC - [2007/10/30 22:37:22 | 001,654,784 | -H-- | M] (Belkin) -- C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe
PRC - [2006/03/20 16:00:04 | 000,282,624 | -H-- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2004/08/10 05:00:00 | 001,032,192 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2012/02/09 19:37:22 | 000,283,136 | -H-- | M] () -- C:\Program Files\Internet Explorer\73F.exe
MOD - [2012/02/09 15:14:21 | 003,340,064 | -H-- | M] () -- c:\Program Files\Common Files\Akamai\netsession_win_7de0ed9.dll
MOD - [2011/07/27 05:06:44 | 000,267,488 | -H-- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
MOD - [2011/06/24 21:56:36 | 000,087,328 | -H-- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | -H-- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/08/30 16:05:52 | 000,157,656 | -H-- | M] () -- C:\Program Files\PC Tools Security\NetworkLayer\PCTCFHook.dll
MOD - [2010/08/10 17:59:26 | 001,263,576 | -H-- | M] () -- C:\Program Files\PC Tools Security\UserModeFileCache.dll
MOD - [2010/08/10 17:58:38 | 000,091,608 | -H-- | M] () -- C:\Program Files\PC Tools Security\avengine\sdkBSCtrl.dll
MOD - [2009/01/10 16:15:44 | 000,159,744 | -H-- | M] () -- C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll
MOD - [2009/01/10 16:14:06 | 000,023,552 | -H-- | M] () -- C:\Program Files\Haali\MatroskaSplitter\mkunicode.dll
MOD - [2007/11/26 11:45:34 | 000,188,416 | -H-- | M] () -- C:\Program Files\Belkin\F5D7050v3\BelkinwcuiDLL.dll
MOD - [2006/02/24 10:40:56 | 000,061,440 | -H-- | M] () -- C:\Program Files\Belkin\F5D7050v3\BelkinHWStatus.dll
MOD - [2004/08/10 05:00:00 | 001,287,680 | -H-- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2004/08/10 05:00:00 | 000,268,288 | -H-- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2004/08/10 05:00:00 | 000,059,904 | -H-- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2004/08/10 05:00:00 | 000,014,336 | -H-- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Win32 Services (SafeList) ==========
SRV - [2012/02/09 15:14:21 | 003,340,064 | -H-- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_7de0ed9.dll -- (Akamai)
SRV - [2012/01/13 14:53:18 | 000,652,360 | -H-- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/07/27 05:06:44 | 000,267,488 | -H-- | M] () [Auto | Running] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2010/11/19 06:57:14 | 001,150,936 | -H-- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/15 14:02:36 | 000,366,840 | -H-- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/01/15 06:49:20 | 000,227,232 | -H-- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
========== Driver Services (All) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ViaIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ultra)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (TosIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc8xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc810)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_u3)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_hi)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Sparrow)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Simbad)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1280)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1240)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql12160)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Ql10wnt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1080)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2hib)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (PCIIde)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (mraid35x)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (IntelIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ini910u)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (i2omp)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (hpn)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (dpti2o)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (dac960nt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Cpqarray)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (CmdIde)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (cd20xrnt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Atdisk)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3550)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3350p)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (amsint)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (AliIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78u2)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Aha154x)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (adpu160m)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (abp480n5)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Abiosdsk)
DRV - [2011/12/10 15:24:06 | 000,020,464 | -H-- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/05/10 07:06:08 | 000,042,496 | -H-- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2011/02/19 15:36:44 | 000,020,747 | -H-- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2010/11/25 10:43:00 | 000,239,168 | -H-- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/11/17 21:29:20 | 000,087,536 | -H-- | M] (CyberLink Corp.) [2011/02/24 01:49:19] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2010/07/16 14:59:54 | 000,338,880 | -H-- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pctDS.sys -- (pctDS)
DRV - [2009/08/26 22:41:08 | 000,049,920 | -H-- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2009/08/26 22:41:04 | 000,016,496 | -H-- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2009/08/26 22:40:06 | 000,021,568 | -H-- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)
DRV - [2009/05/18 13:17:00 | 000,026,600 | -H-- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2008/04/13 10:36:05 | 000,144,384 | -H-- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/10/02 04:06:40 | 000,451,968 | -H-- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2006/09/28 19:00:34 | 000,082,944 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WudfRd.sys -- (WudfRd)
DRV - [2006/09/28 18:55:50 | 000,077,568 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\WudfPf.sys -- (WudfPf)
DRV - [2006/06/16 11:39:00 | 003,581,888 | -H-- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/05/11 10:30:52 | 000,247,808 | -H-- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iastor)
DRV - [2006/03/20 16:06:04 | 001,156,648 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/09/23 23:18:32 | 000,171,520 | -H-- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005/08/03 18:29:54 | 000,018,944 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb)
DRV - [2005/05/12 18:54:10 | 000,020,576 | -H-- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2004/12/13 15:14:00 | 000,039,904 | -H-- | M] (Adaptec, Inc.) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\cercsr6.sys -- (cercsr6)
DRV - [2004/08/10 05:00:00 | 000,799,744 | -H-- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2004/08/10 05:00:00 | 000,574,592 | -H-- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2004/08/10 05:00:00 | 000,451,456 | -H-- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2004/08/10 05:00:00 | 000,359,040 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2004/08/10 05:00:00 | 000,336,256 | -H-- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2004/08/10 05:00:00 | 000,263,040 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2004/08/10 05:00:00 | 000,209,408 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2004/08/10 05:00:00 | 000,187,776 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ACPI.sys -- (ACPI)
DRV - [2004/08/10 05:00:00 | 000,182,912 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2004/08/10 05:00:00 | 000,181,248 | -H-- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2004/08/10 05:00:00 | 000,176,512 | -H-- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2004/08/10 05:00:00 | 000,171,776 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2004/08/10 05:00:00 | 000,162,816 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2004/08/10 05:00:00 | 000,153,344 | -H-- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dmio.sys -- (dmio)
DRV - [2004/08/10 05:00:00 | 000,143,360 | -H-- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2004/08/10 05:00:00 | 000,142,464 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2004/08/10 05:00:00 | 000,139,400 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2004/08/10 05:00:00 | 000,138,496 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2004/08/10 05:00:00 | 000,134,912 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2004/08/10 05:00:00 | 000,125,056 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ftdisk.sys -- (Ftdisk)
