Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please Help, I Have A Trojan In My Comp, And I Can't Get It Out.


  • This topic is locked This topic is locked
21 replies to this topic

#1 Bipolargandolf

Bipolargandolf

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:09:11 AM

Posted 13 November 2007 - 04:22 PM

Hi

I have a trojan in my computer with the name "Zlob.DNSChanger.Rtk" I've see at least one other thread with the same trojan and he had the same spyware scanner "Spybot: Search and Destroy." What this Spyware does is it will redirect me to other websites(one of them being WWW.ebay.com), but it will only do this if I use a search engine and I click one of the results links.

I have gone through all of the steps that I'm supposed to to post here.

I have 3 logs for you to look at the first one is from Hijackthis, and the last 2 are from Fixwareout and Combofix, which these were the 2 programs which was suggest to a previous poster with the same problem

And thank you in advance

the Hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:52:15 PM, on 11/13/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ATI Multimedia\main\ATIDtct.EXE
C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: IE7pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7pro\IE7pro.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: EWPBrowseObject Class - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: (no name) - {98828DED-A591-462F-83BA-D2F62A68B8B8} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [CreateCD_Reminder] C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\ATIDtct.EXE
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll
O9 - Extra 'Tools' menuitem: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {32305793-C19A-48E7-AD2F-D87FF7B264A4} (TenebrilSpywareScanner Control) - http://www.tenebril.com/assets/activeX/SpywareScannerV2.ocx
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://zone.msn.com/bingame/dsh2/default/D...h2.1.0.0.68.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165789270203
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/chnz/default/mjolauncher.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (MSN Games Texas Holdem Poker) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab60231.cab
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} (ZPA_SHVL Object) - http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://zone.msn.com/bingame/fotg/default/ddfotg.1.0.0.37.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/default/SproutLauncher.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/cnma/default/ct.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://zone.msn.com/bingame/dash/default/D...sh.1.0.0.94.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3698B8B7-7369-49FD-8AB7-47EA6363398E}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{C97AA0ED-25DC-4640-B258-D38B9C0274D2}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{D15F6213-42F4-411F-A556-7F3CB1B728BB}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: bw+0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)

--
End of file - 28556 bytes


ok, heres the Fixwareout log:

Username "Greg" - 11/13/2007 15:04:21 [Fixwareout edited 9/01/2007]

~~~~~ Prerun check
HKLM\SOFTWARE\~\Winlogon\ "System"="kdqoo.exe"

Successfully flushed the DNS Resolver Cache.


System was rebooted successfully.

~~~~~ Postrun check
HKLM\SOFTWARE\~\Winlogon\ "system"="kdqoo.exe"
....
....
~~~~~ Misc files.
....
~~~~~ Checking for older varients.
....

~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"IgfxTray"="C:\\WINDOWS\\system32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe"
"CreateCD_Reminder"="C:\\WINDOWS\\Sonysys\\VAIO Recovery\\reminder.exe"
"VAIO Update 2"="\"C:\\Program Files\\Sony\\VAIO Update 2\\VAIOUpdt.exe\" /Stationary"
"VZRemoteCommander"="C:\\Program Files\\Sony\\VAIO Zone Remote Commander\\AvRmtCtr.exe"
"VAIO Recovery"="C:\\WINDOWS\\Sonysys\\VAIO Recovery\\PartSeal.exe"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"CanonMyPrinter"="C:\\Program Files\\Canon\\MyPrinter\\BJMyPrt.exe /logon"
"SSBkgdUpdate"="\"C:\\Program Files\\Common Files\\Scansoft Shared\\SSBkgdUpdate\\SSBkgdupdate.exe\" -Embedding -boot"
"OpwareSE4"="\"C:\\Program Files\\ScanSoft\\OmniPageSE4.0\\OpwareSE4.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_03\\bin\\jusched.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"
"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"SmcService"="C:\\PROGRA~1\\Sygate\\SPF\\smc.exe -startgui"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"ATI DeviceDetect"="C:\\Program Files\\ATI Multimedia\\main\\ATIDtct.EXE"
"ATI Remote Control"="C:\\Program Files\\ATI Multimedia\\RemCtrl\\ATIRW.exe"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Yahoo! Pager"="\"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YAHOOM~1.EXE\" -quiet"
"ccleaner"="\"C:\\Program Files\\CCleaner\\ccleaner.exe\" /AUTO"
"PhotoShow Deluxe Media Manager"="C:\\PROGRA~1\\SIMPLE~1\\PHOTOS~1\\data\\Xtras\\mssysmgr.exe"
"SpybotSD TeaTimer"="C:\\Program Files\\Spybot - Search & Destroy\\TeaTimer.exe"
....
Hosts file was reset, If you use a custom hosts file please replace it...
~~~~~ End report ~~~~~


Ok, heres the Combofix log:

ComboFix 07-11-08.3 - Greg 2007-11-13 15:08:12.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1473 [GMT -6:00]
Running from: C:\Documents and Settings\Greg\Desktop\ComboFix.exe
.

Unable to gain System Privileges

((((((((((((((((((((((((( Files Created from 2007-10-13 to 2007-11-13 )))))))))))))))))))))))))))))))
.

2007-11-13 14:51 <DIR> d-------- C:\Program Files\Trend Micro
2007-11-12 22:39 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Yahoo!
2007-11-12 22:39 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\IE7pro
2007-11-12 22:05 <DIR> d-------- C:\Program Files\Sygate
2007-11-12 22:05 83,096 --a------ C:\WINDOWS\system32\SSSensor.dll
2007-11-12 22:05 60,496 --a------ C:\WINDOWS\system32\drivers\Teefer.sys
2007-11-12 22:05 21,075 --a------ C:\WINDOWS\system32\drivers\wpsdrvnt.sys
2007-11-12 22:05 14,568 --a------ C:\WINDOWS\system32\drivers\wg6n.sys
2007-11-12 22:05 14,568 --a------ C:\WINDOWS\system32\drivers\wg5n.sys
2007-11-12 22:05 14,568 --a------ C:\WINDOWS\system32\drivers\wg4n.sys
2007-11-12 22:05 14,568 --a------ C:\WINDOWS\system32\drivers\wg3n.sys
2007-11-10 11:56 <DIR> d-------- C:\Program Files\Lavasoft
2007-11-10 11:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-11-10 11:55 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-10 10:11 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-09 20:14 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2007-11-02 17:07 <DIR> d-------- C:\Documents and Settings\Greg\Application Data\Move Networks
2007-10-31 14:33 <DIR> d-------- C:\Documents and Settings\Greg\.housecall6.6
2007-10-27 19:45 <DIR> d-------- C:\Documents and Settings\Greg\Application Data\Microsoft Games
2007-10-27 19:41 <DIR> d-------- C:\Program Files\GameSpy Arcade
2007-10-27 19:38 <DIR> d-------- C:\Program Files\Microsoft Games

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-13 02:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-09 20:28 --------- d-----w C:\Program Files\SpywareBlaster
2007-11-04 04:46 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-04 04:12 --------- d-----w C:\Program Files\MSN Games
2007-11-03 16:03 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-10-26 20:20 --------- d-----w C:\Program Files\Java
2007-10-25 17:05 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-10-25 17:05 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-10-25 17:03 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-10-25 17:01 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-10-25 16:58 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-10-07 23:19 --------- d-----w C:\Program Files\Google
2007-10-07 17:40 --------- d-----w C:\Program Files\SystemDefender
2007-10-07 13:31 --------- d-----w C:\Program Files\Yahoo! Games
2007-10-07 13:31 --------- d-----w C:\Program Files\XanaNews
2007-10-07 13:28 --------- d-----w C:\Program Files\GameFiesta
2007-10-06 17:33 --------- d-----w C:\Program Files\Apple Software Update
2007-10-05 21:33 737,280 ----a-w C:\WINDOWS\iun6002.exe
2007-10-05 21:33 --------- d-----w C:\Program Files\FireTune
2007-10-05 20:57 359,808 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS
2007-10-05 20:54 359,808 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS.ORIGINAL
2007-09-27 21:38 --------- d-----w C:\Program Files\iTunes
2007-09-27 21:38 --------- d-----w C:\Program Files\iPod
2007-09-26 03:05 --------- d-----w C:\Program Files\SpeedFan
2007-09-24 17:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Escape From Paradise
2007-09-23 23:01 --------- d-----w C:\Program Files\EZFace
2007-09-21 02:15 --------- d-----w C:\Documents and Settings\Greg\Application Data\Magus
2007-09-19 02:10 --------- d-----w C:\Program Files\Defraggler
2007-09-17 23:14 --------- d-----w C:\Documents and Settings\Greg\Application Data\PlayFirst
2007-09-17 23:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\PlayFirst
2007-09-16 19:26 --------- d-----w C:\Program Files\LimeWire
2007-09-14 00:42 --------- d-----w C:\Program Files\MoodLogic
2007-08-18 02:23 774,144 ----a-w C:\Program Files\RngInterstitial.dll
.

((((((((((((((((((((((((((((( snapshot@2007-11-10_10.19.44.01 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-10 17:56:44 1,038,336 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\Icon0E6AB9FC.exe
+ 2007-11-10 17:56:44 178,688 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\Icon0E6AB9FC1.exe
+ 2007-11-10 17:56:44 171,008 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\IconDED53B0B.exe
+ 2007-11-10 17:56:44 8,704 ----a-r C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\IconDED53B0B1.exe
+ 2007-11-13 04:05:48 4,608 ----a-r C:\WINDOWS\Installer\{F34D9A5F-484A-4E31-A9D3-908CB265B289}\IconC989D247.exe
+ 2007-07-11 19:37:26 6,272 ----a-w C:\WINDOWS\system32\drivers\AWRTPD.sys
+ 2007-08-07 18:58:08 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
+ 2007-08-07 18:56:58 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
+ 2004-10-16 00:31:58 99,480 ----a-w C:\WINDOWS\system32\FwsVpn.dll
+ 2007-04-13 20:19:52 7,680 ----a-w C:\WINDOWS\system32\lsdelete.exe
+ 2004-10-16 00:31:56 218,264 ----a-w C:\WINDOWS\system32\SetAid.dll
+ 2007-11-13 21:14:10 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_4bc.dat
+ 2007-11-13 21:13:16 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_574.dat
+ 2007-11-13 21:13:17 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_98.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-03 21:10]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-02-08 12:36]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-02-08 12:32]
"CreateCD_Reminder"="C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe" [2004-07-16 13:17]
"VAIO Update 2"="C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" [2005-01-14 14:43]
"VZRemoteCommander"="C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe" [2005-01-31 10:10]
"VAIO Recovery"="C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe" [2003-04-19 23:08]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-10-25 10:20]
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe" [2006-03-21 19:30]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-30 00:14]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 13:19]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 13:42]
"SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-10-15 19:40]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 10:24]
"ATI DeviceDetect"="C:\Program Files\ATI Multimedia\main\ATIDtct.EXE" [2004-11-04 18:13]
"ATI Remote Control"="C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe" [2004-08-26 23:51]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2006-11-30 21:49]
"ccleaner"="C:\Program Files\CCleaner\ccleaner.exe" [2007-11-06 01:31]
"PhotoShow Deluxe Media Manager"="C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe" [2005-01-21 18:04]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 15:46]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
ymetray.lnk - C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe [2007-08-28 12:09:10]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"system"="kdqoo.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=C:\WINDOWS\pss\Logitech SetPoint.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

R2 AdobeActiveFileMonitor;Adobe Active File Monitor;C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB
R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB

.
Contents of the 'Scheduled Tasks' folder
"2007-11-03 03:22:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-11-11 15:00:00 C:\WINDOWS\Tasks\rpc.job"
- C:\Program Files\Winferno\RegistryPowerCleaner\RegPowerClean.exe
"2007-11-10 01:00:00 C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job"
- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
.
**************************************************************************

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-13 15:13:44
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-13 15:15:40 - machine was rebooted
C:\ComboFix2.txt ... 2007-11-10 10:55
C:\ComboFix3.txt ... 2007-11-10 10:20
.
--- E O F ---


and once again any help is appreciated.

BC AdBot (Login to Remove)

 


#2 Bipolargandolf

Bipolargandolf
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:09:11 AM

Posted 17 November 2007 - 07:35 PM

How long does it typically take to get a reply on this website? Just wondering, this is my first time posting here

#3 Bipolargandolf

Bipolargandolf
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:09:11 AM

Posted 25 November 2007 - 08:19 PM

I must have stumped them since it's been a few weeks since I first posted this and no reply

#4 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,590 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:11 AM

Posted 27 November 2007 - 12:08 PM

I apologize for the very long delay. We have a huge backlog of HijackThis Logs to handle and it has been taking us greater time than normal to get caught up. If you are still having a problem, and want us to analyze your information, please post a brand new hijackthis log. If we do not hear back from you within a couple of days we will need to close your topic.

When posting your logs please post them directly into the reply. Do not attach them.

Also make sure you have already followed the steps outlined below:

Preparation Guide For Use Before Posting A Hijackthis Log

Thank you for your patience.

#5 Bipolargandolf

Bipolargandolf
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:09:11 AM

Posted 03 December 2007 - 06:20 PM

ok, hopefully you haven't closed the topic, heres a new hijack this log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:18:56 PM, on 12/3/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ATI Multimedia\main\ATIDtct.EXE
C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: IE7pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7pro\IE7pro.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: EWPBrowseObject Class - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: (no name) - {98828DED-A591-462F-83BA-D2F62A68B8B8} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [CreateCD_Reminder] C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\ATIDtct.EXE
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll
O9 - Extra 'Tools' menuitem: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {32305793-C19A-48E7-AD2F-D87FF7B264A4} (TenebrilSpywareScanner Control) - http://www.tenebril.com/assets/activeX/SpywareScannerV2.ocx
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://zone.msn.com/bingame/dsh2/default/D...h2.1.0.0.68.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165789270203
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/chnz/default/mjolauncher.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (MSN Games Texas Holdem Poker) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab60231.cab
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} (ZPA_SHVL Object) - http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://zone.msn.com/bingame/fotg/default/ddfotg.1.0.0.37.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/default/SproutLauncher.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/cnma/default/ct.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://zone.msn.com/bingame/dash/default/D...sh.1.0.0.94.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3698B8B7-7369-49FD-8AB7-47EA6363398E}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{C97AA0ED-25DC-4640-B258-D38B9C0274D2}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{D15F6213-42F4-411F-A556-7F3CB1B728BB}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: bw+0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)

--
End of file - 28555 bytes

#6 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,590 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:11 AM

Posted 04 December 2007 - 12:23 PM

Let's uninstall ComboFix

Please navigate to, and delete the following:

[*]Click on : Start >> Run...
[*]Type: Combofix /u and hit Enter
[/list]
Print out these instructions and then close all windows including Internet Explorer.

Then I want you to fix some of those entries. Please do the following:

Please make sure that you can view all hidden files. Instructions on how to do this can be found here:

How to see hidden files in Windows