DRV - [2004/08/10 05:00:00 | 000,124,800 | -H-- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2004/08/10 05:00:00 | 000,119,936 | -H-- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2004/08/10 05:00:00 | 000,107,904 | -H-- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2004/08/10 05:00:00 | 000,095,360 | -H-- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\atapi.sys -- (atapi)
DRV - [2004/08/10 05:00:00 | 000,092,032 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2004/08/10 05:00:00 | 000,091,776 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2004/08/10 05:00:00 | 000,082,944 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2004/08/10 05:00:00 | 000,080,128 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\parport.sys -- (Parport)
DRV - [2004/08/10 05:00:00 | 000,074,752 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2004/08/10 05:00:00 | 000,073,472 | -H-- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sr.sys -- (sr)
DRV - [2004/08/10 05:00:00 | 000,069,120 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2004/08/10 05:00:00 | 000,068,224 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\pci.sys -- (PCI)
DRV - [2004/08/10 05:00:00 | 000,066,176 | -H-- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2004/08/10 05:00:00 | 000,064,896 | -H-- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\serial.sys -- (Serial)
DRV - [2004/08/10 05:00:00 | 000,063,744 | -H-- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2004/08/10 05:00:00 | 000,061,824 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nic1394.sys -- (NIC1394)
DRV - [2004/08/10 05:00:00 | 000,061,056 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ohci1394.sys -- (ohci1394)
DRV - [2004/08/10 05:00:00 | 000,060,800 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2004/08/10 05:00:00 | 000,060,800 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\arp1394.sys -- (Arp1394)
DRV - [2004/08/10 05:00:00 | 000,059,904 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2004/08/10 05:00:00 | 000,057,600 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2004/08/10 05:00:00 | 000,054,272 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2004/08/10 05:00:00 | 000,052,352 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2004/08/10 05:00:00 | 000,051,328 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2004/08/10 05:00:00 | 000,049,536 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2004/08/10 05:00:00 | 000,048,384 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2004/08/10 05:00:00 | 000,043,136 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sbp2port.sys -- (sbp2port)
DRV - [2004/08/10 05:00:00 | 000,042,240 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2004/08/10 05:00:00 | 000,041,856 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2004/08/10 05:00:00 | 000,041,472 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2004/08/10 05:00:00 | 000,038,016 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2004/08/10 05:00:00 | 000,036,352 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\disk.sys -- (Disk)
DRV - [2004/08/10 05:00:00 | 000,036,096 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)
DRV - [2004/08/10 05:00:00 | 000,035,840 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\isapnp.sys -- (isapnp)
DRV - [2004/08/10 05:00:00 | 000,035,072 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2004/08/10 05:00:00 | 000,034,944 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2004/08/10 05:00:00 | 000,034,560 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2004/08/10 05:00:00 | 000,034,560 | -H-- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2004/08/10 05:00:00 | 000,032,896 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2004/08/10 05:00:00 | 000,032,512 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2004/08/10 05:00:00 | 000,031,616 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2004/08/10 05:00:00 | 000,030,848 | -H-- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2004/08/10 05:00:00 | 000,030,080 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2004/08/10 05:00:00 | 000,029,056 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - [2004/08/10 05:00:00 | 000,027,440 | -H-- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2004/08/10 05:00:00 | 000,027,392 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\fdc.sys -- (Fdc)
DRV - [2004/08/10 05:00:00 | 000,026,624 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2004/08/10 05:00:00 | 000,026,496 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbstor.sys -- (USBSTOR)
DRV - [2004/08/10 05:00:00 | 000,024,576 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2004/08/10 05:00:00 | 000,023,040 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2004/08/10 05:00:00 | 000,021,896 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2004/08/10 05:00:00 | 000,020,992 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2004/08/10 05:00:00 | 000,020,992 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2004/08/10 05:00:00 | 000,020,480 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2004/08/10 05:00:00 | 000,020,480 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2004/08/10 05:00:00 | 000,019,072 | -H-- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2004/08/10 05:00:00 | 000,018,688 | -H-- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2004/08/10 05:00:00 | 000,018,688 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2004/08/10 05:00:00 | 000,017,792 | -H-- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/10 05:00:00 | 000,016,512 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2004/08/10 05:00:00 | 000,015,488 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2004/08/10 05:00:00 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\streamip.sys -- (streamip)
DRV - [2004/08/10 05:00:00 | 000,014,848 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2004/08/10 05:00:00 | 000,014,336 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2004/08/10 05:00:00 | 000,013,952 | -H-- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2004/08/10 05:00:00 | 000,012,928 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2004/08/10 05:00:00 | 000,012,416 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2004/08/10 05:00:00 | 000,012,160 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2004/08/10 05:00:00 | 000,012,040 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2004/08/10 05:00:00 | 000,012,032 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ws2ifsl.sys -- (WS2IFSL)
DRV - [2004/08/10 05:00:00 | 000,011,648 | -H-- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2004/08/10 05:00:00 | 000,011,392 | -H-- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2004/08/10 05:00:00 | 000,011,264 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2004/08/10 05:00:00 | 000,011,136 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slip.sys -- (SLIP)
DRV - [2004/08/10 05:00:00 | 000,010,880 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ndisip.sys -- (NdisIP)
DRV - [2004/08/10 05:00:00 | 000,009,600 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2004/08/10 05:00:00 | 000,009,600 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (hidusb)
DRV - [2004/08/10 05:00:00 | 000,008,832 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2004/08/10 05:00:00 | 000,007,552 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2004/08/10 05:00:00 | 000,006,784 | -H-- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2004/08/10 05:00:00 | 000,005,888 | -H-- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dmload.sys -- (dmload)
DRV - [2004/08/10 05:00:00 | 000,005,376 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2004/08/10 05:00:00 | 000,004,992 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM)
DRV - [2004/08/10 05:00:00 | 000,004,352 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2004/08/10 05:00:00 | 000,004,224 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2004/08/10 05:00:00 | 000,004,224 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2004/08/10 05:00:00 | 000,004,224 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2004/08/10 05:00:00 | 000,002,944 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2004/08/10 05:00:00 | 000,002,944 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2004/08/10 03:45:04 | 000,011,008 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mhndrv.sys -- (MHNDRV)
DRV - [2004/08/04 01:01:08 | 000,040,840 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2004/08/03 23:10:30 | 000,085,376 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nabtsfec.sys -- (NABTSFEC)
DRV - [2004/08/03 23:10:22 | 000,019,328 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wstcodec.sys -- (WSTCODEC)
DRV - [2004/08/03 23:10:18 | 000,017,024 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdecode.sys -- (CCDECODE)
DRV - [2004/08/03 23:10:12 | 000,048,128 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2004/08/03 23:10:12 | 000,038,912 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2004/08/03 23:10:00 | 000,051,328 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2004/08/03 23:07:56 | 000,059,264 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2004/08/03 23:07:48 | 000,006,400 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2004/08/03 23:07:40 | 000,052,864 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic)
DRV - [2004/08/03 23:01:26 | 000,025,856 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2004/08/03 23:01:16 | 000,196,864 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2004/08/03 22:59:38 | 000,057,472 | -H-- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2004/08/03 22:58:46 | 000,015,104 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2004/08/03 22:58:40 | 000,005,504 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mstee.sys -- (MSTEE)
DRV - [2001/08/17 07:59:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox.com/help/sa_customize.aspx?tbid=80291
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.mg5.mail.yahoo.com/neo/launch?.rand=b48mpu5qati8a
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://us.mg5.mail.yahoo.com/neo/launch?.rand=1lnrt848vpj7u
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:64848
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2011/02/20 00:11:19 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011/02/21 03:16:47 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\siteranker@siteranker.com: C:\Program Files\SiteRanker\firefox\
O1 HOSTS File: ([2004/08/10 05:00:00 | 000,000,734 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\PROGRA~1\SITERA~1\SiteRank.dll File not found
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll File not found
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (ShopAtHomeIEHelper Class) - {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll File not found
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll ()
O3 - HKLM\..\Toolbar: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (ShopAtHome.com Toolbar) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll File not found
O4 - HKLM..\Run: [2FB.exe] C:\Program Files\LP\D975\2FB.exe ()
O4 - HKLM..\Run: [73F.exe] C:\Program Files\Internet Explorer\73F.exe ()
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [DVDUpgrade] C:\WINDOWS\System32\dvdupgrd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [F5D7050v3] C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe (Belkin)
O4 - HKLM..\Run: [IFEvuifXpHuouiv.exe] C:\Documents and Settings\All Users\Application Data\IFEvuifXpHuouiv.exe (Mioft)
O4 - HKLM..\Run: [ISTray] C:\Program Files\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SelectRebates] C:\Program Files\SelectRebates\SelectRebates.exe File not found
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SiteRanker] "C:\Program Files\SiteRanker\SiteRankTray.exe" File not found
O4 - HKLM..\Run: [StartNowToolbarHelper] "C:\Program Files\StartNow Toolbar\ToolbarHelper.exe" File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Documents and Settings\Chris\Local Settings\Application Data\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/images/global/js/scanner/SysProExe.cab (Scanner.SysScanner)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1298162705062 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 216.165.129.158
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) -C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) -C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Chris\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Chris\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) -C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) -C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) -C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) -C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) -C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/02/03 16:34:11 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/01/16 00:23:52 | 000,000,095 | -H-- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/06/18 15:12:18 | 000,000,088 | R--- | M] () - J:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sprestrt)
O34 - HKLM BootExecute: (sprestrt)
O34 - HKLM BootExecute: (sprestrt)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/02/14 19:13:50 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Chris\Recent
[2012/02/13 23:56:50 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Chris\Application Data\Malwarebytes
[2012/02/13 23:56:39 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/02/13 23:56:39 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/02/13 23:56:38 | 000,020,464 | -H-- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/02/13 23:56:38 | 000,000,000 | -H-D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/02/13 23:33:07 | 000,656,320 | -H-- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctEFA.sys
[2012/02/13 23:33:07 | 000,338,880 | -H-- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctDS.sys
[2012/02/13 23:33:07 | 000,249,616 | -H-- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2012/02/13 23:33:03 | 000,239,168 | -H-- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2012/02/13 23:33:03 | 000,160,448 | -H-- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2012/02/13 23:33:02 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PC Tools Security
[2012/02/13 23:33:00 | 000,070,536 | -H-- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2012/02/13 23:32:54 | 000,000,000 | -H-D | C] -- C:\Program Files\PC Tools Security
[2012/02/13 23:32:54 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\PC Tools
[2012/02/13 23:32:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2012/02/13 20:10:48 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2012/02/13 15:52:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Prefetch
[2012/02/13 14:31:27 | 000,069,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresko.dll
[2012/02/13 14:31:26 | 000,073,728 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresja.dll
[2012/02/13 14:31:26 | 000,069,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresfr.dll
[2012/02/13 14:31:25 | 000,069,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresde.dll
[2012/02/13 14:31:22 | 000,061,440 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehreschs.dll
[2012/02/13 14:31:04 | 000,221,184 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2012/02/13 14:31:00 | 000,156,672 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2012/02/13 14:30:59 | 000,156,672 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2012/02/13 14:30:59 | 000,156,672 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2012/02/13 14:30:58 | 000,079,360 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2012/02/13 14:30:58 | 000,069,120 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2012/02/13 14:30:58 | 000,065,536 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2012/02/13 14:30:56 | 000,041,600 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2012/02/13 14:30:56 | 000,031,232 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2012/02/13 14:30:55 | 000,076,800 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2012/02/13 14:30:55 | 000,053,248 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2012/02/13 14:30:55 | 000,009,216 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2012/02/13 14:30:54 | 000,363,520 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2012/02/13 14:30:54 | 000,073,728 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2012/02/13 14:30:54 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2012/02/13 14:30:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2012/02/13 14:30:53 | 000,426,041 