Run Hijackthis again, click scan, and Put a checkmark next to each of these. Then click the Fix button:

O3 - Toolbar: (no name) - {98828DED-A591-462F-83BA-D2F62A68B8B8} - (no file)
O18 - Protocol: bw-0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

Reboot your computer.
  • Download Combofix to your desktop.

  • Doubleclick combofix.exe

  • Follow the prompts.
Don't click on the window while the fix is running, because that will cause your system to hang.

When finished, and after reboot if it asks for one, combofix will open again to gather the necessary information for the log. This may take a while so please be patient. When done, Combofix will close and a log should open called combofix.txt.

Post the contents of this log in your next reply along with a new hijackthislog.

Please do not post the ComboFix-quarantined-files.txt unless I ask you to.

#7 Bipolargandolf

Bipolargandolf
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:09:11 AM

Posted 04 December 2007 - 07:55 PM

I did uninstall combofix, although it says that this tutorial doesn't exist, or it says 404 not found

#8 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,590 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:11 AM

Posted 05 December 2007 - 10:43 PM

Please post a brand new HJT log.

#9 Bipolargandolf

Bipolargandolf
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:09:11 AM

Posted 06 December 2007 - 04:48 PM

here's your new hijack this log file

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:47:52 PM, on 12/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ATI Multimedia\main\ATIDtct.EXE
C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: IE7pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7pro\IE7pro.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: EWPBrowseObject Class - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: (no name) - {98828DED-A591-462F-83BA-D2F62A68B8B8} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [CreateCD_Reminder] C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\ATIDtct.EXE
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll
O9 - Extra 'Tools' menuitem: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {32305793-C19A-48E7-AD2F-D87FF7B264A4} (TenebrilSpywareScanner Control) - http://www.tenebril.com/assets/activeX/SpywareScannerV2.ocx
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://zone.msn.com/bingame/dsh2/default/D...h2.1.0.0.68.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165789270203
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/chnz/default/mjolauncher.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (MSN Games Texas Holdem Poker) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab60231.cab
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} (ZPA_SHVL Object) - http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://zone.msn.com/bingame/fotg/default/ddfotg.1.0.0.37.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/default/SproutLauncher.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/cnma/default/ct.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://zone.msn.com/bingame/dash/default/D...sh.1.0.0.94.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3698B8B7-7369-49FD-8AB7-47EA6363398E}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{C97AA0ED-25DC-4640-B258-D38B9C0274D2}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{D15F6213-42F4-411F-A556-7F3CB1B728BB}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: bw+0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)

--
End of file - 28555 bytes

#10 Bipolargandolf

Bipolargandolf
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:09:11 AM

Posted 06 December 2007 - 05:27 PM

ok, I decided to go ahead with the steps anyways, heres the combofix and Hijackthis logs.

ComboFix 07-12-05.2 - Greg 2007-12-06 16:18:04.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1407 [GMT -6:00]
Running from: C:\Documents and Settings\Greg\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2007-11-06 to 2007-12-06 )))))))))))))))))))))))))))))))
.

2007-11-28 18:20 . 2007-11-28 18:20 3,566 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-28 18:19 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-11-28 18:19 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-11-28 18:19 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-11-28 18:19 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-11-28 18:19 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-11-18 21:44 . 2007-11-18 22:13 7,433 --a------ C:\tempsend.dzk
2007-11-17 21:14 . 2007-11-18 22:46 <DIR> d-------- C:\Program Files\Rubies of Eventide
2007-11-13 14:51 . 2007-11-13 14:51 <DIR> d-------- C:\Program Files\Trend Micro
2007-11-12 22:39 . 2007-11-12 22:39 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Yahoo!
2007-11-12 22:39 . 2007-11-12 22:39 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\IE7pro
2007-11-12 22:05 . 2007-11-12 22:05 <DIR> d-------- C:\Program Files\Sygate
2007-11-12 22:05 . 2004-10-15 18:32 83,096 --a------ C:\WINDOWS\system32\SSSensor.dll
2007-11-12 22:05 . 2004-10-15 18:17 60,496 --a------ C:\WINDOWS\system32\drivers\Teefer.sys
2007-11-12 22:05 . 2004-10-15 18:18 21,075 --a------ C:\WINDOWS\system32\drivers\wpsdrvnt.sys
2007-11-12 22:05 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg6n.sys
2007-11-12 22:05 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg5n.sys
2007-11-12 22:05 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg4n.sys
2007-11-12 22:05 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg3n.sys
2007-11-10 11:56 . 2007-11-10 11:56 <DIR> d-------- C:\Program Files\Lavasoft
2007-11-10 11:56 . 2007-11-10 11:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-11-10 11:55 . 2007-11-10 11:55 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-09 20:14 . 2007-11-09 21:05 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\STOPzilla!

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-03 23:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-30 23:54 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-29 01:05 --------- d-----w C:\Program Files\SpywareBlaster
2007-11-28 00:13 --------- d-----w C:\Program Files\MSN Games
2007-11-16 21:29 --------- d-----w C:\Program Files\LimeWire
2007-11-03 16:03 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-02 23:08 --------- d-----w C:\Documents and Settings\Greg\Application Data\Move Networks
2007-10-28 01:45 --------- d-----w C:\Documents and Settings\Greg\Application Data\Microsoft Games
2007-10-28 01:41 --------- d-----w C:\Program Files\GameSpy Arcade
2007-10-28 01:38 --------- d-----w C:\Program Files\Microsoft Games
2007-10-26 20:20 --------- d-----w C:\Program Files\Java
2007-10-25 17:05 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-10-25 17:05 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-10-25 17:03 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-10-25 17:01 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-10-25 16:58 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-10-07 23:19 --------- d-----w C:\Program Files\Google
2007-10-07 17:40 --------- d-----w C:\Program Files\SystemDefender
2007-10-07 13:31 --------- d-----w C:\Program Files\Yahoo! Games
2007-10-07 13:31 --------- d-----w C:\Program Files\XanaNews
2007-10-07 13:28 --------- d-----w C:\Program Files\GameFiesta
2007-10-06 17:33 --------- d-----w C:\Program Files\Apple Software Update
2007-10-05 21:33 737,280 ----a-w C:\WINDOWS\iun6002.exe
2007-08-18 02:23 774,144 ----a-w C:\Program Files\RngInterstitial.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 10:24]
"ATI DeviceDetect"="C:\Program Files\ATI Multimedia\main\ATIDtct.EXE" [2004-11-04 18:13]
"ATI Remote Control"="C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe" [2004-08-26 23:51]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2006-11-30 21:49]
"ccleaner"="C:\Program Files\CCleaner\ccleaner.exe" [2007-11-22 10:10]
"PhotoShow Deluxe Media Manager"="C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe" [2005-01-21 18:04]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 15:46]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-03 21:10]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-02-08 12:36]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-02-08 12:32]
"CreateCD_Reminder"="C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe" [2004-07-16 13:17]
"VAIO Update 2"="C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" [2005-01-14 14:43]
"VZRemoteCommander"="C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe" [2005-01-31 10:10]
"VAIO Recovery"="C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe" [2003-04-19 23:08]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-10-25 10:20]
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe" [2006-03-21 19:30]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-30 00:14]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 13:19]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 13:42]
"SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-10-15 19:40]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2007-08-13 18:04]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
ymetray.lnk - C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe [2007-08-28 12:09:10]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"system"="kdqoo.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=C:\WINDOWS\pss\Logitech SetPoint.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
2007-07-13 19:45 32768 --a------ C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

R2 AdobeActiveFileMonitor;Adobe Active File Monitor;C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB
R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB

.
Contents of the 'Scheduled Tasks' folder
"2007-11-24 04:22:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-11-11 15:00:00 C:\WINDOWS\Tasks\rpc.job"
- C:\Program Files\Winferno\RegistryPowerCleaner\RegPowerClean.exe
"2007-12-05 01:00:00 C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job"
- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
.
**************************************************************************

catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-06 16:21:50
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-06 16:23:57 - machine was rebooted
C:\ComboFix2.txt ... 2007-11-13 15:15
C:\ComboFix3.txt ... 2007-11-10 10:55
.
--- E O F ---


and the hijackthis log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:26:38 PM, on 12/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ATI Multimedia\main\ATIDtct.EXE
C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: IE7pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7pro\IE7pro.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: EWPBrowseObject Class - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [CreateCD_Reminder] C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\ATIDtct.EXE
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll
O9 - Extra 'Tools' menuitem: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {32305793-C19A-48E7-AD2F-D87FF7B264A4} (TenebrilSpywareScanner Control) - http://www.tenebril.com/assets/activeX/SpywareScannerV2.ocx
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://zone.msn.com/bingame/dsh2/default/D...h2.1.0.0.68.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165789270203
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/chnz/default/mjolauncher.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (MSN Games Texas Holdem Poker) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab60231.cab
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} (ZPA_SHVL Object) - http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://zone.msn.com/bingame/fotg/default/ddfotg.1.0.0.37.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/default/SproutLauncher.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/cnma/default/ct.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://zone.msn.com/bingame/dash/default/D...sh.1.0.0.94.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3698B8B7-7369-49FD-8AB7-47EA6363398E}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{C97AA0ED-25DC-4640-B258-D38B9C0274D2}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{D15F6213-42F4-411F-A556-7F3CB1B728BB}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: bw-0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)

--
End of file - 17052 bytes

#11 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,590 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:11 AM

Posted 11 December 2007 - 01:34 PM

In the future, please do not run any tools without being asked to. Doing so may cause problems when attempting to fix your computer.


* Open notepad - don't use any other texteditor than notepad or the script will fail.
Copy/paste the text in the quotebox below into notepad:

File::
C:\Windows\System32\kdqoo.exe

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"system"=-


Save this as the txtfile CFScript

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

Posted Image

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThislog.

#12 Bipolargandolf

Bipolargandolf
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:09:11 AM

Posted 11 December 2007 - 04:33 PM

ok, here are the 2 logs you requested:

First Combofix

ComboFix 07-12-05.2 - Greg 2007-12-11 15:22:50.5 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1484 [GMT -6:00]
Running from: C:\Documents and Settings\Greg\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Greg\Desktop\CFScript.txt
* Created a new restore point

FILE
C:\Windows\System32\kdqoo.exe
.

((((((((((((((((((((((((( Files Created from 2007-11-11 to 2007-12-11 )))))))))))))))))))))))))))))))
.

2007-12-09 12:43 . 2007-12-09 12:43 <DIR> d-------- C:\Program Files\iPod
2007-12-07 17:43 . 2001-08-17 13:28 771,581 --a--c--- C:\WINDOWS\system32\dllcache\winacisa.sys
2007-12-07 17:42 . 2001-08-17 13:28 794,654 --a--c--- C:\WINDOWS\system32\dllcache\usr1801.sys
2007-12-07 17:41 . 2001-08-17 22:36 525,568 --a--c--- C:\WINDOWS\system32\dllcache\tridxp.dll
2007-12-07 17:40 . 2004-08-04 06:00 571,392 --a--c--- C:\WINDOWS\system32\dllcache\tintlgnt.ime
2007-12-07 17:39 . 2001-08-17 12:18 285,760 --a--c--- C:\WINDOWS\system32\dllcache\stlnata.sys
2007-12-07 17:38 . 2004-08-04 06:00 456,704 --a--c--- C:\WINDOWS\system32\dllcache\smtpsvc.dll
2007-12-07 17:37 . 2004-08-03 22:41 404,990 --a--c--- C:\WINDOWS\system32\dllcache\slntamr.sys
2007-12-07 17:36 . 2001-08-17 22:36 495,616 --a--c--- C:\WINDOWS\system32\dllcache\sblfx.dll
2007-12-07 17:35 . 2004-08-04 00:56 397,056 --a--c--- C:\WINDOWS\system32\dllcache\s3gnb.dll
2007-12-07 17:34 . 2001-08-17 13:28 899,146 --a--c--- C:\WINDOWS\system32\dllcache\r2mdkxga.sys
2007-12-07 17:33 . 2004-08-04 06:00 482,304 --a--c--- C:\WINDOWS\system32\dllcache\pintlgnt.ime
2007-12-07 17:32 . 2001-08-17 14:05 351,616 --a--c--- C:\WINDOWS\system32\dllcache\ovcodek2.sys
2007-12-07 17:31 . 2004-08-04 00:56 4,274,816 --a--c--- C:\WINDOWS\system32\dllcache\nv4_disp.dll
2007-12-07 17:30 . 2004-08-04 06:00 1,875,968 --a--c--- C:\WINDOWS\system32\dllcache\msir3jp.lex
2007-12-07 17:29 . 2001-08-17 12:50 320,384 --a--c--- C:\WINDOWS\system32\dllcache\mgaum.sys
2007-12-07 17:28 . 2004-08-04 06:00 1,158,818 --a--c--- C:\WINDOWS\system32\dllcache\korwbrkr.lex
2007-12-07 17:27 . 2004-08-04 06:00 811,064 --a--c--- C:\WINDOWS\system32\dllcache\imjp81k.dll
2007-12-07 17:26 . 2004-08-04 06:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2007-12-07 17:25 . 2001-08-17 13:28 907,456 --a--c--- C:\WINDOWS\system32\dllcache\hcf_msft.sys
2007-12-07 17:24 . 2001-08-17 14:56 1,733,120 --a--c--- C:\WINDOWS\system32\dllcache\g400d.dll
2007-12-07 17:23 . 2001-08-17 13:28 634,134 --a--c--- C:\WINDOWS\system32\dllcache\el656ct5.sys
2007-12-07 17:22 . 2001-08-17 12:14 952,007 --a--c--- C:\WINDOWS\system32\dllcache\diwan.sys
2007-12-07 17:21 . 2004-08-04 06:00 1,677,824 --a--c--- C:\WINDOWS\system32\dllcache\chsbrkr.dll
2007-12-07 17:20 . 2001-08-17 13:28 871,388 --a--c--- C:\WINDOWS\system32\dllcache\bcmdm.sys
2007-12-07 17:19 . 2004-08-04 00:56 870,784 --a--c--- C:\WINDOWS\system32\dllcache\ati3d1ag.dll
2007-12-07 17:18 . 2004-05-13 00:39 876,653 --a--c--- C:\WINDOWS\system32\dllcache\fp4awel.dll
2007-11-28 18:20 . 2007-11-28 18:20 3,566 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-28 18:19 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-11-28 18:19 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-11-28 18:19 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-11-28 18:19 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-11-28 18:19 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-11-18 21:44 . 2007-11-18 22:13 7,433 --a------ C:\tempsend.dzk
2007-11-17 21:14 . 2007-11-18 22:46 <DIR> d-------- C:\Program Files\Rubies of Eventide
2007-11-14 23:43 . 2007-11-14 23:43 65,536 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2007-11-14 23:43 . 2007-11-14 23:43 49,152 --a------ C:\WINDOWS\system32\QuickTime.qts
2007-11-13 14:51 . 2007-11-13 14:51 <DIR> d-------- C:\Program Files\Trend Micro
2007-11-12 22:39 . 2007-11-12 22:39 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Yahoo!
2007-11-12 22:39 . 2007-11-12 22:39 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\IE7pro
2007-11-12 22:05 . 2007-11-12 22:05 <DIR> d-------- C:\Program Files\Sygate
2007-11-12 22:05 . 2004-10-15 18:32 83,096 --a------ C:\WINDOWS\system32\SSSensor.dll
2007-11-12 22:05 . 2004-10-15 18:17 60,496 --a------ C:\WINDOWS\system32\drivers\Teefer.sys
2007-11-12 22:05 . 2004-10-15 18:18 21,075 --a------ C:\WINDOWS\system32\drivers\wpsdrvnt.sys
2007-11-12 22:05 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg6n.sys
2007-11-12 22:05 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg5n.sys
2007-11-12 22:05 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg4n.sys
2007-11-12 22:05 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg3n.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-09 18:43 --------- d-----w C:\Program Files\iTunes
2007-12-09 18:42 --------- d-----w C:\Program Files\QuickTime
2007-12-09 04:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-30 23:54 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-29 01:05 --------- d-----w C:\Program Files\SpywareBlaster
2007-11-28 00:13 --------- d-----w C:\Program Files\MSN Games
2007-11-16 21:29 --------- d-----w C:\Program Files\LimeWire
2007-11-10 17:56 --------- d-----w C:\Program Files\Lavasoft
2007-11-10 17:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-11-10 17:55 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-11-10 03:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\STOPzilla!
2007-11-03 16:03 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-02 23:08 --------- d-----w C:\Documents and Settings\Greg\Application Data\Move Networks
2007-10-28 01:45 --------- d-----w C:\Documents and Settings\Greg\Application Data\Microsoft Games
2007-10-28 01:41 --------- d-----w C:\Program Files\GameSpy Arcade
2007-10-28 01:38 --------- d-----w C:\Program Files\Microsoft Games
2007-10-26 20:20 --------- d-----w C:\Program Files\Java
2007-10-25 17:05 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-10-25 17:05 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-10-25 17:03 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-10-25 17:01 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-10-25 16:58 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-10-05 21:33 737,280 ----a-w C:\WINDOWS\iun6002.exe
2007-08-18 02:23 774,144 ----a-w C:\Program Files\RngInterstitial.dll
.

((((((((((((((((((((((((((((( snapshot@2007-12-06_16.23.05.81 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-09-04 22:54:50 1,930,592 ----a-w C:\WINDOWS\Downloaded Program Files\Sweetopia.1.0.0.46.dll
+ 2007-12-09 18:43:49 102,400 ----a-r C:\WINDOWS\Installer\{4F5CE18C-D97D-48FF-A510-A0D90C918294}\iTunesIco.exe
+ 2001-08-17 20:06:48 11,264 -c--a-w C:\WINDOWS\system32\dllcache\1394vdbg.sys
+ 2001-08-17 19:28:00 762,780 -c--a-w C:\WINDOWS\system32\dllcache\3cwmcru.sys
+ 2001-08-17 20:55:58 689,216 -c--a-w C:\WINDOWS\system32\dllcache\3dfxvs.dll
+ 2001-08-17 18:48:32 148,352 -c--a-w C:\WINDOWS\system32\dllcache\3dfxvsm.sys
+ 2004-08-04 05:00:04 12,288 -c--a-w C:\WINDOWS\system32\dllcache\4mmdat.sys
+ 2004-08-04 05:10:12 48,128 -c--a-w C:\WINDOWS\system32\dllcache\61883.sys
+ 2001-08-17 20:55:58 38,400 -c--a-w C:\WINDOWS\system32\dllcache\8514a.dll
+ 2001-08-18 04:36:10 98,304 -c--a-w C:\WINDOWS\system32\dllcache\a3d.dll
+ 2001-08-18 04:36:10 462,848 -c--a-w C:\WINDOWS\system32\dllcache\a3dapi.dll
+ 2001-08-17 19:52:00 23,552 -c--a-w C:\WINDOWS\system32\dllcache\abp480n5.sys
+ 2004-08-04 04:32:22 231,552 -c--a-w C:\WINDOWS\system32\dllcache\ac97ali.sys
+ 2001-08-17 18:20:04 96,256 -c--a-w C:\WINDOWS\system32\dllcache\ac97intc.sys
+ 2001-08-17 18:20:16 297,728 -c--a-w C:\WINDOWS\system32\dllcache\ac97sis.sys
+ 2004-08-04 04:32:32 84,480 -c--a-w C:\WINDOWS\system32\dllcache\ac97via.sys
+ 2004-08-04 12:00:00 64,512 -c--a-w C:\WINDOWS\system32\dllcache\acctres.dll
+ 2004-08-04 12:00:00 183,808 -c--a-w C:\WINDOWS\system32\dllcache\accwiz.exe
+ 2001-08-18 04:36:10 61,440 -c--a-w C:\WINDOWS\system32\dllcache\acerscad.dll
+ 2004-08-04 12:00:00 1,852,416 -c--a-w C:\WINDOWS\system32\dllcache\acgenral.dll
+ 2004-08-04 12:00:00 129,536 -c--a-w C:\WINDOWS\system32\dllcache\acledit.dll
+ 2004-08-04 12:00:00 114,688 -c--a-w C:\WINDOWS\system32\dllcache\aclui.dll
+ 2004-08-04 12:00:00 187,776 -c--a-w C:\WINDOWS\system32\dllcache\acpi.sys
+ 2004-08-04 12:00:00 194,048 -c--a-w C:\WINDOWS\system32\dllcache\activeds.dll
+ 2004-08-04 12:00:00 101,888 -c--a-w C:\WINDOWS\system32\dllcache\actxprxy.dll
+ 2001-08-17 19:53:02 7,424 -c--a-w C:\WINDOWS\system32\dllcache\adicvls.sys
+ 2001-08-17 18:11:18 20,160 -c--a-w C:\WINDOWS\system32\dllcache\adm8511.sys
+ 2001-08-17 18:19:10 584,448 -c--a-w C:\WINDOWS\system32\dllcache\adm8810.sys
+ 2001-08-17 18:19:14 553,984 -c--a-w C:\WINDOWS\system32\dllcache\adm8820.sys
+ 2001-08-17 18:19:14 747,392 -c--a-w C:\WINDOWS\system32\dllcache\adm8830.sys
+ 2003-03-24 22:52:04 20,540 -c--a-w C:\WINDOWS\system32\dllcache\admin.dll
+ 2003-03-24 22:52:04 16,439 -c--a-w C:\WINDOWS\system32\dllcache\admin.exe
+ 2004-08-04 04:32:24 10,880 -c--a-w C:\WINDOWS\system32\dllcache\admjoy.sys
+ 2001-08-17 18:11:16 46,112 -c--a-w C:\WINDOWS\system32\dllcache\adptsf50.sys
+ 2001-08-17 20:07:32 101,888 -c--a-w C:\WINDOWS\system32\dllcache\adpu160m.sys
+ 2004-08-04 12:00:00 143,360 -c--a-w C:\WINDOWS\system32\dllcache\adsldpc.dll
+ 2004-08-04 06:56:42 4,255 -c--a-w C:\WINDOWS\system32\dllcache\adv01nt5.dll
+ 2004-08-04 06:56:42 3,967 -c--a-w C:\WINDOWS\system32\dllcache\adv02nt5.dll
+ 2004-08-04 06:56:42 3,615 -c--a-w C:\WINDOWS\system32\dllcache\adv05nt5.dll
+ 2004-08-04 06:56:42 3,647 -c--a-w C:\WINDOWS\system32\dllcache\adv07nt5.dll
+ 2004-08-04 06:56:42 3,135 -c--a-w C:\WINDOWS\system32\dllcache\adv08nt5.dll
+ 2004-08-04 06:56:42 3,711 -c--a-w C:\WINDOWS\system32\dllcache\adv09nt5.dll
+ 2004-08-04 06:56:42 3,775 -c--a-w C:\WINDOWS\system32\dllcache\adv11nt5.dll
+ 2004-08-04 12:00:00 616,960 -c--a-w C:\WINDOWS\system32\dllcache\advapi32.dll
+ 2006-02-15 00:22:26 142,464 -c--a-w C:\WINDOWS\system32\dllcache\aec.sys
+ 2004-08-04 12:00:00 138,496 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys
+ 2004-08-04 05:07:42 42,368 -c--a-w C:\WINDOWS\system32\dllcache\agp440.sys
+ 2004-08-04 05:07:44 44,928 -c--a-w C:\WINDOWS\system32\dllcache\agpcpq.sys
+ 2004-08-04 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0401.dll
+ 2004-08-04 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0404.dll
+ 2004-08-04 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt040d.dll
+ 2004-08-04 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0411.dll
+ 2004-08-04 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0412.dll
+ 2004-08-04 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\agt0804.dll
+ 2001-08-17 19:52:02 12,800 -c--a-w C:\WINDOWS\system32\dllcache\aha154x.sys
+ 2004-08-04 12:00:00 98,304 -c--a-w C:\WINDOWS\system32\dllcache\ahui.exe
+ 2001-08-17 20:07:36 55,168 -c--a-w C:\WINDOWS\system32\dllcache\aic78u2.sys
+ 2001-08-17 20:07:38 56,960 -c--a-w C:\WINDOWS\system32\dllcache\aic78xx.sys
+ 2004-08-04 12:00:00 44,544 -c--a-w C:\WINDOWS\system32\dllcache\alg.exe
+ 2001-08-17 18:11:18 27,678 -c--a-w C:\WINDOWS\system32\dllcache\ali5261.sys
+ 2001-08-17 19:49:02 26,624 -c--a-w C:\WINDOWS\system32\dllcache\alifir.sys
+ 2001-08-17 19:51:56 5,248 -c--a-w C:\WINDOWS\system32\dllcache\aliide.sys
+ 2004-08-04 05:07:42 42,752 -c--a-w C:\WINDOWS\system32\dllcache\alim1541.sys
+ 2004-08-04 12:00:00 17,408 -c--a-w C:\WINDOWS\system32\dllcache\alrsvc.dll
+ 2001-08-17 18:11:20 16,969 -c--a-w C:\WINDOWS\system32\dllcache\amb8002.sys
+ 2004-08-04 05:07:44 43,008 -c--a-w C:\WINDOWS\system32\dllcache\amdagp.sys
+ 2001-08-17 19:52:04 12,032 -c--a-w C:\WINDOWS\system32\dllcache\amsint.sys
+ 2004-08-04 12:00:00 70,656 -c--a-w C:\WINDOWS\system32\dllcache\amstream.dll
+ 2004-08-04 04:31:20 36,224 -c--a-w C:\WINDOWS\system32\dllcache\an983.sys
+ 2004-08-04 12:00:00 102,912 -c--a-w C:\WINDOWS\system32\dllcache\apcups.dll
+ 2001-08-17 19:47:22 6,272 -c--a-w C:\WINDOWS\system32\dllcache\apmbatt.sys
+ 2004-08-04 12:00:00 12,498 -c--a-w C:\WINDOWS\system32\dllcache\append.exe
+ 2004-08-04 12:00:00 126,976 -c--a-w C:\WINDOWS\system32\dllcache\apphelp.dll
+ 2004-08-04 12:00:00 331,264 -c--a-w C:\WINDOWS\system32\dllcache\aqueue.dll
+ 2004-08-04 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\arp.exe
+ 2004-08-04 12:00:00 60,800 -c--a-w C:\WINDOWS\system32\dllcache\arp1394.sys
+ 2001-08-17 19:52:00 26,496 -c--a-w C:\WINDOWS\system32\dllcache\asc.sys
+ 2001-08-17 19:52:04 22,400 -c--a-w C:\WINDOWS\system32\dllcache\asc3350p.sys
+ 2001-08-17 19:51:58 14,848 -c--a-w C:\WINDOWS\system32\dllcache\asc3550.sys
+ 2001-08-17 18:12:34 97,354 -c--a-w C:\WINDOWS\system32\dllcache\aspndis3.sys
+ 2004-08-04 12:00:00 65,024 -c--a-w C:\WINDOWS\system32\dllcache\asycfilt.dll
+ 2004-08-04 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\asyncmac.sys
+ 2004-08-04 12:00:00 25,088 -c--a-w C:\WINDOWS\system32\dllcache\at.exe
+ 2004-08-04 05:59:44 95,360 -c--a-w C:\WINDOWS\system32\dllcache\atapi.sys
+ 2001-08-17 20:55:58 96,128 -c--a-w C:\WINDOWS\system32\dllcache\ati.dll
+ 2001-08-17 19:57:12 77,568 -c--a-w C:\WINDOWS\system32\dllcache\ati.sys
+ 2004-08-04 04:29:30 56,623 -c--a-w C:\WINDOWS\system32\dllcache\ati1btxx.sys
+ 2004-08-04 04:29:30 11,615 -c--a-w C:\WINDOWS\system32\dllcache\ati1mdxx.sys
+ 2004-08-04 04:29:30 12,047 -c--a-w C:\WINDOWS\system32\dllcache\ati1pdxx.sys
+ 2004-08-04 04:29:32 30,671 -c--a-w C:\WINDOWS\system32\dllcache\ati1raxx.sys
+ 2004-08-04 04:29:32 63,663 -c--a-w C:\WINDOWS\system32\dllcache\ati1rvxx.sys
+ 2004-08-04 04:29:32 26,367 -c--a-w C:\WINDOWS\system32\dllcache\ati1snxx.sys
+ 2004-08-04 04:29:32 21,343 -c--a-w C:\WINDOWS\system32\dllcache\ati1ttxx.sys
+ 2004-08-04 04:29:32 36,463 -c--a-w C:\WINDOWS\system32\dllcache\ati1tuxx.sys
+ 2004-08-04 04:29:32 29,455 -c--a-w C:\WINDOWS\system32\dllcache\ati1xbxx.sys
+ 2004-08-04 04:29:32 34,735 -c--a-w C:\WINDOWS\system32\dllcache\ati1xsxx.sys
- 2004-11-04 02:26:58 249,856 -c--a-w C:\WINDOWS\system32\dllcache\ati2cqag.dll
+ 2006-02-22 01:04:50 258,048 -c--a-w C:\WINDOWS\system32\dllcache\ati2cqag.dll
+ 2004-08-04 06:56:42 377,984 -c--a-w C:\WINDOWS\system32\dllcache\ati2dvaa.dll
- 2004-11-04 02:40:24 214,528 -c--a-w C:\WINDOWS\system32\dllcache\ati2dvag.dll
+ 2006-02-22 01:46:48 256,512 -c--a-w C:\WINDOWS\system32\dllcache\ati2dvag.dll
+ 2004-08-04 04:29:28 327,040 -c--a-w C:\WINDOWS\system32\dllcache\ati2mtaa.sys
- 2004-11-04 02:37:06 2,285,632 -c--a-w C:\WINDOWS\system32\dllcache\ati3duag.dll
+ 2006-02-22 01:30:46 2,636,672 -c--a-w C:\WINDOWS\system32\dllcache\ati3duag.dll
+ 2001-08-17 18:49:04 46,464 -c--a-w C:\WINDOWS\system32\dllcache\atibt829.sys
+ 2001-08-17 20:55:58 382,592 -c--a-w C:\WINDOWS\system32\dllcache\atidrab.dll
+ 2001-08-17 20:56:00 137,216 -c--a-w C:\WINDOWS\system32\dllcache\atidrae.dll
+ 2001-08-17 20:56:00 268,160 -c--a-w C:\WINDOWS\system32\dllcache\atidvai.dll