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2012/02/13 14:30:53 | 000,086,073 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2012/02/13 14:30:53 | 000,048,256 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2012/02/13 14:30:49 | 000,103,424 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2012/02/13 14:30:49 | 000,076,288 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2012/02/13 14:30:49 | 000,065,024 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2012/02/13 14:30:48 | 000,014,336 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2012/02/13 14:30:47 | 000,031,232 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2012/02/13 14:30:46 | 000,571,392 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2012/02/13 14:30:46 | 000,455,168 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2012/02/13 14:30:46 | 000,185,344 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2012/02/13 14:30:46 | 000,044,032 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2012/02/13 14:30:46 | 000,010,240 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2012/02/13 14:30:45 | 000,021,896 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2012/02/13 14:30:45 | 000,019,464 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2012/02/13 14:30:45 | 000,013,192 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2012/02/13 14:30:43 | 000,046,592 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2012/02/13 14:30:42 | 000,016,896 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2012/02/13 14:30:41 | 000,046,592 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2012/02/13 14:30:41 | 000,045,056 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2012/02/13 14:30:40 | 000,101,376 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2012/02/13 14:30:38 | 000,143,422 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2012/02/13 14:30:38 | 000,040,448 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2012/02/13 14:30:38 | 000,008,704 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2012/02/13 14:30:38 | 000,007,168 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2012/02/13 14:30:37 | 000,456,704 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2012/02/13 14:30:37 | 000,358,400 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2012/02/13 14:30:37 | 000,259,072 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2012/02/13 14:30:37 | 000,188,416 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2012/02/13 14:30:37 | 000,032,768 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2012/02/13 14:30:37 | 000,010,240 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2012/02/13 14:30:37 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2012/02/13 14:30:36 | 000,236,544 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2012/02/13 14:30:36 | 000,031,744 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2012/02/13 14:30:36 | 000,015,872 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2012/02/13 14:30:36 | 000,012,288 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2012/02/13 14:30:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2012/02/13 14:30:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2012/02/13 14:30:35 | 000,038,912 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2012/02/13 14:30:35 | 000,031,744 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2012/02/13 14:30:35 | 000,030,208 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2012/02/13 14:30:35 | 000,029,184 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2012/02/13 14:30:35 | 000,026,624 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2012/02/13 14:30:35 | 000,026,624 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2012/02/13 14:30:35 | 000,026,112 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2012/02/13 14:30:35 | 000,026,112 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2012/02/13 14:30:35 | 000,026,112 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2012/02/13 14:30:35 | 000,026,112 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2012/02/13 14:30:34 | 000,030,208 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2012/02/13 14:30:34 | 000,025,088 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2012/02/13 14:30:34 | 000,018,944 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2012/02/13 14:30:29 | 000,026,112 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2012/02/13 14:30:28 | 000,057,856 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2012/02/13 14:30:27 | 000,079,872 | -H-- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012/02/13 14:30:26 | 000,079,872 | -H-- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012/02/13 14:30:26 | 000,026,624 | -H-- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2012/02/13 14:30:26 | 000,024,576 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2012/02/13 14:30:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2012/02/13 14:30:24 | 000,026,112 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2012/02/13 14:30:23 | 000,023,040 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2012/02/13 14:30:23 | 000,014,848 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2012/02/13 14:30:21 | 000,077,824 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2012/02/13 14:30:21 | 000,020,736 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2012/02/13 14:30:21 | 000,016,384 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2012/02/13 14:30:20 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2012/02/13 14:30:19 | 000,007,680 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2012/02/13 14:30:17 | 000,131,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2012/02/13 14:30:17 | 000,070,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2012/02/13 14:30:17 | 000,068,608 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\plugin.ocx
[2012/02/13 14:30:17 | 000,067,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2012/02/13 14:30:17 | 000,011,264 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2012/02/13 14:30:17 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2012/02/13 14:30:16 | 000,482,304 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2012/02/13 14:30:16 | 000,079,360 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2012/02/13 14:30:16 | 000,053,760 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2012/02/13 14:30:16 | 000,020,992 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2012/02/13 14:30:14 | 000,036,927 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2012/02/13 14:30:14 | 000,031,744 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2012/02/13 14:30:14 | 000,015,872 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2012/02/13 14:30:14 | 000,015,360 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2012/02/13 14:30:14 | 000,014,336 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2012/02/13 14:30:09 | 000,226,816 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2012/02/13 14:30:09 | 000,044,544 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2012/02/13 14:30:09 | 000,038,912 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2012/02/13 14:30:07 | 000,053,248 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2012/02/13 14:30:04 | 000,229,439 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2012/02/13 14:30:04 | 000,111,104 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2012/02/13 14:29:58 | 001,875,968 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2012/02/13 14:29:58 | 000,098,304 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2012/02/13 14:29:48 | 000,007,680 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2012/02/13 14:29:47 | 000,092,416 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2012/02/13 14:29:47 | 000,092,032 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2012/02/13 14:29:47 | 000,085,504 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2012/02/13 14:29:47 | 000,037,888 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2012/02/13 14:29:47 | 000,026,624 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2012/02/13 14:29:46 | 000,065,536 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2012/02/13 14:29:45 | 000,022,528 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2012/02/13 14:29:45 | 000,018,944 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2012/02/13 14:29:45 | 000,013,312 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2012/02/13 14:29:44 | 000,022,016 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2012/02/13 14:29:43 | 000,033,792 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2012/02/13 14:29:42 | 000,070,656 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2012/02/13 14:29:42 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2012/02/13 14:29:41 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2012/02/13 14:29:41 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2012/02/13 14:29:41 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2012/02/13 14:29:41 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2012/02/13 14:29:41 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2012/02/13 14:29:41 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2012/02/13 14:29:41 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2012/02/13 14:29:40 | 000,007,680 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2012/02/13 14:29:40 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2012/02/13 14:29:39 | 000,009,216 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2012/02/13 14:29:39 | 000,007,168 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2012/02/13 14:29:39 | 000,006,656 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2012/02/13 14:29:39 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2012/02/13 14:29:39 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2012/02/13 14:29:39 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2012/02/13 14:29:38 | 000,007,168 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2012/02/13 14:29:38 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2012/02/13 14:29:38 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2012/02/13 14:29:38 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2012/02/13 14:29:38 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2012/02/13 14:29:38 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2012/02/13 14:29:38 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2012/02/13 14:29:38 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2012/02/13 14:29:37 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2012/02/13 14:29:37 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2012/02/13 14:29:37 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2012/02/13 14:29:37 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2012/02/13 14:29:36 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2012/02/13 14:29:36 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2012/02/13 14:29:36 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2012/02/13 14:29:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2012/02/13 14:29:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2012/02/13 14:29:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2012/02/13 14:29:36 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2012/02/13 14:29:36 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2012/02/13 14:29:35 | 000,026,624 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2012/02/13 14:29:35 | 000,018,432 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2012/02/13 14:29:35 | 000,009,216 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2012/02/13 14:29:35 | 000,007,168 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2012/02/13 14:29:35 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2012/02/13 14:29:33 | 000,035,328 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2012/02/13 14:29:32 | 000,315,452 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2012/02/13 14:29:32 | 000,257,024 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2012/02/13 14:29:32 | 000,015,872 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2012/02/13 14:29:32 | 000,008,704 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2012/02/13 14:29:31 | 000,471,102 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2012/02/13 14:29:31 | 000,274,489 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2012/02/13 14:29:31 | 000,262,200 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2012/02/13 14:29:31 | 000,233,527 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2012/02/13 14:29:31 | 000,208,952 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2012/02/13 14:29:31 | 000,102,456 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2012/02/13 14:29:31 | 000,059,904 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2012/02/13 14:29:31 | 000,045,109 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2012/02/13 14:29:30 | 000,811,064 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2012/02/13 14:29:30 | 000,716,856 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2012/02/13 14:29:30 | 000,368,696 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2012/02/13 14:29:30 | 000,340,023 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2012/02/13 14:29:30 | 000,311,359 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2012/02/13 14:29:30 | 000,307,257 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2012/02/13 14:29:30 | 000,155,705 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2012/02/13 14:29:30 | 000,081,976 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2012/02/13 14:29:30 | 000,057,398 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2012/02/13 14:29:29 | 000,106,496 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2012/02/13 14:29:29 | 000,102,463 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2012/02/13 14:29:29 | 000,094,720 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2012/02/13 14:29:29 | 000,086,016 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2012/02/13 14:29:29 | 000,079,872 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2012/02/13 14:29:29 | 000,044,032 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2012/02/13 14:29:29 | 000,006,656 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2012/02/13 14:29:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2012/02/13 14:29:28 | 000,145,408 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2012/02/13 14:29:28 | 000,060,928 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2012/02/13 14:29:28 | 000,025,088 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2012/02/13 14:29:28 | 000,019,456 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2012/02/13 14:29:28 | 000,007,168 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2012/02/13 14:29:25 | 010,129,408 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2012/02/13 14:29:22 | 010,096,640 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2012/02/13 14:29:22 | 000,268,288 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2012/02/13 14:29:22 | 000,061,440 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2012/02/13 14:29:22 | 000,008,192 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2012/02/13 14:29:21 | 000,039,936 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2012/02/13 14:29:20 | 000,036,864 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2012/02/13 14:29:19 | 000,032,256 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2012/02/13 14:29:18 | 000,562,176 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2012/02/13 14:29:18 | 000,400,384 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2012/02/13 14:29:18 | 000,397,312 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2012/02/13 14:29:18 | 000,267,776 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2012/02/13 14:29:18 | 000,246,272 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2012/02/13 14:29:18 | 000,192,512 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2012/02/13 14:29:18 | 000,154,112 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2012/02/13 14:29:17 | 000,285,184 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2012/02/13 14:29:17 | 000,229,376 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2012/02/13 14:29:17 | 000,055,296 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2012/02/13 14:29:17 | 000,031,744 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2012/02/13 14:29:17 | 000,027,136 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2012/02/13 14:29:17 | 000,023,552 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2012/02/13 14:29:17 | 000,023,552 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2012/02/13 14:29:17 | 000,011,264 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2012/02/13 14:29:17 | 000,008,704 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2012/02/13 14:29:17 | 000,006,656 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2012/02/13 14:29:16 | 000,452,096 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2012/02/13 