+ 2001-08-18 04:36:38 37,376 -c--a-w C:\WINDOWS\system32\dllcache\atievxx.exe
+ 2001-08-17 18:48:56 289,664 -c--a-w C:\WINDOWS\system32\dllcache\atimpab.sys
+ 2001-08-17 18:49:00 75,136 -c--a-w C:\WINDOWS\system32\dllcache\atimpae.sys
+ 2001-08-17 18:48:40 281,600 -c--a-w C:\WINDOWS\system32\dllcache\atimtai.sys
+ 2004-08-04 04:29:28 57,856 -c--a-w C:\WINDOWS\system32\dllcache\atinbtxx.sys
+ 2004-08-04 04:29:32 104,960 -c--a-w C:\WINDOWS\system32\dllcache\atinrvxx.sys
+ 2004-08-04 04:29:32 28,672 -c--a-w C:\WINDOWS\system32\dllcache\atinsnxx.sys
+ 2004-08-04 04:29:32 13,824 -c--a-w C:\WINDOWS\system32\dllcache\atinttxx.sys
+ 2004-08-04 04:29:32 73,216 -c--a-w C:\WINDOWS\system32\dllcache\atintuxx.sys
+ 2004-08-04 04:29:32 31,744 -c--a-w C:\WINDOWS\system32\dllcache\atinxbxx.sys
+ 2004-08-04 04:29:32 63,488 -c--a-w C:\WINDOWS\system32\dllcache\atinxsxx.sys
+ 2001-08-17 18:49:36 10,240 -c--a-w C:\WINDOWS\system32\dllcache\atipcxxx.sys
+ 2001-08-17 20:56:00 104,832 -c--a-w C:\WINDOWS\system32\dllcache\atiraged.dll
+ 2001-08-17 18:48:48 70,528 -c--a-w C:\WINDOWS\system32\dllcache\atiragem.sys
+ 2001-08-17 18:49:12 49,920 -c--a-w C:\WINDOWS\system32\dllcache\atirtcap.sys
+ 2001-08-17 18:49:18 26,880 -c--a-w C:\WINDOWS\system32\dllcache\atirtsnd.sys
+ 2001-08-17 18:49:22 17,152 -c--a-w C:\WINDOWS\system32\dllcache\atitunep.sys
+ 2001-08-17 18:49:28 17,152 -c--a-w C:\WINDOWS\system32\dllcache\atitvsnd.sys
+ 2001-08-17 18:49:38 9,472 -c--a-w C:\WINDOWS\system32\dllcache\ativmdcd.sys
+ 2001-08-17 18:49:44 19,456 -c--a-w C:\WINDOWS\system32\dllcache\ativttxx.sys
- 2004-11-04 02:31:48 448,000 -c--a-w C:\WINDOWS\system32\dllcache\ativvaxx.dll
+ 2006-02-22 01:24:30 860,480 -c--a-w C:\WINDOWS\system32\dllcache\ativvaxx.dll
+ 2001-08-17 18:49:48 26,624 -c--a-w C:\WINDOWS\system32\dllcache\ativxbar.sys
+ 2001-08-17 18:49:34 23,552 -c--a-w C:\WINDOWS\system32\dllcache\atixbar.sys
+ 2004-08-04 12:00:00 13,312 -c--a-w C:\WINDOWS\system32\dllcache\atkctrs.dll
+ 2004-08-04 12:00:00 58,880 -c--a-w C:\WINDOWS\system32\dllcache\atl.dll
+ 2004-08-04 12:00:00 11,264 -c--a-w C:\WINDOWS\system32\dllcache\atmadm.exe
+ 2004-08-04 12:00:00 59,904 -c--a-w C:\WINDOWS\system32\dllcache\atmarpc.sys
+ 2004-08-04 12:00:00 285,696 -c--a-w C:\WINDOWS\system32\dllcache\atmfd.dll
+ 2004-08-04 12:00:00 30,208 -c--a-w C:\WINDOWS\system32\dllcache\atmlib.dll
+ 2004-08-04 12:00:00 11,264 -c--a-w C:\WINDOWS\system32\dllcache\attrib.exe
+ 2004-08-04 06:56:42 21,183 -c--a-w C:\WINDOWS\system32\dllcache\atv01nt5.dll
+ 2004-08-04 06:56:42 11,359 -c--a-w C:\WINDOWS\system32\dllcache\atv02nt5.dll
+ 2004-08-04 06:56:42 25,471 -c--a-w C:\WINDOWS\system32\dllcache\atv04nt5.dll
+ 2004-08-04 06:56:42 14,143 -c--a-w C:\WINDOWS\system32\dllcache\atv06nt5.dll
+ 2004-08-04 06:56:42 17,279 -c--a-w C:\WINDOWS\system32\dllcache\atv10nt5.dll
+ 2004-08-04 12:00:00 42,496 -c--a-w C:\WINDOWS\system32\dllcache\audiosrv.dll
+ 2004-08-04 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\auditusr.exe
+ 2001-08-17 13:59:44 3,072 -c--a-w C:\WINDOWS\system32\dllcache\audstub.sys
+ 2003-03-24 22:52:04 20,540 -c--a-w C:\WINDOWS\system32\dllcache\author.dll
+ 2003-03-24 22:52:04 16,439 -c--a-w C:\WINDOWS\system32\dllcache\author.exe
+ 2005-03-02 18:09:29 56,832 -c--a-w C:\WINDOWS\system32\dllcache\authz.dll
+ 2004-08-04 12:00:00 588,800 -c--a-w C:\WINDOWS\system32\dllcache\autochk.exe
+ 2004-08-04 12:00:00 602,624 -c--a-w C:\WINDOWS\system32\dllcache\autoconv.exe
+ 2004-08-04 12:00:00 80,384 -c--a-w C:\WINDOWS\system32\dllcache\autodisc.dll
+ 2004-08-04 12:00:00 580,608 -c--a-w C:\WINDOWS\system32\dllcache\autofmt.exe
+ 2004-08-04 12:00:00 11,264 -c--a-w C:\WINDOWS\system32\dllcache\autolfn.exe
+ 2004-08-04 05:10:12 38,912 -c--a-w C:\WINDOWS\system32\dllcache\avc.sys
+ 2001-08-17 20:01:12 36,096 -c--a-w C:\WINDOWS\system32\dllcache\avcaudio.sys
+ 2004-08-04 05:10:00 13,696 -c--a-w C:\WINDOWS\system32\dllcache\avcstrm.sys
+ 2004-08-04 12:00:00 64,000 -c--a-w C:\WINDOWS\system32\dllcache\avicap32.dll
+ 2004-08-04 12:00:00 84,992 -c--a-w C:\WINDOWS\system32\dllcache\avifil32.dll
+ 2001-08-18 04:36:10 87,552 -c--a-w C:\WINDOWS\system32\dllcache\avmcoxp.dll
+ 2001-08-18 04:36:10 144,384 -c--a-w C:\WINDOWS\system32\dllcache\avmenum.dll
+ 2004-08-04 12:00:00 16,384 -c--a-w C:\WINDOWS\system32\dllcache\avmeter.dll
+ 2001-08-17 18:13:48 37,568 -c--a-w C:\WINDOWS\system32\dllcache\avmwan.sys
+ 2004-08-04 12:00:00 73,216 -c--a-w C:\WINDOWS\system32\dllcache\avwav.dll
+ 2001-08-17 18:19:16 36,992 -c--a-w C:\WINDOWS\system32\dllcache\aztw2320.sys
+ 2001-08-17 18:13:56 89,952 -c--a-w C:\WINDOWS\system32\dllcache\b1cbase.sys
+ 2001-08-17 18:11:30 96,640 -c--a-w C:\WINDOWS\system32\dllcache\b57xp32.sys
+ 2001-08-17 20:56:00 342,336 -c--a-w C:\WINDOWS\system32\dllcache\banshee.dll
+ 2001-08-17 18:48:28 36,128 -c--a-w C:\WINDOWS\system32\dllcache\banshee.sys
+ 2004-08-04 12:00:00 52,736 -c--a-w C:\WINDOWS\system32\dllcache\basesrv.dll
+ 2004-08-04 12:00:00 28,672 -c--a-w C:\WINDOWS\system32\dllcache\batmeter.dll
+ 2001-08-17 19:57:54 14,080 -c--a-w C:\WINDOWS\system32\dllcache\battc.sys
+ 2004-08-04 12:00:00 1,817,687 -c--a-w C:\WINDOWS\system32\dllcache\bckgres.dll
+ 2001-08-17 18:11:28 66,557 -c--a-w C:\WINDOWS\system32\dllcache\bcm42u.sys
+ 2001-08-17 18:11:26 54,271 -c--a-w C:\WINDOWS\system32\dllcache\bcm42xx5.sys
+ 2001-08-17 18:11:30 26,568 -c--a-w C:\WINDOWS\system32\dllcache\bcm4e5.sys
+ 2004-08-04 05:10:14 11,776 -c--a-w C:\WINDOWS\system32\dllcache\bdasup.sys
+ 2004-08-04 12:00:00 4,224 -c--a-w C:\WINDOWS\system32\dllcache\beep.sys
+ 2004-08-04 12:00:00 17,408 -c--a-w C:\WINDOWS\system32\dllcache\bidispl.dll
+ 2001-08-18 04:36:10 102,400 -c--a-w C:\WINDOWS\system32\dllcache\binlsvc.dll
+ 2004-08-04 12:00:00 71,680 -c--a-w C:\WINDOWS\system32\dllcache\blastcln.exe
+ 2001-08-18 04:36:10 19,456 -c--a-w C:\WINDOWS\system32\dllcache\brbidiif.dll
+ 2001-08-18 04:36:10 9,728 -c--a-w C:\WINDOWS\system32\dllcache\brcoinst.dll
+ 2001-08-18 04:36:10 12,800 -c--a-w C:\WINDOWS\system32\dllcache\brevif.dll
+ 2001-08-17 19:12:22 12,160 -c--a-w C:\WINDOWS\system32\dllcache\brfiltlo.sys
+ 2001-08-17 19:12:24 3,968 -c--a-w C:\WINDOWS\system32\dllcache\brfiltup.sys
+ 2001-08-18 04:36:10 15,360 -c--a-w C:\WINDOWS\system32\dllcache\brmfbidi.dll
+ 2001-08-18 04:36:10 81,408 -c--a-w C:\WINDOWS\system32\dllcache\brmfcwia.dll
+ 2001-08-18 04:36:10 29,696 -c--a-w C:\WINDOWS\system32\dllcache\brmflpt.dll
+ 2001-08-18 04:36:38 32,256 -c--a-w C:\WINDOWS\system32\dllcache\brmfrsmg.exe
+ 2001-08-18 04:36:10 41,472 -c--a-w C:\WINDOWS\system32\dllcache\brmfusb.dll
+ 2004-08-04 12:00:00 63,488 -c--a-w C:\WINDOWS\system32\dllcache\browselc.dll
+ 2004-08-04 12:00:00 77,312 -c--a-w C:\WINDOWS\system32\dllcache\browser.dll
+ 2004-08-04 12:00:00 78,336 -c--a-w C:\WINDOWS\system32\dllcache\browsewm.dll
+ 2001-08-17 19:12:24 3,168 -c--a-w C:\WINDOWS\system32\dllcache\brparimg.sys
+ 2001-08-17 19:12:18 39,552 -c--a-w C:\WINDOWS\system32\dllcache\brparwdm.sys
+ 2001-08-18 04:36:10 5,120 -c--a-w C:\WINDOWS\system32\dllcache\brscnrsm.dll
+ 2001-08-18 04:36:10 9,728 -c--a-w C:\WINDOWS\system32\dllcache\brserif.dll
+ 2001-08-17 19:12:20 60,416 -c--a-w C:\WINDOWS\system32\dllcache\brserwdm.sys
+ 2001-08-17 19:12:20 11,008 -c--a-w C:\WINDOWS\system32\dllcache\brusbmdm.sys
+ 2001-08-17 19:12:22 10,368 -c--a-w C:\WINDOWS\system32\dllcache\brusbscn.sys
+ 2001-08-17 18:11:24 31,529 -c--a-w C:\WINDOWS\system32\dllcache\brzwlan.sys
+ 2004-08-04 12:00:00 20,992 -c--a-w C:\WINDOWS\system32\dllcache\bthci.dll
+ 2004-08-04 05:10:40 17,024 -c--a-w C:\WINDOWS\system32\dllcache\bthenum.sys
+ 2004-08-04 05:10:40 38,016 -c--a-w C:\WINDOWS\system32\dllcache\bthmodem.sys
+ 2004-08-04 04:58:40 100,992 -c--a-w C:\WINDOWS\system32\dllcache\bthpan.sys
+ 2004-08-04 05:10:38 274,304 -c--a-w C:\WINDOWS\system32\dllcache\bthport.sys
+ 2004-08-04 05:10:38 35,456 -c--a-w C:\WINDOWS\system32\dllcache\bthprint.sys
+ 2004-08-04 05:10:36 18,944 -c--a-w C:\WINDOWS\system32\dllcache\bthusb.sys
+ 2001-08-17 19:51:00 13,824 -c--a-w C:\WINDOWS\system32\dllcache\bulltlp3.sys
+ 2004-08-04 12:00:00 218,112 -c--a-w C:\WINDOWS\system32\dllcache\c_g18030.dll
+ 2004-08-04 12:00:00 6,656 -c--a-w C:\WINDOWS\system32\dllcache\c_is2022.dll
+ 2004-08-04 12:00:00 10,752 -c--a-w C:\WINDOWS\system32\dllcache\c_iscii.dll
+ 2004-08-04 12:00:00 59,904 -c--a-w C:\WINDOWS\system32\dllcache\cabinet.dll
+ 2004-08-04 12:00:00 84,480 -c--a-w C:\WINDOWS\system32\dllcache\cabview.dll
+ 2004-08-04 12:00:00 18,432 -c--a-w C:\WINDOWS\system32\dllcache\cacls.exe
+ 2004-08-04 12:00:00 114,688 -c--a-w C:\WINDOWS\system32\dllcache\calc.exe
+ 2001-08-17 20:05:48 314,752 -c--a-w C:\WINDOWS\system32\dllcache\camdro21.sys
+ 2001-08-17 20:04:46 223,232 -c--a-w C:\WINDOWS\system32\dllcache\camdrv21.sys
+ 2001-08-17 20:04:48 171,264 -c--a-w C:\WINDOWS\system32\dllcache\camdrv30.sys
+ 2001-08-18 04:36:10 74,240 -c--a-w C:\WINDOWS\system32\dllcache\camexo20.dll
+ 2001-08-18 04:36:10 236,032 -c--a-w C:\WINDOWS\system32\dllcache\camext20.dll
+ 2001-08-18 04:36:10 119,296 -c--a-w C:\WINDOWS\system32\dllcache\camext30.dll
+ 2004-08-04 12:00:00 54,528 -c--a-w C:\WINDOWS\system32\dllcache\cap7146.sys
+ 2004-08-04 12:00:00 142,848 -c--a-w C:\WINDOWS\system32\dllcache\capesnpn.dll
+ 2005-07-26 04:39:42 225,792 -c--a-w C:\WINDOWS\system32\dllcache\catsrv.dll
+ 2004-08-04 12:00:00 85,504 -c--a-w C:\WINDOWS\system32\dllcache\catsrvps.dll
+ 2005-07-26 04:39:43 625,152 -c--a-w C:\WINDOWS\system32\dllcache\catsrvut.dll
+ 2001-08-17 18:12:16 37,916 -c--a-w C:\WINDOWS\system32\dllcache\cb102.sys
+ 2001-08-17 18:12:42 39,680 -c--a-w C:\WINDOWS\system32\dllcache\cb325.sys
+ 2001-08-17 18:13:14 46,108 -c--a-w C:\WINDOWS\system32\dllcache\cben5.sys
+ 2001-08-17 19:28:16 714,698 -c--a-w C:\WINDOWS\system32\dllcache\cbmdmkxx.sys
+ 2001-08-17 19:52:06 7,680 -c--a-w C:\WINDOWS\system32\dllcache\cd20xrnt.sys
+ 2004-08-04 12:00:00 18,688 -c--a-w C:\WINDOWS\system32\dllcache\cdaudio.sys
+ 2004-08-04 12:00:00 63,744 -c--a-w C:\WINDOWS\system32\dllcache\cdfs.sys
+ 2004-08-04 12:00:00 15,872 -c--a-w C:\WINDOWS\system32\dllcache\cdmodem.dll
+ 2004-08-04 12:00:00 49,536 -c--a-w C:\WINDOWS\system32\dllcache\cdrom.sys
+ 2001-08-17 18:13:12 21,530 -c--a-w C:\WINDOWS\system32\dllcache\ce2n5.sys
+ 2001-08-17 18:13:20 27,164 -c--a-w C:\WINDOWS\system32\dllcache\ce3n5.sys
+ 2001-08-17 18:13:18 22,044 -c--a-w C:\WINDOWS\system32\dllcache\cem28n5.sys
+ 2001-08-17 18:13:18 22,044 -c--a-w C:\WINDOWS\system32\dllcache\cem33n5.sys
+ 2001-08-17 18:13:20 49,182 -c--a-w C:\WINDOWS\system32\dllcache\cem56n5.sys
+ 2004-08-04 12:00:00 194,560 -c--a-w C:\WINDOWS\system32\dllcache\certcli.dll
+ 2006-10-19 03:47:10 229,376 -c--a-w C:\WINDOWS\system32\dllcache\cewmdm.dll
+ 2004-08-04 12:00:00 16,896 -c--a-w C:\WINDOWS\system32\dllcache\cfgmgr32.dll
+ 2003-03-24 22:52:04 188,480 -c--a-w C:\WINDOWS\system32\dllcache\cfgwiz.exe
+ 2004-08-04 06:56:42 15,423 -c--a-w C:\WINDOWS\system32\dllcache\ch7xxnt5.dll
+ 2004-08-04 12:00:00 9,728 -c--a-w C:\WINDOWS\system32\dllcache\change.exe
+ 2004-08-04 05:00:14 8,192 -c--a-w C:\WINDOWS\system32\dllcache\changer.sys
+ 2004-08-04 12:00:00 80,384 -c--a-w C:\WINDOWS\system32\dllcache\charmap.exe
+ 2004-08-04 12:00:00 13,312 -c--a-w C:\WINDOWS\system32\dllcache\chglogon.exe
+ 2004-08-04 12:00:00 15,872 -c--a-w C:\WINDOWS\system32\dllcache\chgport.exe
+ 2004-08-04 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\chgusr.exe
+ 2004-08-04 12:00:00 11,776 -c--a-w C:\WINDOWS\system32\dllcache\chkdsk.exe
+ 2004-08-04 12:00:00 11,264 -c--a-w C:\WINDOWS\system32\dllcache\chkntfs.exe
+ 2004-08-04 12:00:00 780,885 -c--a-w C:\WINDOWS\system32\dllcache\chkrres.dll
+ 2004-08-04 12:00:00 838,144 -c--a-w C:\WINDOWS\system32\dllcache\chtbrkr.dll
+ 2004-08-04 12:00:00 97,792 -c--a-w C:\WINDOWS\system32\dllcache\chtmbx.dll
+ 2004-08-04 12:00:00 56,320 -c--a-w C:\WINDOWS\system32\dllcache\chtskdic.dll
+ 2004-08-04 12:00:00 173,568 -c--a-w C:\WINDOWS\system32\dllcache\chtskf.dll
+ 2004-08-04 12:00:00 109,568 -c--a-w C:\WINDOWS\system32\dllcache\cic.dll
+ 2001-08-17 18:13:38 980,034 -c--a-w C:\WINDOWS\system32\dllcache\cicap.sys
+ 2004-08-04 12:00:00 1,352,192 -c--a-w C:\WINDOWS\system32\dllcache\cimwin32.dll
+ 2001-08-17 20:02:48 272,640 -c--a-w C:\WINDOWS\system32\dllcache\cinemclc.sys
+ 2004-08-04 12:00:00 198,656 -c--a-w C:\WINDOWS\system32\dllcache\cintime.dll
+ 2004-08-04 12:00:00 480,256 -c--a-w C:\WINDOWS\system32\dllcache\cintsetp.exe
+ 2001-08-17 20:56:00 91,264 -c--a-w C:\WINDOWS\system32\dllcache\cirrus.dll
+ 2001-08-17 19:57:16 45,696 -c--a-w C:\WINDOWS\system32\dllcache\cirrus.sys
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\cisvc.exe
+ 2001-08-17 20:56:00 111,232 -c--a-w C:\WINDOWS\system32\dllcache\cl5465.dll
+ 2001-08-17 20:56:00 170,880 -c--a-w C:\WINDOWS\system32\dllcache\cl546x.dll
+ 2001-08-17 19:57:36 248,064 -c--a-w C:\WINDOWS\system32\dllcache\cl546xm.sys
+ 2004-08-04 12:00:00 10,752 -c--a-w C:\WINDOWS\system32\dllcache\clb.dll
+ 2005-07-26 04:39:43 110,080 -c--a-w C:\WINDOWS\system32\dllcache\clbcatex.dll
+ 2005-07-26 04:39:43 498,688 -c--a-w C:\WINDOWS\system32\dllcache\clbcatq.dll
+ 2004-08-04 12:00:00 64,000 -c--a-w C:\WINDOWS\system32\dllcache\cleanmgr.exe
+ 2004-08-04 12:00:00 102,912 -c--a-w C:\WINDOWS\system32\dllcache\clipbrd.exe
+ 2004-08-04 12:00:00 33,280 -c--a-w C:\WINDOWS\system32\dllcache\clipsrv.exe
+ 2004-08-04 12:00:00 57,856 -c--a-w C:\WINDOWS\system32\dllcache\clusapi.dll
+ 2004-08-04 05:07:40 14,080 -c--a-w C:\WINDOWS\system32\dllcache\cmbatt.sys
+ 2001-08-17 19:51:04 20,736 -c--a-w C:\WINDOWS\system32\dllcache\cmbp0wdm.sys
+ 2004-08-04 12:00:00 15,872 -c--a-w C:\WINDOWS\system32\dllcache\cmcfg32.dll
+ 2004-08-04 12:00:00 388,608 -c--a-w C:\WINDOWS\system32\dllcache\cmd.exe
+ 2001-08-17 19:51:54 6,656 -c--a-w C:\WINDOWS\system32\dllcache\cmdide.sys
+ 2004-08-04 12:00:00 47,104 -c--a-w C:\WINDOWS\system32\dllcache\cmdl32.exe
+ 2004-08-04 12:00:00 39,936 -c--a-w C:\WINDOWS\system32\dllcache\cmmon32.exe
+ 2004-08-04 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\cmpbk32.dll
+ 2004-08-04 12:00:00 13,824 -c--a-w C:\WINDOWS\system32\dllcache\cmsetacl.dll