14:29:16 | 000,143,360 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2012/02/13 14:29:16 | 000,132,608 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2012/02/13 14:29:16 | 000,125,952 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2012/02/13 14:29:16 | 000,111,104 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2012/02/13 14:29:16 | 000,072,192 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2012/02/13 14:29:16 | 000,007,680 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2012/02/13 14:29:16 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2012/02/13 14:29:15 | 000,024,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2012/02/13 14:29:15 | 000,020,541 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2012/02/13 14:29:15 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2012/02/13 14:29:14 | 000,014,848 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2012/02/13 14:29:13 | 000,092,160 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2012/02/13 14:29:13 | 000,043,520 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2012/02/13 14:29:13 | 000,024,064 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2012/02/13 14:29:13 | 000,014,336 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2012/02/13 14:29:13 | 000,007,168 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2012/02/13 14:29:12 | 000,101,888 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2012/02/13 14:29:12 | 000,057,856 | -H-- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2012/02/13 14:29:12 | 000,045,056 | -H-- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2012/02/13 14:29:12 | 000,031,744 | -H-- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2012/02/13 14:29:12 | 000,025,856 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2012/02/13 14:29:04 | 000,078,848 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2012/02/13 14:29:04 | 000,042,496 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2012/02/13 14:29:02 | 000,057,399 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2012/02/13 14:29:02 | 000,020,480 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2012/02/13 14:29:02 | 000,018,944 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2012/02/13 14:29:01 | 000,056,320 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2012/02/13 14:29:01 | 000,033,792 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2012/02/13 14:29:00 | 000,024,064 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2012/02/13 14:28:58 | 000,838,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2012/02/13 14:28:58 | 000,480,256 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2012/02/13 14:28:58 | 000,198,656 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2012/02/13 14:28:58 | 000,097,792 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2012/02/13 14:28:58 | 000,056,320 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2012/02/13 14:28:58 | 000,021,504 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2012/02/13 14:28:57 | 001,677,824 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2012/02/13 14:28:57 | 000,078,336 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2012/02/13 14:28:57 | 000,015,872 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2012/02/13 14:28:57 | 000,014,336 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2012/02/13 14:28:57 | 000,013,312 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2012/02/13 14:28:57 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2012/02/13 14:28:56 | 000,054,528 | -H-- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012/02/13 14:28:55 | 000,218,112 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2012/02/13 14:28:55 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2012/02/13 14:28:55 | 000,006,656 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2012/02/13 14:28:47 | 000,045,568 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2012/02/13 14:28:45 | 000,009,216 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2012/02/13 14:28:43 | 000,369,664 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2012/02/13 14:28:43 | 000,331,264 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2012/02/13 14:28:43 | 000,029,184 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2012/02/13 14:28:43 | 000,010,240 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2012/02/13 14:28:42 | 000,108,544 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2012/02/13 14:28:42 | 000,045,056 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2012/02/13 14:28:42 | 000,019,456 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2012/02/13 14:28:41 | 000,019,456 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2012/02/13 14:28:41 | 000,019,456 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2012/02/13 14:28:41 | 000,019,456 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2012/02/13 14:28:41 | 000,019,456 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2012/02/13 14:28:41 | 000,019,456 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2012/02/13 14:28:40 | 000,049,664 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2012/02/13 14:28:40 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2012/02/13 14:28:39 | 000,029,696 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2012/02/13 14:28:39 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2012/02/13 14:28:37 | 000,364,544 | -H-- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2012/02/13 14:28:37 | 000,010,240 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2012/02/13 14:28:34 | 000,032,827 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2012/02/13 14:28:34 | 000,016,384 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2012/02/13 14:28:34 | 000,007,168 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2012/02/13 14:28:33 | 000,020,536 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2012/02/13 14:28:33 | 000,016,437 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2012/02/13 14:28:33 | 000,008,192 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2012/02/13 14:28:28 | 000,076,800 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2012/02/13 14:28:28 | 000,068,608 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2012/02/13 14:28:28 | 000,019,968 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2012/02/13 14:28:28 | 000,013,312 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2012/02/13 14:28:27 | 000,829,440 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2012/02/13 14:28:27 | 000,169,984 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2012/02/13 14:28:27 | 000,133,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2012/02/13 14:28:27 | 000,068,608 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2012/02/13 14:28:27 | 000,064,512 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2012/02/13 14:28:27 | 000,030,720 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2012/02/13 14:28:27 | 000,014,336 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2012/02/13 14:28:27 | 000,007,680 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2012/02/13 14:28:27 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2012/02/13 14:28:26 | 000,598,071 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2012/02/13 14:28:26 | 000,208,896 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2012/02/13 14:28:26 | 000,020,541 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2012/02/13 14:28:26 | 000,020,538 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2012/02/13 14:28:26 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2012/02/13 14:28:25 | 000,876,653 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2012/02/13 14:28:25 | 000,188,494 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2012/02/13 14:28:25 | 000,109,328 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2012/02/13 14:28:25 | 000,049,212 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2012/02/13 14:28:25 | 000,032,826 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2012/02/13 14:28:25 | 000,014,608 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2012/02/13 14:28:24 | 000,184,435 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2012/02/13 14:28:24 | 000,147,513 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2012/02/13 14:28:24 | 000,102,509 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2012/02/13 14:28:24 | 000,082,035 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2012/02/13 14:28:24 | 000,049,210 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2012/02/13 14:28:24 | 000,041,020 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2012/02/13 14:28:23 | 000,188,480 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2012/02/13 14:28:23 | 000,076,288 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2012/02/13 14:28:23 | 000,046,592 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2012/02/13 14:28:22 | 000,275,968 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2012/02/13 14:28:22 | 000,094,720 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2012/02/13 14:28:22 | 000,020,540 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2012/02/13 14:28:22 | 000,016,439 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2012/02/13 14:28:21 | 000,290,816 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2012/02/13 14:28:21 | 000,043,520 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2012/02/13 14:28:21 | 000,016,439 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2012/02/13 14:28:20 | 000,020,540 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2012/02/13 13:47:10 | 000,024,661 | -H-- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2012/02/13 13:47:10 | 000,024,661 | -H-- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2012/02/13 13:47:10 | 000,013,312 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2012/02/13 13:47:10 | 000,013,312 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2012/02/13 13:20:23 | 000,359,936 | -H-- | C] (Mioft) -- C:\Documents and Settings\All Users\Application Data\IjmPGGi0RYN62W.exe
[2012/02/12 17:50:08 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Chris\Start Menu\Programs\System Check
[2012/02/12 17:49:38 | 000,359,936 | -H-- | C] (Mioft) -- C:\Documents and Settings\All Users\Application Data\Vc3pjRJmRIGD8W.exe
[2012/02/12 17:40:55 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Chris\Application Data\54624
[2012/02/12 09:27:18 | 000,016,384 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2012/02/09 19:44:08 | 000,447,488 | -H-- | C] (Mioft) -- C:\Documents and Settings\All Users\Application Data\IFEvuifXpHuouiv.exe
[2012/02/09 19:37:47 | 000,000,000 | -H-D | C] -- C:\Program Files\243BA
[2012/02/09 19:36:58 | 000,000,000 | -H-D | C] -- C:\Program Files\LP
[2012/02/09 19:36:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2012/02/09 19:35:56 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\LocalService\Application Data\Sun
[2012/02/09 19:35:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2012/02/09 04:46:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Chris\Local Settings\Application Data\eventEvent90
[2012/01/27 18:07:45 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Chris\My Documents\Closed captioning agreement
[2012/01/22 22:39:42 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Chris\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/01/22 22:39:36 | 000,000,000 | -H-D | C] -- C:\Program Files\Adobe Download Assistant
[32 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Chris\My Documents\*.tmp files -> C:\Documents and Settings\Chris\My Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/02/15 00:59:51 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{23C4EF3D-BF16-4663-B0C9-055FF2F18B76}.job
[2012/02/15 00:30:01 | 000,000,884 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/14 19:16:08 | 000,000,193 | ---- | M] () -- C:\Documents and Settings\Chris\Desktop\rk-proxy.reg
[2012/02/14 18:21:55 | 000,000,880 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/14 18:21:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/13 15:53:56 | 000,023,392 | -H-- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/02/13 15:53:56 | 000,016,832 | -H-- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/02/13 15:53:53 | 000,316,640 | -H-- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/02/13 15:53:49 | 000,004,161 | -H-- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012/02/13 15:52:26 | 000,261,432 | -H-- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/13 14:35:08 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/13 14:33:31 | 000,000,263 | -H-- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012/02/13 13:54:54 | 000,034,344 | -H-- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/02/13 13:54:02 | 000,000,209 | -HS- | M] () -- C:\boot.ini
[2012/02/13 13:20:35 | 000,000,336 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\IjmPGGi0RYN62W
[2012/02/13 13:20:24 | 000,359,936 | -H-- | M] (Mioft) -- C:\Documents and Settings\All Users\Application Data\IjmPGGi0RYN62W.exe
[2012/02/13 13:20:12 | 000,405,515 | -H-- | M] () -- C:\WINDOWS\setupapi.old
[2012/02/13 12:50:54 | 000,000,853 | -H-- | M] () -- C:\Documents and Settings\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\System Check.lnk
[2012/02/12 17:58:54 | 000,441,764 | -H-- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/12 17:58:54 | 000,071,700 | -H-- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/02/12 17:50:08 | 000,000,835 | -H-- | M] () -- C:\Documents and Settings\Chris\Desktop\System Check.lnk
[2012/02/12 17:49:48 | 000,000,344 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\Vc3pjRJmRIGD8W
[2012/02/12 17:49:38 | 000,359,936 | -H-- | M] (Mioft) -- C:\Documents and Settings\All Users\Application Data\Vc3pjRJmRIGD8W.exe
[2012/02/12 17:46:54 | 000,039,472 | -H-- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/02/12 17:42:03 | 000,000,349 | -H-- | M] () -- C:\Documents and Settings\All Users\Documents\PCLECHAL.INI
[2012/02/12 10:05:14 | 000,004,382 | -H-- | M] () -- C:\WINDOWS\imsins.BAK
[2012/02/09 19:50:09 | 000,001,324 | -H-- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/02/09 19:40:28 | 000,447,488 | -H-- | M] (Mioft) -- C:\Documents and Settings\All Users\Application Data\IFEvuifXpHuouiv.exe
[2012/02/08 18:56:17 | 000,002,483 | -H-- | M] () -- C:\Documents and Settings\Chris\Desktop\Microsoft Word.lnk
[2012/02/06 16:47:05 | 000,930,374 | -H-- | M] () -- C:\Documents and Settings\Chris\My Documents\cliff casey logo.jpg
[2012/02/04 11:18:52 | 000,072,192 | -H-- | M] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/04 09:47:09 | 000,000,284 | -H-- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/01/27 18:07:30 | 003,382,617 | -H-- | M] () -- C:\Documents and Settings\Chris\My Documents\Closed captioning agreement.zip
[2012/01/16 16:55:33 | 005,947,635 | -H-- | M] () -- C:\Documents and Settings\Chris\My Documents\wild TV media kit.zip
[32 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Chris\My Documents\*.tmp files -> C:\Documents and Settings\Chris\My Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2049/12/31 16:00:00 | 000,768,120 | -H-- | C] () -- C:\Documents and Settings\Chris\My Documents\DSCF1668.JPG
[2012/02/14 19:16:08 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\Chris\Desktop\rk-proxy.reg
[2012/02/13 14:30:16 | 000,175,104 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012/02/13 14:29:42 | 001,158,818 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/02/13 14:29:31 | 000,059,392 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012/02/13 14:29:30 | 000,196,665 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2012/02/13 14:29:29 | 000,134,339 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/02/13 14:29:24 | 013,463,552 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012/02/13 14:29:20 | 000,108,827 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/02/13 14:29:15 | 000,094,208 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2012/02/13 14:28:58 | 000,173,568 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012/02/13 14:28:35 | 000,004,639 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2012/02/13 13:51:45 | 000,039,550 | -H-- | C] () -- C:\WINDOWS\System32\nvapps.nvb
[2012/02/13 13:47:06 | 000,141,702 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2012/02/13 13:47:06 | 000,130,715 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2012/02/13 13:47:06 | 000,110,116 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2012/02/13 13:47:06 | 000,077,881 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\plus.cat
[2012/02/13 13:47:06 | 000,037,484 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012/02/13 13:47:06 | 000,024,209 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2012/02/13 13:47:06 | 000,017,916 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\sonic.cat