+ 2004-08-04 12:00:00 63,488 -c--a-w C:\WINDOWS\system32\dllcache\cmstp.exe
+ 2004-08-04 12:00:00 47,104 -c--a-w C:\WINDOWS\system32\dllcache\cnbjmon.dll
+ 2001-08-18 04:36:10 44,032 -c--a-w C:\WINDOWS\system32\dllcache\cnusd.dll
+ 2001-08-17 18:11:42 39,936 -c--a-w C:\WINDOWS\system32\dllcache\cnxt1803.sys
+ 2005-07-26 04:39:43 60,416 -c--a-w C:\WINDOWS\system32\dllcache\colbact.dll
+ 2004-08-04 12:00:00 276,992 -c--a-w C:\WINDOWS\system32\dllcache\comdlg32.dll
+ 2004-08-04 12:00:00 15,872 -c--a-w C:\WINDOWS\system32\dllcache\comp.exe
+ 2004-08-04 12:00:00 17,408 -c--a-w C:\WINDOWS\system32\dllcache\compact.exe
+ 2004-08-04 12:00:00 252,928 -c--a-w C:\WINDOWS\system32\dllcache\compatui.dll
+ 2001-08-17 19:58:00 9,344 -c--a-w C:\WINDOWS\system32\dllcache\compbatt.sys
+ 2004-08-04 12:00:00 229,376 -c--a-w C:\WINDOWS\system32\dllcache\compstui.dll
+ 2005-07-26 04:39:44 97,792 -c--a-w C:\WINDOWS\system32\dllcache\comrepl.dll
+ 2004-08-04 12:00:00 792,064 -c--a-w C:\WINDOWS\system32\dllcache\comres.dll
+ 2004-08-04 12:00:00 259,584 -c--a-w C:\WINDOWS\system32\dllcache\comsetup.dll
+ 2005-07-26 04:39:44 1,267,200 -c--a-w C:\WINDOWS\system32\dllcache\comsvcs.dll
+ 2004-08-04 12:00:00 1,032,192 -c--a-w C:\WINDOWS\system32\dllcache\conf.exe
+ 2004-08-04 12:00:00 27,648 -c--a-w C:\WINDOWS\system32\dllcache\conime.exe
+ 2004-08-04 12:00:00 13,824 -c--a-w C:\WINDOWS\system32\dllcache\convert.exe
+ 2004-08-04 12:00:00 57,399 -c--a-w C:\WINDOWS\system32\dllcache\cplexe.exe
+ 2001-08-17 19:52:06 14,976 -c--a-w C:\WINDOWS\system32\dllcache\cpqarray.sys
+ 2001-08-17 18:13:14 21,533 -c--a-w C:\WINDOWS\system32\dllcache\cpqndis5.sys
+ 2001-08-17 18:11:32 60,970 -c--a-w C:\WINDOWS\system32\dllcache\cpqtrnd5.sys
+ 2004-08-04 12:00:00 18,944 -c--a-w C:\WINDOWS\system32\dllcache\cprofile.exe
+ 2001-08-18 04:36:10 216,064 -c--a-w C:\WINDOWS\system32\dllcache\cpscan.dll
+ 2004-08-04 12:00:00 163,840 -c--a-w C:\WINDOWS\system32\dllcache\credui.dll
+ 2001-08-17 18:19:18 42,112 -c--a-w C:\WINDOWS\system32\dllcache\crtaud.sys
+ 2004-08-04 12:00:00 149,019 -c--a-w C:\WINDOWS\system32\dllcache\crtdll.dll
+ 2004-08-04 12:00:00 597,504 -c--a-w C:\WINDOWS\system32\dllcache\crypt32.dll
+ 2004-08-04 12:00:00 74,752 -c--a-w C:\WINDOWS\system32\dllcache\cryptdlg.dll
+ 2004-08-04 12:00:00 33,280 -c--a-w C:\WINDOWS\system32\dllcache\cryptdll.dll
+ 2004-08-04 12:00:00 53,760 -c--a-w C:\WINDOWS\system32\dllcache\cryptext.dll
+ 2004-08-04 12:00:00 63,488 -c--a-w C:\WINDOWS\system32\dllcache\cryptnet.dll
+ 2004-08-04 12:00:00 60,416 -c--a-w C:\WINDOWS\system32\dllcache\cryptsvc.dll
+ 2004-08-04 12:00:00 512,512 -c--a-w C:\WINDOWS\system32\dllcache\cryptui.dll
+ 2001-08-18 04:36:12 175,104 -c--a-w C:\WINDOWS\system32\dllcache\csamsp.dll
+ 2004-08-04 12:00:00 101,888 -c--a-w C:\WINDOWS\system32\dllcache\cscdll.dll
+ 2004-08-04 12:00:00 98,304 -c--a-w C:\WINDOWS\system32\dllcache\cscript.exe
+ 2004-08-04 12:00:00 326,656 -c--a-w C:\WINDOWS\system32\dllcache\cscui.dll
+ 2004-08-04 12:00:00 32,768 -c--a-w C:\WINDOWS\system32\dllcache\csrsrv.dll
+ 2004-08-04 12:00:00 6,144 -c--a-w C:\WINDOWS\system32\dllcache\csrss.exe
+ 2004-08-04 12:00:00 73,728 -c--a-w C:\WINDOWS\system32\dllcache\csseqchk.dll
+ 2004-08-04 12:00:00 15,360 -c--a-w C:\WINDOWS\system32\dllcache\ctfmon.exe
+ 2001-08-17 18:19:28 6,912 -c--a-w C:\WINDOWS\system32\dllcache\ctlfacem.sys
+ 2001-08-17 18:19:20 3,712 -c--a-w C:\WINDOWS\system32\dllcache\ctljystk.sys
+ 2001-08-17 18:19:20 96,256 -c--a-w C:\WINDOWS\system32\dllcache\ctlsb16.sys
+ 2004-08-04 06:56:42 249,856 -c--a-w C:\WINDOWS\system32\dllcache\ctmasetp.dll
+ 2001-08-18 04:36:12 4,096 -c--a-w C:\WINDOWS\system32\dllcache\ctwdm32.dll
- 2006-11-08 03:03:36 33,792 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
+ 2004-08-11 08:45:04 28,672 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
+ 2001-08-17 18:19:24 3,072 -c--a-w C:\WINDOWS\system32\dllcache\cwbase.sys
+ 2001-08-17 18:19:26 3,072 -c--a-w C:\WINDOWS\system32\dllcache\cwbmidi.sys
+ 2001-08-17 18:19:28 72,832 -c--a-w C:\WINDOWS\system32\dllcache\cwbwdm.sys
+ 2001-08-17 18:19:30 3,584 -c--a-w C:\WINDOWS\system32\dllcache\cwcosnt5.sys
+ 2001-08-17 18:19:36 111,872 -c--a-w C:\WINDOWS\system32\dllcache\cwcspud.sys
+ 2001-08-17 18:19:48 93,952 -c--a-w C:\WINDOWS\system32\dllcache\cwcwdm.sys
+ 2004-08-04 04:32:26 48,640 -c--a-w C:\WINDOWS\system32\dllcache\cwrwdm.sys
+ 2001-08-17 19:50:36 17,152 -c--a-w C:\WINDOWS\system32\dllcache\cyclad-z.sys
+ 2001-08-17 19:50:30 14,848 -c--a-w C:\WINDOWS\system32\dllcache\cyclom-y.sys
+ 2001-08-18 04:36:12 28,672 -c--a-w C:\WINDOWS\system32\dllcache\cyycoins.dll
+ 2001-08-17 19:50:38 50,176 -c--a-w C:\WINDOWS\system32\dllcache\cyyport.sys
+ 2001-08-18 04:36:12 27,648 -c--a-w C:\WINDOWS\system32\dllcache\cyyports.dll
+ 2001-08-18 04:36:12 27,136 -c--a-w C:\WINDOWS\system32\dllcache\cyzcoins.dll
+ 2001-08-17 19:50:40 49,792 -c--a-w C:\WINDOWS\system32\dllcache\cyzport.sys
+ 2001-08-18 04:36:12 27,648 -c--a-w C:\WINDOWS\system32\dllcache\cyzports.dll
+ 2001-08-17 18:12:02 117,760 -c--a-w C:\WINDOWS\system32\dllcache\d100ib5.sys
+ 2004-08-04 12:00:00 1,179,648 -c--a-w C:\WINDOWS\system32\dllcache\d3d8.dll
+ 2004-08-04 12:00:00 8,192 -c--a-w C:\WINDOWS\system32\dllcache\d3d8thk.dll
+ 2004-08-04 12:00:00 1,689,088 -c--a-w C:\WINDOWS\system32\dllcache\d3d9.dll
+ 2004-08-04 12:00:00 825,344 -c--a-w C:\WINDOWS\system32\dllcache\d3dim700.dll
+ 2001-08-17 19:52:16 179,584 -c--a-w C:\WINDOWS\system32\dllcache\dac2w2k.sys
+ 2001-08-17 19:52:16 14,720 -c--a-w C:\WINDOWS\system32\dllcache\dac960nt.sys
+ 2004-08-04 12:00:00 54,272 -c--a-w C:\WINDOWS\system32\dllcache\dataclen.dll
+ 2004-08-04 12:00:00 24,576 -c--a-w C:\WINDOWS\system32\dllcache\davclnt.dll
+ 2004-08-04 12:00:00 640,000 -c--a-w C:\WINDOWS\system32\dllcache\dbghelp.dll
+ 2004-08-04 12:00:00 110,592 -c--a-w C:\WINDOWS\system32\dllcache\dbnetlib.dll
+ 2001-08-18 04:36:12 25,600 -c--a-w C:\WINDOWS\system32\dllcache\dc210_32.dll
+ 2001-08-18 04:36:12 80,896 -c--a-w C:\WINDOWS\system32\dllcache\dc210usd.dll
+ 2001-08-17 18:12:02 63,208 -c--a-w C:\WINDOWS\system32\dllcache\dc21x4.sys
+ 2001-08-18 04:36:12 86,016 -c--a-w C:\WINDOWS\system32\dllcache\dc240usd.dll
+ 2001-08-18 04:36:12 110,592 -c--a-w C:\WINDOWS\system32\dllcache\dc260usd.dll
+ 2004-08-04 12:00:00 8,704 -c--a-w C:\WINDOWS\system32\dllcache\dciman32.dll
+ 2004-08-04 12:00:00 30,208 -c--a-w C:\WINDOWS\system32\dllcache\ddeshare.exe
+ 2004-08-04 12:00:00 266,240 -c--a-w C:\WINDOWS\system32\dllcache\ddraw.dll
+ 2004-08-04 12:00:00 27,136 -c--a-w C:\WINDOWS\system32\dllcache\ddrawex.dll
+ 2001-08-17 19:52:58 7,424 -c--a-w C:\WINDOWS\system32\dllcache\ddsmc.sys
+ 2004-08-04 12:00:00 20,634 -c--a-w C:\WINDOWS\system32\dllcache\debug.exe
+ 2001-08-17 18:11:44 20,928 -c--a-w C:\WINDOWS\system32\dllcache\defpa.sys
+ 2004-08-04 12:00:00 25,088 -c--a-w C:\WINDOWS\system32\dllcache\defrag.exe
+ 2004-08-04 12:00:00 16,384 -c--a-w C:\WINDOWS\system32\dllcache\deskadp.dll
+ 2004-08-04 12:00:00 16,896 -c--a-w C:\WINDOWS\system32\dllcache\deskmon.dll
+ 2004-08-04 12:00:00 18,432 -c--a-w C:\WINDOWS\system32\dllcache\deskperf.dll
+ 2001-08-18 04:36:14 256,512 -c--a-w C:\WINDOWS\system32\dllcache\devcon32.dll
+ 2004-08-04 12:00:00 59,904 -c--a-w C:\WINDOWS\system32\dllcache\devenum.dll
+ 2001-08-18 04:36:42 24,064 -c--a-w C:\WINDOWS\system32\dllcache\devldr32.exe
+ 2004-08-04 12:00:00 282,624 -c--a-w C:\WINDOWS\system32\dllcache\devmgr.dll
+ 2001-08-17 18:11:48 24,648 -c--a-w C:\WINDOWS\system32\dllcache\dfe650.sys
+ 2001-08-17 18:11:48 24,649 -c--a-w C:\WINDOWS\system32\dllcache\dfe650d.sys
+ 2004-08-04 12:00:00 82,432 -c--a-w C:\WINDOWS\system32\dllcache\dfrgfat.exe
+ 2004-08-04 12:00:00 104,960 -c--a-w C:\WINDOWS\system32\dllcache\dfrgntfs.exe
+ 2004-08-04 12:00:00 51,200 -c--a-w C:\WINDOWS\system32\dllcache\dfrgres.dll
+ 2004-08-04 12:00:00 123,904 -c--a-w C:\WINDOWS\system32\dllcache\dfrgui.dll
+ 2001-08-17 18:17:20 29,531 -c--a-w C:\WINDOWS\system32\dllcache\dgapci.sys
+ 2001-08-18 04:36:14 419,357 -c--a-w C:\WINDOWS\system32\dllcache\dgconfig.dll
+ 2004-08-04 12:00:00 111,104 -c--a-w C:\WINDOWS\system32\dllcache\dgnet.dll
+ 2004-08-04 12:00:00 85,020 -c--a-w C:\WINDOWS\system32\dllcache\dgsetup.dll
+ 2004-08-04 12:00:00 74,240 -c--a-w C:\WINDOWS\system32\dllcache\dhcpsapi.dll
+ 2004-08-04 12:00:00 85,504 -c--a-w C:\WINDOWS\system32\dllcache\diantz.exe
+ 2001-08-17 18:13:48 164,923 -c--a-w C:\WINDOWS\system32\dllcache\diapi2.sys
+ 2001-08-18 04:36:14 32,256 -c--a-w C:\WINDOWS\system32\dllcache\diapi2NT.dll
+ 2001-08-18 04:36:14 65,622 -c--a-w C:\WINDOWS\system32\dllcache\digiasyn.dll
+ 2001-08-17 18:13:36 37,735 -c--a-w C:\WINDOWS\system32\dllcache\digiasyn.sys
+ 2001-08-18 04:36:14 131,156 -c--a-w C:\WINDOWS\system32\dllcache\digidbp.dll
+ 2001-08-17 18:13:52 103,044 -c--a-w C:\WINDOWS\system32\dllcache\digidxb.sys
+ 2001-08-17 18:17:40 90,525 -c--a-w C:\WINDOWS\system32\dllcache\digifep5.sys
+ 2001-08-18 04:36:14 229,462 -c--a-w C:\WINDOWS\system32\dllcache\digifwrk.dll
+ 2001-08-18 04:36:14 159,828 -c--a-w C:\WINDOWS\system32\dllcache\digihlc.dll
+ 2001-08-18 04:36:14 102,484 -c--a-w C:\WINDOWS\system32\dllcache\digiinf.dll
+ 2001-08-18 04:36:14 41,046 -c--a-w C:\WINDOWS\system32\dllcache\digiisdn.dll
+ 2001-08-17 18:14:44 21,606 -c--a-w C:\WINDOWS\system32\dllcache\digiisdn.sys
+ 2001-08-18 04:36:14 110,621 -c--a-w C:\WINDOWS\system32\dllcache\digirlpt.dll
+ 2001-08-17 18:17:44 42,432 -c--a-w C:\WINDOWS\system32\dllcache\digirlpt.sys
+ 2001-08-18 04:36:42 614,429 -c--a-w C:\WINDOWS\system32\dllcache\digiview.exe
+ 2001-08-17 18:13:52 91,305 -c--a-w C:\WINDOWS\system32\dllcache\dimaint.sys
+ 2004-08-04 12:00:00 181,760 -c--a-w C:\WINDOWS\system32\dllcache\dinput8.dll
+ 2004-08-04 12:00:00 36,352 -c--a-w C:\WINDOWS\system32\dllcache\disk.sys
+ 2004-08-04 12:00:00 163,840 -c--a-w C:\WINDOWS\system32\dllcache\diskpart.exe
+ 2004-08-04 12:00:00 17,920 -c--a-w C:\WINDOWS\system32\dllcache\diskperf.exe
+ 2004-08-04 12:00:00 45,083 -c--a-w C:\WINDOWS\system32\dllcache\dispex.dll
+ 2001-08-18 04:36:14 6,729 -c--a-w C:\WINDOWS\system32\dllcache\disrvci.dll
+ 2001-08-18 04:36:14 31,305 -c--a-w C:\WINDOWS\system32\dllcache\disrvpp.dll
+ 2001-08-18 04:36:14 38,985 -c--a-w C:\WINDOWS\system32\dllcache\disrvsu.dll
+ 2001-08-18 04:36:42 236,060 -c--a-w C:\WINDOWS\system32\dllcache\ditrace.exe
+ 2001-08-18 04:36:14 6,216 -c--a-w C:\WINDOWS\system32\dllcache\divaci.dll
+ 2001-08-18 04:36:14 37,962 -c--a-w C:\WINDOWS\system32\dllcache\divaprop.dll
+ 2001-08-18 04:36:14 29,768 -c--a-w C:\WINDOWS\system32\dllcache\divasu.dll
+ 2001-08-17 18:11:44 26,698 -c--a-w C:\WINDOWS\system32\dllcache\dlh5xnd5.sys
+ 2004-08-04 12:00:00 5,120 -c--a-w C:\WINDOWS\system32\dllcache\dllhost.exe
+ 2004-08-04 05:00:06 8,320 -c--a-w C:\WINDOWS\system32\dllcache\dlttape.sys
+ 2001-08-17 18:11:42 29,696 -c--a-w C:\WINDOWS\system32\dllcache\dm9pci5.sys
+ 2004-08-04 12:00:00 224,768 -c--a-w C:\WINDOWS\system32\dllcache\dmadmin.exe
+ 2004-08-04 12:00:00 799,744 -c--a-w C:\WINDOWS\system32\dllcache\dmboot.sys
+ 2004-08-04 12:00:00 118,784 -c--a-w C:\WINDOWS\system32\dllcache\dmdskres.dll
+ 2004-08-04 12:00:00 18,432 -c--a-w C:\WINDOWS\system32\dllcache\dmintf.dll
+ 2004-08-04 12:00:00 153,344 -c--a-w C:\WINDOWS\system32\dllcache\dmio.sys
+ 2004-08-04 12:00:00 5,888 -c--a-w C:\WINDOWS\system32\dllcache\dmload.sys
+ 2004-08-04 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\dmocx.dll
+ 2004-08-04 12:00:00 15,872 -c--a-w C:\WINDOWS\system32\dllcache\dmremote.exe
+ 2004-08-04 12:00:00 82,432 -c--a-w C:\WINDOWS\system32\dllcache\dmscript.dll
+ 2004-08-04 12:00:00 23,552 -c--a-w C:\WINDOWS\system32\dllcache\dmserver.dll
+ 2004-08-04 12:00:00 105,984 -c--a-w C:\WINDOWS\system32\dllcache\dmstyle.dll
+ 2004-08-04 12:00:00 103,424 -c--a-w C:\WINDOWS\system32\dllcache\dmsynth.dll
+ 2004-08-04 12:00:00 104,448 -c--a-w C:\WINDOWS\system32\dllcache\dmusic.dll
+ 2004-08-04 06:07:40 52,864 -c--a-w C:\WINDOWS\system32\dllcache\dmusic.sys
+ 2004-08-04 12:00:00 45,568 -c--a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
+ 2004-08-04 12:00:00 10,752 -c--a-w C:\WINDOWS\system32\dllcache\doskey.exe
+ 2004-08-04 12:00:00 53,840 -c--a-w C:\WINDOWS\system32\dllcache\dosx.exe
+ 2004-08-04 04:58:30 207,360 -c--a-w C:\WINDOWS\system32\dllcache\dot4.sys
+ 2001-08-17 19:47:32 12,928 -c--a-w C:\WINDOWS\system32\dllcache\dot4prt.sys
+ 2001-08-17 19:47:32 8,704 -c--a-w C:\WINDOWS\system32\dllcache\dot4scan.sys
+ 2001-08-17 19:47:32 23,808 -c--a-w C:\WINDOWS\system32\dllcache\dot4usb.sys
+ 2001-08-17 18:12:32 28,062 -c--a-w C:\WINDOWS\system32\dllcache\dp83820.sys
+ 2004-08-04 12:00:00 97,280 -c--a-w C:\WINDOWS\system32\dllcache\dpcdll.dll
+ 2004-08-04 12:00:00 30,208 -c--a-w C:\WINDOWS\system32\dllcache\dplaysvr.exe
+ 2004-08-04 12:00:00 229,888 -c--a-w C:\WINDOWS\system32\dllcache\dplayx.dll
+ 2004-08-04 12:00:00 23,552 -c--a-w C:\WINDOWS\system32\dllcache\dpmodemx.dll
+ 2004-08-04 12:00:00 375,296 -c--a-w C:\WINDOWS\system32\dllcache\dpnet.dll
+ 2004-08-04 12:00:00 18,432 -c--a-w C:\WINDOWS\system32\dllcache\dpnsvr.exe
+ 2004-08-04 12:00:00 61,952 -c--a-w C:\WINDOWS\system32\dllcache\dpnwsock.dll
+ 2004-08-04 12:00:00 53,520 -c--a-w C:\WINDOWS\system32\dllcache\dpserial.dll
+ 2001-08-17 20:07:44 20,192 -c--a-w C:\WINDOWS\system32\dllcache\dpti2o.sys
+ 2004-08-04 12:00:00 21,504 -c--a-w C:\WINDOWS\system32\dllcache\dpvacm.dll
+ 2004-08-04 12:00:00 83,456 -c--a-w C:\WINDOWS\system32\dllcache\dpvsetup.exe
+ 2004-08-04 12:00:00 116,736 -c--a-w C:\WINDOWS\system32\dllcache\dpvvox.dll
+ 2004-08-04 12:00:00 57,344 -c--a-w C:\WINDOWS\system32\dllcache\dpwsockx.dll
+ 2004-08-11 08:45:04 253,688 -c--a-w C:\WINDOWS\system32\dllcache\drmclien.dll
+ 2004-08-04 06:08:00 60,288 -c--a-w C:\WINDOWS\system32\dllcache\drmk.sys
+ 2004-08-11 08:45:04 95,232 -c--a-w C:\WINDOWS\system32\dllcache\drmstor.dll
+ 2006-10-19 03:47:10 991,744 -c--a-w C:\WINDOWS\system32\dllcache\drmv2clt.dll
+ 2004-08-04 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\drprov.dll
+ 2004-08-04 12:00:00 28,112 -c--a-w C:\WINDOWS\system32\dllcache\drwatson.exe
+ 2004-08-04 12:00:00 45,568 -c--a-w C:\WINDOWS\system32\dllcache\drwtsn32.exe
+ 2001-08-17 18:20:18 334,208 -c--a-w C:\WINDOWS\system32\dllcache\ds1wdm.sys
+ 2004-08-04 12:00:00 16,384 -c--a-w C:\WINDOWS\system32\dllcache\ds32gt.dll
+ 2004-08-04 12:00:00 71,680 -c--a-w C:\WINDOWS\system32\dllcache\dsdmoprp.dll
+ 2004-08-04 12:00:00 92,672 -c--a-w C:\WINDOWS\system32\dllcache\dskquota.dll
+ 2004-08-04 12:00:00 144,384 -c--a-w C:\WINDOWS\system32\dllcache\dskquoui.dll
+ 2004-08-04 12:00:00 367,616 -c--a-w C:\WINDOWS\system32\dllcache\dsound.dll
+ 2004-08-04 12:00:00 142,336 -c--a-w C:\WINDOWS\system32\dllcache\dsprop.dll
+ 2004-08-04 12:00:00 4,096 -c--a-w C:\WINDOWS\system32\dllcache\dsprpres.dll
+ 2004-08-04 12:00:00 137,216 -c--a-w C:\WINDOWS\system32\dllcache\dssenh.dll
+ 2004-08-04 12:00:00 113,152 -c--a-w C:\WINDOWS\system32\dllcache\dsuiext.dll
+ 2004-08-04 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\dswave.dll
+ 2004-08-04 12:00:00 10,752 -c--a-w C:\WINDOWS\system32\dllcache\dumprep.exe
+ 2004-08-04 12:00:00 304,128 -c--a-w C:\WINDOWS\system32\dllcache\duser.dll
+ 2004-08-04 12:00:00 55,296 -c--a-w C:\WINDOWS\system32\dllcache\dvdplay.exe
+ 2004-08-04 12:00:00 17,920 -c--a-w C:\WINDOWS\system32\dllcache\dvdupgrd.exe
+ 2004-08-04 12:00:00 180,224 -c--a-w C:\WINDOWS\system32\dllcache\dwwin.exe
+ 2004-08-04 12:00:00 10,496 -c--a-w C:\WINDOWS\system32\dllcache\dxapi.sys
+ 2004-08-04 12:00:00 1,298,432 -c--a-w C:\WINDOWS\system32\dllcache\dxdiag.exe
+ 2004-08-04 12:00:00 2,113,536 -c--a-w C:\WINDOWS\system32\dllcache\dxdiagn.dll
+ 2004-08-04 12:00:00 71,040 -c--a-w C:\WINDOWS\system32\dllcache\dxg.sys
+ 2004-08-04 12:00:00 3,328 -c--a-w C:\WINDOWS\system32\dllcache\dxgthk.sys
+ 2001-08-17 18:12:08 50,719 -c--a-w C:\WINDOWS\system32\dllcache\e1000nt5.sys
+ 2004-02-10 22:49:14 154,112 -c--a-w C:\WINDOWS\system32\dllcache\e100b325.sys
+ 2001-08-17 18:12:12 19,594 -c--a-w C:\WINDOWS\system32\dllcache\e100isa4.sys
+ 2004-08-04 12:00:00 514,587 -c--a-w C:\WINDOWS\system32\dllcache\edb500.dll
+ 2004-08-04 12:00:00 12,642 -c--a-w C:\WINDOWS\system32\dllcache\edlin.exe
+ 2001-08-17 18:10:50 44,103 -c--a-w C:\WINDOWS\system32\dllcache\el515.sys
+ 2001-08-17 18:10:56 55,999 -c--a-w C:\WINDOWS\system32\dllcache\el556nd5.sys
+ 2001-08-17 18:10:56 24,653 -c--a-w C:\WINDOWS\system32\dllcache\el574nd4.sys
+ 2001-08-17 18:10:58 69,692 -c--a-w C:\WINDOWS\system32\dllcache\el575nd5.sys
+ 2001-08-17 18:10:52 26,141 -c--a-w C:\WINDOWS\system32\dllcache\el589nd5.sys
+ 2001-08-17 18:11:00 69,194 -c--a-w C:\WINDOWS\system32\dllcache\el656cd5.sys
+ 2001-08-17 18:11:00 77,386 -c--a-w C:\WINDOWS\system32\dllcache\el656nd5.sys
+ 2001-08-17 19:28:00 241,206 -c--a-w C:\WINDOWS\system32\dllcache\el656se5.sys
+ 2001-08-17 18:11:06 66,591 -c--a-w C:\WINDOWS\system32\dllcache\el90xbc5.sys
+ 2001-08-17 18:11:02 153,631 -c--a-w C:\WINDOWS\system32\dllcache\el90xnd5.sys
+ 2001-08-17 18:11:12 455,199 -c--a-w C:\WINDOWS\system32\dllcache\el985n51.sys
+ 2001-08-17 18:11:04 70,174 -c--a-w C:\WINDOWS\system32\dllcache\el98xn5.sys
+ 2001-08-17 18:11:08 171,520 -c--a-w C:\WINDOWS\system32\dllcache\el99xn51.sys
+ 2001-08-17 19:53:02 7,296 -c--a-w C:\WINDOWS\system32\dllcache\elmsmc.sys
+ 2001-08-17 18:10:52 25,159 -c--a-w C:\WINDOWS\system32\dllcache\elnk3.sys
+ 2001-08-17 18:10:54 19,996 -c--a-w C:\WINDOWS\system32\dllcache\em556n4.sys
+ 2001-08-17 18:19:26 283,904 -c--a-w C:\WINDOWS\system32\dllcache\emu10k1m.sys
+ 2004-08-04 12:00:00 20,480 -c--a-w C:\WINDOWS\system32\dllcache\encapi.dll
+ 2004-08-04 12:00:00 186,368 -c--a-w C:\WINDOWS\system32\dllcache\encdec.dll
+ 2001-08-17 19:50:20 144,896 -c--a-w C:\WINDOWS\system32\dllcache\epcfw2k.sys
+ 2001-08-17 18:12:08 18,503 -c--a-w C:\WINDOWS\system32\dllcache\epro4.sys
+ 2001-08-17 19:50:20 114,944 -c--a-w C:\WINDOWS\system32\dllcache\epstw2k.sys
+ 2001-08-17 18:17:40 629,952 -c--a-w C:\WINDOWS\system32\dllcache\eqn.sys
+ 2004-08-04 12:00:00 103,424 -c--a-w C:\WINDOWS\system32\dllcache\eqnclass.dll
+ 2001-08-18 04:36:44 53,248 -c--a-w C:\WINDOWS\system32\dllcache\eqndiag.exe
+ 2001-08-18 04:36:44 51,200 -c--a-w C:\WINDOWS\system32\dllcache\eqnlogr.exe
+ 2001-08-18 04:36:44 61,952 -c--a-w C:\WINDOWS\system32\dllcache\eqnloop.exe
+ 2004-08-04 12:00:00 23,040 -c--a-w C:\WINDOWS\system32\dllcache\ersvc.dll
+ 2005-07-26 04:39:45 243,200 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
+ 2001-08-17 18:19:38 37,120 -c--a-w C:\WINDOWS\system32\dllcache\es1370mp.sys
+ 2001-08-17 18:19:34 40,704 -c--a-w C:\WINDOWS\system32\dllcache\es1371mp.sys
+ 2001-08-17 18:19:58 72,192 -c--a-w C:\WINDOWS\system32\dllcache\es1969.sys
+ 2001-08-17 18:19:48 174,464 -c--a-w C:\WINDOWS\system32\dllcache\es198x.sys
+ 2001-08-17 19:28:02 595,647 -c--a-w C:\WINDOWS\system32\dllcache\es56cvmp.sys
+ 2001-08-17 19:28:04 594,238 -c--a-w C:\WINDOWS\system32\dllcache\es56hpi.sys
+ 2001-08-17 19:28:04 347,550 -c--a-w C:\WINDOWS\system32\dllcache\es56tpi.sys
+ 2005-10-20 22:20:03 1,082,368 -c--a-w C:\WINDOWS\system32\dllcache\esent.dll
+ 2004-08-04 12:00:00 17,408 -c--a-w C:\WINDOWS\system32\dllcache\esentprf.dll
+ 2004-08-04 12:00:00 39,424 -c--a-w C:\WINDOWS\system32\dllcache\esentutl.exe
+ 2001-08-17 18:19:56 63,360 -c--a-w C:\WINDOWS\system32\dllcache\ess.sys
+ 2004-08-04 12:00:00 247,808 -c--a-w C:\WINDOWS\system32\dllcache\esscli.dll
+ 2004-08-04 04:32:28 137,088 -c--a-w C:\WINDOWS\system32\dllcache\essm2e.sys
+ 2001-08-18 04:36:16 43,008 -c--a-w C:\WINDOWS\system32\dllcache\esucm.dll
+ 2004-08-04 12:00:00 31,744 -c--a-w C:\WINDOWS\system32\dllcache\esucmd.dll
+ 2001-08-18 04:36:16 34,816 -c--a-w C:\WINDOWS\system32\dllcache\esuimg.dll
+ 2004-08-04 12:00:00 57,856 -c--a-w C:\WINDOWS\system32\dllcache\esuimgd.dll
+ 2001-08-18 04:36:16 45,568 -c--a-w C:\WINDOWS\system32\dllcache\esuni.dll
+ 2001-08-18 04:36:16 45,568 -c--a-w C:\WINDOWS\system32\dllcache\esunib.dll
+ 2004-08-04 12:00:00 45,056 -c--a-w C:\WINDOWS\system32\dllcache\esunid.dll
+ 2004-08-04 12:00:00 25,856 -c--a-w C:\WINDOWS\system32\dllcache\et4000.sys
+ 2004-08-04 12:00:00 193,024 -c--a-w C:\WINDOWS\system32\dllcache\eudcedit.exe
+ 2004-08-04 12:00:00 55,808 -c--a-w C:\WINDOWS\system32\dllcache\eventlog.dll
+ 2004-08-04 12:00:00 101,888 -c--a-w C:\WINDOWS\system32\dllcache\evntagnt.dll
+ 2004-08-04 12:00:00 24,064 -c--a-w C:\WINDOWS\system32\dllcache\evntcmd.exe
+ 2004-08-04 12:00:00 92,160 -c--a-w C:\WINDOWS\system32\dllcache\evntwin.exe
+ 2001-08-17 18:12:08 16,998 -c--a-w C:\WINDOWS\system32\dllcache\ex10.sys
+ 2001-08-17 19:52:48 7,040 -c--a-w C:\WINDOWS\system32\dllcache\exabyte2.sys
+ 2001-08-18 04:36:10 5,632 -c--a-w C:\WINDOWS\system32\dllcache\EXCH_adsiisex.dll
+ 2001-08-18 04:36:10 45,056 -c--a-w C:\WINDOWS\system32\dllcache\EXCH_aqadmin.dll
+ 2001-08-18 04:36:16 43,520 -c--a-w C:\WINDOWS\system32\dllcache\EXCH_fcachdll.dll
+ 2001-08-18 04:36:18 65,536 -c--a-w C:\WINDOWS\system32\dllcache\EXCH_mailmsg.dll
+ 2001-08-18 04:36:28 38,912 -c--a-w C:\WINDOWS\system32\dllcache\EXCH_ntfsdrv.dll
+ 2001-08-18 04:36:54 23,040 -c--a-w C:\WINDOWS\system32\dllcache\EXCH_regtrace.exe
+ 2001-08-18 04:36:30 57,856 -c--a-w C:\WINDOWS\system32\dllcache\EXCH_scripto.dll
+ 2001-08-18 04:36:30 26,112 -c--a-w C:\WINDOWS\system32\dllcache\EXCH_seos.dll
+ 2001-08-18 04:36:32 12,288 -c--a-w C:\WINDOWS\system32\dllcache\EXCH_smtpctrs.dll
+ 2001-08-18 04:36:32 7,168 -c--a-w C:\WINDOWS\system32\dllcache\EXCH_snprfdll.dll
+ 2004-08-04 12:00:00 15,872 -c--a-w C:\WINDOWS\system32\dllcache\expand.exe
+ 2004-08-04 12:00:00 380,957 -c--a-w C:\WINDOWS\system32\dllcache\expsrv.dll
+ 2004-08-04 12:00:00 45,568 -c--a-w C:\WINDOWS\system32\dllcache\extrac32.exe
+ 2004-08-04 12:00:00 121,856 -c--a-w C:\WINDOWS\system32\dllcache\exts.dll
+ 2001-08-17 18:11:54 12,362 -c--a-w C:\WINDOWS\system32\dllcache\f3ab18xi.sys
+ 2001-08-17 18:11:56 11,850 -c--a-w C:\WINDOWS\system32\dllcache\f3ab18xj.sys
+ 2004-08-04 12:00:00 7,168 -c--a-w C:\WINDOWS\system32\dllcache\f3ahvoas.dll
+ 2001-08-17 18:12:32 16,074 -c--a-w C:\WINDOWS\system32\dllcache\fa312nd5.sys
+ 2001-08-17 18:12:32 24,618 -c--a-w C:\WINDOWS\system32\dllcache\fa410nd5.sys
+ 2004-08-04 12:00:00 472,064 -c--a-w C:\WINDOWS\system32\dllcache\fastprox.dll
+ 2004-08-04 12:00:00 80,384 -c--a-w C:\WINDOWS\system32\dllcache\faultrep.dll
+ 2004-08-04 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\fc.exe
+ 2004-08-04 12:00:00 27,392 -c--a-w C:\WINDOWS\system32\dllcache\fdc.sys
+ 2004-08-04 12:00:00 21,504 -c--a-w C:\WINDOWS\system32\dllcache\feclient.dll
+ 2001-08-17 18:10:54 22,090 -c--a-w C:\WINDOWS\system32\dllcache\fem556n5.sys
+ 2001-08-17 18:13:08 27,165 -c--a-w C:\WINDOWS\system32\dllcache\fetnd5.sys
+ 2004-08-04 12:00:00 9,216 -c--a-w C:\WINDOWS\system32\dllcache\find.exe
+ 2004-08-04 12:00:00 27,136 -c--a-w C:\WINDOWS\system32\dllcache\findstr.exe
+ 2004-08-04 12:00:00 9,216 -c--a-w C:\WINDOWS\system32\dllcache\finger.exe
+ 2004-08-04 12:00:00 34,944 -c--a-w C:\WINDOWS\system32\dllcache\fips.sys
+ 2004-08-04 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\flattemp.exe
+ 2004-08-04 12:00:00 87,552 -c--a-w C:\WINDOWS\system32\dllcache\fldrclnr.dll
+ 2004-08-04 12:00:00 20,480 -c--a-w C:\WINDOWS\system32\dllcache\flpydisk.sys
+ 2004-08-04 12:00:00 16,384 -c--a-w C:\WINDOWS\system32\dllcache\fmifs.dll
+ 2001-08-18 04:36:16 71,680 -c--a-w C:\WINDOWS\system32\dllcache\fnfilter.dll
+ 2004-08-04 12:00:00 382,976 -c--a-w C:\WINDOWS\system32\dllcache\fontext.dll
+ 2005-10-17 21:14:45 80,896 -c--a-w C:\WINDOWS\system32\dllcache\fontsub.dll
+ 2004-08-04 12:00:00 20,992 -c--a-w C:\WINDOWS\system32\dllcache\fontview.exe
+ 2004-08-04 04:31:24 34,173 -c--a-w C:\WINDOWS\system32\dllcache\forehe.sys
+ 2004-08-04 12:00:00 32,828 -c--a-w C:\WINDOWS\system32\dllcache\fp40ext.dll
+ 2004-05-13 06:39:48 184,435 -c--a-w C:\WINDOWS\system32\dllcache\fp4amsft.dll
+ 2003-03-24 22:52:04 82,035 -c--a-w C:\WINDOWS\system32\dllcache\fp4anscp.dll
+ 2003-03-24 22:52:04 147,513 -c--a-w C:\WINDOWS\system32\dllcache\fp4apws.dll
+ 2003-03-24 22:52:04 49,210 -c--a-w C:\WINDOWS\system32\dllcache\fp4areg.dll
+ 2003-03-24 22:52:04 102,509 -c--a-w C:\WINDOWS\system32\dllcache\fp4atxt.dll
+ 2003-03-24 22:52:04 41,020 -c--a-w C:\WINDOWS\system32\dllcache\fp4avnb.dll
+ 2003-03-24 22:52:04 32,826 -c--a-w C:\WINDOWS\system32\dllcache\fp4avss.dll
+ 2003-03-24 22:52:04 49,212 -c--a-w C:\WINDOWS\system32\dllcache\fp4awebs.dll
+ 2003-03-24 22:52:04 14,608 -c--a-w C:\WINDOWS\system32\dllcache\fp98sadm.exe
+ 2003-03-24 22:52:04 109,328 -c--a-w C:\WINDOWS\system32\dllcache\fp98swin.exe
+ 2003-03-24 22:52:04 24,632 -c--a-w C:\WINDOWS\system32\dllcache\fpadmcgi.exe
+ 2003-03-24 22:52:04 20,541 -c--a-w C:\WINDOWS\system32\dllcache\fpadmdll.dll
+ 2001-08-17 18:14:24 444,416 -c--a-w C:\WINDOWS\system32\dllcache\fpcibase.sys
+ 2001-08-17 18:14:44 441,728 -c--a-w C:\WINDOWS\system32\dllcache\fpcmbase.sys
+ 2003-03-24 22:52:04 188,494 -c--a-w C:\WINDOWS\system32\dllcache\fpcount.exe
+ 2003-03-24 22:52:04 94,208 -c--a-w C:\WINDOWS\system32\dllcache\fpencode.dll
+ 2003-03-24 22:52:04 20,541 -c--a-w C:\WINDOWS\system32\dllcache\fpexedll.dll
+ 2004-05-13 06:39:48 598,071 -c--a-w C:\WINDOWS\system32\dllcache\fpmmc.dll
+ 2003-03-24 22:52:06 208,896 -c--a-w C:\WINDOWS\system32\dllcache\fpmmcsat.dll
+ 2001-08-17 18:15:02 442,240 -c--a-w C:\WINDOWS\system32\dllcache\fpnpbase.sys
+ 2003-03-24 22:52:04 20,538 -c--a-w C:\WINDOWS\system32\dllcache\fpremadm.exe
+ 2004-08-04 12:00:00 185,856 -c--a-w C:\WINDOWS\system32\dllcache\framedyn.dll
+ 2004-08-04 12:00:00 55,296 -c--a-w C:\WINDOWS\system32\dllcache\freecell.exe
+ 2004-08-04 12:00:00 7,936 -c--a-w C:\WINDOWS\system32\dllcache\fs_rec.sys
+ 2004-08-04 12:00:00 193,024 -c--a-w C:\WINDOWS\system32\dllcache\fsquirt.exe
+ 2004-08-04 12:00:00 81,408 -c--a-w C:\WINDOWS\system32\dllcache\fsusd.dll
+ 2004-08-04 12:00:00 56,320 -c--a-w C:\WINDOWS\system32\dllcache\fsutil.exe
+ 2004-08-04 12:00:00 125,056 -c--a-w C:\WINDOWS\system32\dllcache\ftdisk.sys
+ 2004-08-04 12:00:00 6,144 -c--a-w C:\WINDOWS\system32\dllcache\ftlx041e.dll
+ 2004-08-04 12:00:00 42,496 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe
+ 2001-08-17 18:15:22 455,680 -c--a-w C:\WINDOWS\system32\dllcache\fus2base.sys
+ 2001-08-17 18:15:38 455,296 -c--a-w C:\WINDOWS\system32\dllcache\fusbbase.sys
+ 2001-08-18 04:36:16 92,160 -c--a-w C:\WINDOWS\system32\dllcache\fuusd.dll
+ 2004-08-04 12:00:00 452,096 -c--a-w C:\WINDOWS\system32\dllcache\fxsapi.dll
+ 2004-08-04 12:00:00 111,104 -c--a-w C:\WINDOWS\system32\dllcache\fxscfgwz.dll
+ 2004-08-04 12:00:00 143,360 -c--a-w C:\WINDOWS\system32\dllcache\fxsclnt.exe
+ 2004-08-04 12:00:00 132,608 -c--a-w C:\WINDOWS\system32\dllcache\fxsclntr.dll
+ 2004-08-04 12:00:00 72,192 -c--a-w C:\WINDOWS\system32\dllcache\fxscom.dll
+ 2004-08-04 12:00:00 285,184 -c--a-w C:\WINDOWS\system32\dllcache\fxscomex.dll
+ 2004-08-04 12:00:00 229,376 -c--a-w C:\WINDOWS\system32\dllcache\fxscover.exe
+ 2004-08-04 12:00:00 27,136 -c--a-w C:\WINDOWS\system32\dllcache\fxsdrv.dll
+ 2004-08-04 12:00:00 55,296 -c--a-w C:\WINDOWS\system32\dllcache\fxsevent.dll
+ 2004-08-04 12:00:00 23,552 -c--a-w C:\WINDOWS\system32\dllcache\fxsext32.dll
+ 2004-08-04 12:00:00 23,552 -c--a-w C:\WINDOWS\system32\dllcache\fxsmon.dll
+ 2004-08-04 12:00:00 132,608 -c--a-w C:\WINDOWS\system32\dllcache\fxsocm.dll
+ 2004-08-04 12:00:00 8,704 -c--a-w C:\WINDOWS\system32\dllcache\fxsperf.dll
+ 2004-08-04 12:00:00 6,656 -c--a-w C:\WINDOWS\system32\dllcache\fxsres.dll
+ 2004-08-04 12:00:00 31,744 -c--a-w C:\WINDOWS\system32\dllcache\fxsroute.dll
+ 2004-08-04 12:00:00 11,264 -c--a-w C:\WINDOWS\system32\dllcache\fxssend.exe
+ 2004-08-04 12:00:00 562,176 -c--a-w C:\WINDOWS\system32\dllcache\fxsst.dll
+ 2004-08-04 12:00:00 267,776 -c--a-w C:\WINDOWS\system32\dllcache\fxssvc.exe
+ 2004-08-04 12:00:00 246,272 -c--a-w C:\WINDOWS\system32\dllcache\fxst30.dll
+ 2004-08-04 12:00:00 397,312 -c--a-w C:\WINDOWS\system32\dllcache\fxstiff.dll
+ 2004-08-04 12:00:00 154,112 -c--a-w C:\WINDOWS\system32\dllcache\fxsui.dll
+ 2004-08-04 12:00:00 192,512 -c--a-w C:\WINDOWS\system32\dllcache\fxswzrd.dll
+ 2004-08-04 12:00:00 400,384 -c--a-w C:\WINDOWS\system32\dllcache\fxsxp32.dll
+ 2001-08-17 18:15:56 454,912 -c--a-w C:\WINDOWS\system32\dllcache\fxusbase.sys