[2012/02/13 13:47:06 | 000,013,472 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012/02/13 13:47:06 | 000,011,651 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2012/02/13 13:47:06 | 000,008,574 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012/02/13 13:47:06 | 000,007,710 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012/02/13 13:47:06 | 000,007,245 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012/02/13 13:47:05 | 002,008,817 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2012/02/13 13:47:05 | 000,797,189 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012/02/13 13:47:05 | 000,399,645 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012/02/13 13:47:05 | 000,106,147 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2012/02/13 13:47:05 | 000,031,281 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2012/02/13 13:47:05 | 000,013,753 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2012/02/13 13:47:05 | 000,009,581 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012/02/13 13:47:04 | 000,505,647 | -H-- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012/02/13 13:20:35 | 000,000,336 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\IjmPGGi0RYN62W
[2012/02/13 12:50:54 | 000,000,853 | -H-- | C] () -- C:\Documents and Settings\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\System Check.lnk
[2012/02/12 17:50:08 | 000,000,835 | -H-- | C] () -- C:\Documents and Settings\Chris\Desktop\System Check.lnk
[2012/02/12 17:49:48 | 000,000,344 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\Vc3pjRJmRIGD8W
[2012/02/12 08:55:48 | 000,405,515 | -H-- | C] () -- C:\WINDOWS\setupapi.old
[2012/02/06 16:46:50 | 000,930,374 | -H-- | C] () -- C:\Documents and Settings\Chris\My Documents\cliff casey logo.jpg
[2012/01/27 18:07:13 | 003,382,617 | -H-- | C] () -- C:\Documents and Settings\Chris\My Documents\Closed captioning agreement.zip
[2012/01/16 16:54:00 | 005,947,635 | -H-- | C] () -- C:\Documents and Settings\Chris\My Documents\wild TV media kit.zip
[2011/06/10 21:40:07 | 000,103,535 | -H-- | C] () -- C:\WINDOWS\hpoins04.dat.temp
[2011/06/10 21:40:07 | 000,017,176 | -H-- | C] () -- C:\WINDOWS\hpomdl04.dat.temp
[2011/06/10 09:23:21 | 000,001,159 | -H-- | C] () -- C:\WINDOWS\hpomdl42.dat.temp
[2011/03/14 01:54:20 | 000,000,153 | -H-- | C] () -- C:\WINDOWS\IfoEdit.INI
[2011/02/26 16:55:51 | 000,059,032 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/02/24 01:50:33 | 000,103,535 | -H-- | C] () -- C:\WINDOWS\hpoins04.dat
[2011/02/24 01:50:33 | 000,017,176 | -H-- | C] () -- C:\WINDOWS\hpomdl04.dat
[2011/02/21 03:37:56 | 000,383,096 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/02/20 02:06:03 | 000,057,344 | -H-- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/02/20 00:34:59 | 000,090,112 | -H-- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2011/02/20 00:32:51 | 000,000,552 | -H-- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/02/20 00:30:58 | 000,200,704 | -H-- | C] () -- C:\WINDOWS\System32\UpdateDriver.exe
[2011/02/20 00:30:57 | 000,005,224 | -H-- | C] () -- C:\WINDOWS\System32\ucuiinfo.ini
[2011/02/20 00:26:14 | 000,175,977 | -H-- | C] () -- C:\WINDOWS\hpoins42.dat
[2011/02/20 00:26:14 | 000,001,159 | -H-- | C] () -- C:\WINDOWS\hpomdl42.dat
[2011/02/19 21:37:03 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2011/02/19 18:13:34 | 000,072,192 | -H-- | C] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/05 16:39:19 | 000,001,324 | -H-- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/02/05 16:37:31 | 000,237,568 | RH-- | C] () -- C:\WINDOWS\System32\qtmlClient.dll
[2011/02/05 16:37:31 | 000,002,209 | -H-- | C] () -- C:\WINDOWS\Graffiti5.2Pin.ini
[2011/02/03 17:41:28 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Chris\Local Settings\Application Data\fusioncache.dat
[2011/02/03 16:36:32 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/02/03 16:31:02 | 000,034,344 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/02/03 09:51:14 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/02/03 09:50:28 | 000,261,432 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/01/26 02:04:12 | 000,138,752 | -H-- | C] () -- C:\WINDOWS\System32\mase32.dll
[2007/01/26 02:04:12 | 000,027,648 | -H-- | C] () -- C:\WINDOWS\System32\ma32.dll
[2005/03/22 16:38:24 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/22 16:38:24 | 000,004,627 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 05:00:00 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 05:00:00 | 000,441,764 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 05:00:00 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 05:00:00 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 05:00:00 | 000,081,920 | -H-- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/10 05:00:00 | 000,071,700 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 05:00:00 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 05:00:00 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 05:00:00 | 000,027,440 | -H-- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/10 05:00:00 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 05:00:00 | 000,001,788 | -H-- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/10 05:00:00 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/09 22:11:42 | 000,185,856 | -H-- | C] () -- C:\WINDOWS\System32\psisdecd.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:DFC5A2B2
< End of report >
Attached File(s)
-
Extras.Txt (31.33K)
Number of downloads: 2
#30
- Master Surgeon General
-
- Group: Malware Response Team
- Posts: 5,956
- Joined: 04-March 06
- Gender:Male
- Location:Puerto Rico
Posted 15 February 2012 - 11:56 AM
Download and run Unhide by grinler. That should remove the hidden attribute of most of your files and in addition, if available, the Start menu as well as as your links will be restored.
Let me also know if you have a better graphical control.
- Please double-click OTL.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
- Copy the lines in the quote below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
Quote
:OTL
O4 - HKLM..\Run: [2FB.exe] C:\Program Files\LP\D975\2FB.exe ()
O4 - HKLM..\Run: [73F.exe] C:\Program Files\Internet Explorer\73F.exe ()
O4 - HKLM..\Run: [IFEvuifXpHuouiv.exe] C:\Documents and Settings\All Users\Application Data\IFEvuifXpHuouiv.exe (Mioft)
O4 - HKLM..\Run: [SelectRebates] C:\Program Files\SelectRebates\SelectRebates.exe File not found
:files
C:\Program Files\Internet Explorer\73F.exe
C:\Program Files\LP
C:\Documents and Settings\Chris\Local Settings\Application Data\eventEvent90\Directcfg64.dll
:Reg
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Directcfg64"=-
[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyServer"=-
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"658.exe"=-
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"8BA.exe"=-
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"703.exe"=-
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"072.exe"=-
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"01A.exe"=-
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"E8B.exe"=-
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"011.exe"=-
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"5A5.exe"=-
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"346.exe"=-
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C69.exe"=-
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"E16.exe"=-
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"660.exe"=-
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_ShowControlPanel"=1
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_ShowHelp"=1
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_ShowMyComputer"=1
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_ShowMyDocs"=1
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_ShowRun"=1
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_ShowSearch"=1
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDesktop"=0
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
- Return to OTL, right click in the "Custom Scans/Fixes" window and choose Paste.
- Click the red Run Fix button.
- The computer will restart
- A report will be produced and saved in the C:\_OTL\MovedFiles folder. Open that report and post its contents in a reply.
Let me also know if you have a better graphical control.
No request for help throughout private messaging will be attended.
If I have helped you, consider making a donation to help me continue the fight against Malware!
If I have helped you, consider making a donation to help me continue the fight against Malware!