+ 2001-08-17 20:56:00 470,144 -c--a-w C:\WINDOWS\system32\dllcache\g200d.dll
+ 2001-08-17 18:49:34 320,384 -c--a-w C:\WINDOWS\system32\dllcache\g200m.sys
+ 2001-08-17 18:49:42 322,432 -c--a-w C:\WINDOWS\system32\dllcache\g400m.sys
+ 2004-08-04 05:07:44 46,464 -c--a-w C:\WINDOWS\system32\dllcache\gagp30kx.sys
+ 2004-08-04 05:08:22 10,624 -c--a-w C:\WINDOWS\system32\dllcache\gameenum.sys
+ 2004-08-04 12:00:00 76,800 -c--a-w C:\WINDOWS\system32\dllcache\gcdef.dll
+ 2004-08-04 05:08:30 59,136 -c--a-w C:\WINDOWS\system32\dllcache\gckernel.sys
+ 2004-08-04 12:00:00 24,576 -c--a-w C:\WINDOWS\system32\dllcache\gdi.exe
+ 2004-08-04 12:00:00 122,880 -c--a-w C:\WINDOWS\system32\dllcache\glu32.dll
+ 2004-08-04 12:00:00 101,888 -c--a-w C:\WINDOWS\system32\dllcache\gpkcsp.dll
+ 2001-08-17 19:51:06 17,408 -c--a-w C:\WINDOWS\system32\dllcache\gpr400.sys
+ 2001-08-17 19:51:20 82,304 -c--a-w C:\WINDOWS\system32\dllcache\grclass.sys
+ 2004-08-04 12:00:00 39,424 -c--a-w C:\WINDOWS\system32\dllcache\grpconv.exe
+ 2004-08-04 04:59:20 28,288 -c--a-w C:\WINDOWS\system32\dllcache\grserial.sys
+ 2004-08-04 12:00:00 36,864 -c--a-w C:\WINDOWS\system32\dllcache\hanjadic.dll
+ 2004-08-04 12:00:00 6,656 -c--a-w C:\WINDOWS\system32\dllcache\hcappres.dll
+ 2004-08-04 12:00:00 7,168 -c--a-w C:\WINDOWS\system32\dllcache\hccoin.dll
+ 2004-08-04 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\help.exe
+ 2004-08-04 12:00:00 743,936 -c--a-w C:\WINDOWS\system32\dllcache\helpsvc.exe
+ 2005-05-26 23:22:01 10,752 -c--a-w C:\WINDOWS\system32\dllcache\hh.exe
+ 2005-05-27 02:04:27 41,472 -c--a-w C:\WINDOWS\system32\dllcache\hhsetup.dll
+ 2004-08-04 12:00:00 20,992 -c--a-w C:\WINDOWS\system32\dllcache\hid.dll
+ 2001-08-17 19:58:00 19,200 -c--a-w C:\WINDOWS\system32\dllcache\hidbatt.sys
+ 2004-08-04 05:10:38 25,600 -c--a-w C:\WINDOWS\system32\dllcache\hidbth.sys
+ 2004-08-04 12:00:00 36,224 -c--a-w C:\WINDOWS\system32\dllcache\hidclass.sys
+ 2001-08-17 20:02:32 8,576 -c--a-w C:\WINDOWS\system32\dllcache\hidgame.sys
+ 2004-08-04 05:08:20 15,104 -c--a-w C:\WINDOWS\system32\dllcache\hidir.sys
+ 2004-08-04 12:00:00 24,960 -c--a-w C:\WINDOWS\system32\dllcache\hidparse.sys
+ 2004-08-04 06:56:44 21,504 -c--a-w C:\WINDOWS\system32\dllcache\hidserv.dll
+ 2001-08-17 22:02:20 9,600 -c--a-w C:\WINDOWS\system32\dllcache\hidusb.sys
+ 2004-08-04 12:00:00 344,064 -c--a-w C:\WINDOWS\system32\dllcache\hnetcfg.dll
+ 2004-08-04 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\hnetmon.dll
+ 2004-08-04 12:00:00 330,752 -c--a-w C:\WINDOWS\system32\dllcache\hnetwiz.dll
+ 2004-08-04 12:00:00 39,936 -c--a-w C:\WINDOWS\system32\dllcache\hostmib.dll
+ 2004-08-04 12:00:00 144,896 -c--a-w C:\WINDOWS\system32\dllcache\hotplug.dll
+ 2001-08-18 04:36:16 119,296 -c--a-w C:\WINDOWS\system32\dllcache\hpdigwia.dll
+ 2001-08-18 04:36:16 83,968 -c--a-w C:\WINDOWS\system32\dllcache\hpgt21.dll
+ 2001-08-18 04:36:16 123,392 -c--a-w C:\WINDOWS\system32\dllcache\hpgt21tk.dll
+ 2001-08-18 04:36:16 89,088 -c--a-w C:\WINDOWS\system32\dllcache\hpgt33.dll
+ 2001-08-18 04:36:16 48,128 -c--a-w C:\WINDOWS\system32\dllcache\hpgt33tk.dll
+ 2001-08-18 04:36:16 101,376 -c--a-w C:\WINDOWS\system32\dllcache\hpgt34.dll
+ 2001-08-18 04:36:16 126,976 -c--a-w C:\WINDOWS\system32\dllcache\hpgt34tk.dll
+ 2001-08-18 04:36:16 93,696 -c--a-w C:\WINDOWS\system32\dllcache\hpgt42.dll
+ 2001-08-18 04:36:16 31,232 -c--a-w C:\WINDOWS\system32\dllcache\hpgt42tk.dll
+ 2001-08-18 04:36:16 165,888 -c--a-w C:\WINDOWS\system32\dllcache\hpgt53.dll
+ 2001-08-18 04:36:16 68,608 -c--a-w C:\WINDOWS\system32\dllcache\hpgt53tk.dll
+ 2001-08-18 04:36:16 32,768 -c--a-w C:\WINDOWS\system32\dllcache\hpgtmcro.dll
+ 2001-08-17 20:07:44 25,952 -c--a-w C:\WINDOWS\system32\dllcache\hpn.sys
+ 2001-08-18 04:36:16 324,608 -c--a-w C:\WINDOWS\system32\dllcache\hpojwia.dll
+ 2001-08-18 04:36:16 13,312 -c--a-w C:\WINDOWS\system32\dllcache\hpsjmcro.dll
+ 2001-08-17 19:52:50 5,760 -c--a-w C:\WINDOWS\system32\dllcache\hpt4qic.sys
+ 2001-08-18 04:36:16 19,456 -c--a-w C:\WINDOWS\system32\dllcache\hr1w.dll
+ 2004-08-04 12:00:00 1,175,635 -c--a-w C:\WINDOWS\system32\dllcache\hrtzres.dll
+ 2001-08-17 19:28:04 150,239 -c--a-w C:\WINDOWS\system32\dllcache\hsf_amos.sys
+ 2001-08-17 19:28:04 67,167 -c--a-w C:\WINDOWS\system32\dllcache\hsf_bsc2.sys
+ 2001-08-17 19:28:06 289,887 -c--a-w C:\WINDOWS\system32\dllcache\hsf_fall.sys
+ 2001-08-17 19:28:06 199,711 -c--a-w C:\WINDOWS\system32\dllcache\hsf_faxx.sys
+ 2001-08-17 19:28:06 115,807 -c--a-w C:\WINDOWS\system32\dllcache\hsf_fsks.sys
+ 2001-08-18 04:36:16 9,759 -c--a-w C:\WINDOWS\system32\dllcache\hsf_inst.dll
+ 2001-08-17 19:28:08 391,199 -c--a-w C:\WINDOWS\system32\dllcache\hsf_k56k.sys
+ 2001-08-17 19:28:10 542,879 -c--a-w C:\WINDOWS\system32\dllcache\hsf_msft.sys
+ 2001-08-17 19:28:10 57,471 -c--a-w C:\WINDOWS\system32\dllcache\hsf_samp.sys
+ 2001-08-17 19:28:10 44,863 -c--a-w C:\WINDOWS\system32\dllcache\hsf_soar.sys
+ 2001-08-17 19:28:10 73,279 -c--a-w C:\WINDOWS\system32\dllcache\hsf_spkp.sys
+ 2001-08-17 19:28:12 50,751 -c--a-w C:\WINDOWS\system32\dllcache\hsf_tone.sys
+ 2001-08-17 19:28:12 488,383 -c--a-w C:\WINDOWS\system32\dllcache\hsf_v124.sys
+ 2004-08-04 04:41:48 220,032 -c--a-w C:\WINDOWS\system32\dllcache\hsfbs2s2.sys
+ 2004-08-04 06:56:44 32,285 -c--a-w C:\WINDOWS\system32\dllcache\hsfcisp2.dll
+ 2004-08-04 04:41:50 685,056 -c--a-w C:\WINDOWS\system32\dllcache\hsfcxts2.sys
+ 2004-08-04 04:41:56 1,041,536 -c--a-w C:\WINDOWS\system32\dllcache\hsfdpsp2.sys
+ 2006-03-17 00:33:10 262,784 -c--a-w C:\WINDOWS\system32\dllcache\http.sys
+ 2004-08-04 12:00:00 24,576 -c--a-w C:\WINDOWS\system32\dllcache\httpapi.dll
+ 2004-08-04 12:00:00 10,096,640 -c--a-w C:\WINDOWS\system32\dllcache\hwxcht.dll
+ 2004-08-04 12:00:00 10,129,408 -c--a-w C:\WINDOWS\system32\dllcache\hwxkor.dll
+ 2004-08-04 05:00:52 8,192 -c--a-w C:\WINDOWS\system32\dllcache\i2omgmt.sys
+ 2004-08-04 05:00:52 18,560 -c--a-w C:\WINDOWS\system32\dllcache\i2omp.sys
+ 2001-08-17 20:56:00 353,184 -c--a-w C:\WINDOWS\system32\dllcache\i740dnt5.dll
+ 2001-08-17 18:49:06 58,592 -c--a-w C:\WINDOWS\system32\dllcache\i740nt5.sys
+ 2004-08-04 06:56:44 702,845 -c--a-w C:\WINDOWS\system32\dllcache\i81xdnt5.dll
+ 2004-08-04 04:29:38 161,020 -c--a-w C:\WINDOWS\system32\dllcache\i81xnt5.sys
+ 2004-08-04 12:00:00 23,552 -c--a-w C:\WINDOWS\system32\dllcache\iasacct.dll
+ 2004-08-04 12:00:00 17,920 -c--a-w C:\WINDOWS\system32\dllcache\iaspolcy.dll
+ 2004-08-04 12:00:00 119,808 -c--a-w C:\WINDOWS\system32\dllcache\iasrad.dll
+ 2004-08-04 12:00:00 141,312 -c--a-w C:\WINDOWS\system32\dllcache\iasrecst.dll
+ 2004-08-04 12:00:00 86,528 -c--a-w C:\WINDOWS\system32\dllcache\iassam.dll
+ 2001-08-17 18:11:58 28,700 -c--a-w C:\WINDOWS\system32\dllcache\ibmexmp.sys
+ 2001-08-18 04:34:30 9,216 -c--a-w C:\WINDOWS\system32\dllcache\ibmsgnet.dll
+ 2001-08-17 18:12:00 100,936 -c--a-w C:\WINDOWS\system32\dllcache\ibmtok.sys
+ 2001-08-17 18:12:02 109,085 -c--a-w C:\WINDOWS\system32\dllcache\ibmtrp.sys
+ 2001-08-17 20:06:46 38,528 -c--a-w C:\WINDOWS\system32\dllcache\ibmvcap.sys
+ 2004-08-04 12:00:00 11,264 -c--a-w C:\WINDOWS\system32\dllcache\icaapi.dll
+ 2001-08-17 20:05:44 141,056 -c--a-w C:\WINDOWS\system32\dllcache\icam3.sys
+ 2001-08-18 04:36:16 26,624 -c--a-w C:\WINDOWS\system32\dllcache\icam3ext.dll
+ 2001-08-18 04:36:16 91,136 -c--a-w C:\WINDOWS\system32\dllcache\icam4com.dll
+ 2001-08-18 04:36:16 61,952 -c--a-w C:\WINDOWS\system32\dllcache\icam4ext.dll
+ 2001-08-17 20:06:02 154,496 -c--a-w C:\WINDOWS\system32\dllcache\icam4usb.sys
+ 2001-08-18 04:36:16 45,056 -c--a-w C:\WINDOWS\system32\dllcache\icam5com.dll
+ 2001-08-18 04:36:16 20,480 -c--a-w C:\WINDOWS\system32\dllcache\icam5ext.dll
+ 2001-08-17 20:06:20 100,992 -c--a-w C:\WINDOWS\system32\dllcache\icam5usb.sys
+ 2004-08-04 12:00:00 16,384 -c--a-w C:\WINDOWS\system32\dllcache\icfgnt5.dll
+ 2005-06-29 01:46:00 254,976 -c--a-w C:\WINDOWS\system32\dllcache\icm32.dll
+ 2004-08-04 12:00:00 3,584 -c--a-w C:\WINDOWS\system32\dllcache\icmp.dll
+ 2004-08-04 12:00:00 54,784 -c--a-w C:\WINDOWS\system32\dllcache\icmui.dll
+ 2001-08-18 04:36:16 372,824 -c--a-w C:\WINDOWS\system32\dllcache\iconf32.dll
+ 2004-08-04 12:00:00 73,728 -c--a-w C:\WINDOWS\system32\dllcache\icwdial.dll
+ 2004-08-04 12:00:00 65,536 -c--a-w C:\WINDOWS\system32\dllcache\icwphbk.dll
+ 2004-08-04 12:00:00 61,440 -c--a-w C:\WINDOWS\system32\dllcache\icwres.dll
+ 2004-08-04 12:00:00 120,832 -c--a-w C:\WINDOWS\system32\dllcache\idq.dll
+ 2004-08-04 12:00:00 114,688 -c--a-w C:\WINDOWS\system32\dllcache\iexpress.exe
+ 2004-08-04 12:00:00 135,680 -c--a-w C:\WINDOWS\system32\dllcache\ifmon.dll
+ 2004-08-04 12:00:00 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ifsutil.dll
+ 2004-08-04 12:00:00 505,344 -c--a-w C:\WINDOWS\system32\dllcache\iis.dll
+ 2004-08-04 12:00:00 81,920 -c--a-w C:\WINDOWS\system32\dllcache\ils.dll
+ 2004-08-04 12:00:00 144,384 -c--a-w C:\WINDOWS\system32\dllcache\imagehlp.dll
+ 2004-08-04 12:00:00 150,016 -c--a-w C:\WINDOWS\system32\dllcache\imapi.exe
+ 2004-08-04 12:00:00 41,856 -c--a-w C:\WINDOWS\system32\dllcache\imapi.sys
+ 2004-08-04 12:00:00 106,496 -c--a-w C:\WINDOWS\system32\dllcache\imekrcic.dll
+ 2004-08-04 12:00:00 86,016 -c--a-w C:\WINDOWS\system32\dllcache\imekrmbx.dll
+ 2004-08-04 12:00:00 44,032 -c--a-w C:\WINDOWS\system32\dllcache\imekrmig.exe
+ 2004-08-04 12:00:00 102,463 -c--a-w C:\WINDOWS\system32\dllcache\imepadsm.dll
+ 2004-08-04 12:00:00 311,359 -c--a-w C:\WINDOWS\system32\dllcache\imepadsv.exe
+ 2004-08-04 12:00:00 368,696 -c--a-w C:\WINDOWS\system32\dllcache\imjpcic.dll
+ 2004-08-04 12:00:00 716,856 -c--a-w C:\WINDOWS\system32\dllcache\imjpcus.dll
+ 2004-08-04 12:00:00 57,398 -c--a-w C:\WINDOWS\system32\dllcache\imjpdadm.exe
+ 2004-08-04 12:00:00 81,976 -c--a-w C:\WINDOWS\system32\dllcache\imjpdct.dll
+ 2004-08-04 12:00:00 307,257 -c--a-w C:\WINDOWS\system32\dllcache\imjpdct.exe
+ 2004-08-04 12:00:00 155,705 -c--a-w C:\WINDOWS\system32\dllcache\imjpdsvr.exe
+ 2004-08-04 12:00:00 196,665 -c--a-w C:\WINDOWS\system32\dllcache\imjpinst.exe
+ 2004-08-04 12:00:00 208,952 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe
+ 2004-08-04 12:00:00 233,527 -c--a-w C:\WINDOWS\system32\dllcache\imjprw.exe
+ 2004-08-04 12:00:00 45,109 -c--a-w C:\WINDOWS\system32\dllcache\imjpuex.exe
+ 2004-08-04 12:00:00 262,200 -c--a-w C:\WINDOWS\system32\dllcache\imjputy.exe
+ 2004-08-04 12:00:00 274,489 -c--a-w C:\WINDOWS\system32\dllcache\imjputyc.dll
+ 2004-08-04 12:00:00 59,904 -c--a-w C:\WINDOWS\system32\dllcache\imkrinst.exe
+ 2004-08-04 12:00:00 102,456 -c--a-w C:\WINDOWS\system32\dllcache\imlang.dll
+ 2004-08-04 12:00:00 110,080 -c--a-w C:\WINDOWS\system32\dllcache\imm32.dll
+ 2004-08-04 12:00:00 59,392 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe
+ 2004-08-04 12:00:00 115,712 -c--a-w C:\WINDOWS\system32\dllcache\imsinsnt.dll
+ 2004-08-04 12:00:00 471,102 -c--a-w C:\WINDOWS\system32\dllcache\imskdic.dll
+ 2004-08-04 12:00:00 315,452 -c--a-w C:\WINDOWS\system32\dllcache\imskf.dll
+ 2004-08-04 12:00:00 274,432 -c--a-w C:\WINDOWS\system32\dllcache\inetcfg.dll
+ 2004-08-04 12:00:00 110,592 -c--a-w C:\WINDOWS\system32\dllcache\inetcplc.dll
+ 2004-08-04 12:00:00 33,280 -c--a-w C:\WINDOWS\system32\dllcache\inetmib1.dll
+ 2004-08-04 12:00:00 75,264 -c--a-w C:\WINDOWS\system32\dllcache\inetpp.dll
+ 2004-08-04 12:00:00 15,872 -c--a-w C:\WINDOWS\system32\dllcache\inetppui.dll
+ 2004-08-04 12:00:00 48,128 -c--a-w C:\WINDOWS\system32\dllcache\inetres.dll
+ 2001-08-17 19:52:08 16,000 -c--a-w C:\WINDOWS\system32\dllcache\ini910u.sys
+ 2001-08-17 19:47:50 13,056 -c--a-w C:\WINDOWS\system32\dllcache\inport.sys
+ 2004-08-04 12:00:00 123,392 -c--a-w C:\WINDOWS\system32\dllcache\input.dll
+ 2004-08-03 22:59:42 5,504 -c--a-w C:\WINDOWS\system32\dllcache\intelide.sys
+ 2004-08-04 12:00:00 36,096 -c--a-w C:\WINDOWS\system32\dllcache\intelppm.sys
+ 2001-08-17 19:50:56 38,784 -c--a-w C:\WINDOWS\system32\dllcache\io8.sys
+ 2001-08-18 04:36:18 90,200 -c--a-w C:\WINDOWS\system32\dllcache\io8ports.dll
+ 2004-08-04 12:00:00 30,720 -c--a-w C:\WINDOWS\system32\dllcache\iologmsg.dll
+ 2001-08-17 18:12:12 45,632 -c--a-w C:\WINDOWS\system32\dllcache\ip5515.sys
+ 2004-08-04 12:00:00 29,056 -c--a-w C:\WINDOWS\system32\dllcache\ip6fw.sys
+ 2004-08-04 12:00:00 55,808 -c--a-w C:\WINDOWS\system32\dllcache\ipconfig.exe
+ 2004-08-04 12:00:00 32,896 -c--a-w C:\WINDOWS\system32\dllcache\ipfltdrv.sys
+ 2004-08-04 12:00:00 20,992 -c--a-w C:\WINDOWS\system32\dllcache\ipinip.sys
+ 2004-09-29 22:28:37 134,912 -c--a-w C:\WINDOWS\system32\dllcache\ipnat.sys
+ 2004-08-04 12:00:00 331,264 -c--a-w C:\WINDOWS\system32\dllcache\ipnathlp.dll
+ 2004-08-04 12:00:00 35,328 -c--a-w C:\WINDOWS\system32\dllcache\iprip.dll
+ 2004-08-04 12:00:00 4,096 -c--a-w C:\WINDOWS\system32\dllcache\iprtprio.dll
+ 2004-08-04 12:00:00 74,752 -c--a-w C:\WINDOWS\system32\dllcache\ipsec.sys
+ 2004-08-04 12:00:00 44,032 -c--a-w C:\WINDOWS\system32\dllcache\ipsec6.exe
+ 2004-08-04 12:00:00 182,784 -c--a-w C:\WINDOWS\system32\dllcache\ipsecsvc.dll
+ 2004-08-04 12:00:00 53,248 -c--a-w C:\WINDOWS\system32\dllcache\ipv6.exe
+ 2004-08-04 12:00:00 83,968 -c--a-w C:\WINDOWS\system32\dllcache\ipxmontr.dll
+ 2004-08-04 12:00:00 21,504 -c--a-w C:\WINDOWS\system32\dllcache\ipxrip.dll
+ 2004-08-04 12:00:00 23,552 -c--a-w C:\WINDOWS\system32\dllcache\ipxroute.exe
+ 2004-08-04 12:00:00 20,992 -c--a-w C:\WINDOWS\system32\dllcache\ipxwan.dll
+ 2004-08-04 12:00:00 13,312 -c--a-w C:\WINDOWS\system32\dllcache\irclass.dll
+ 2004-08-04 05:00:54 87,424 -c--a-w C:\WINDOWS\system32\dllcache\irda.sys
+ 2004-08-04 12:00:00 11,264 -c--a-w C:\WINDOWS\system32\dllcache\irenum.sys
+ 2004-08-04 06:56:52 152,576 -c--a-w C:\WINDOWS\system32\dllcache\irftp.exe
+ 2001-08-17 19:49:04 23,552 -c--a-w C:\WINDOWS\system32\dllcache\irmk7.sys
+ 2004-08-04 06:56:44 27,136 -c--a-w C:\WINDOWS\system32\dllcache\irmon.dll
+ 2001-08-17 19:51:32 18,688 -c--a-w C:\WINDOWS\system32\dllcache\irsir.sys
+ 2001-08-17 19:49:10 26,624 -c--a-w C:\WINDOWS\system32\dllcache\irstusb.sys
+ 2001-08-17 20:58:02 35,840 -c--a-w C:\WINDOWS\system32\dllcache\isapnp.sys
+ 2004-08-04 12:00:00 81,920 -c--a-w C:\WINDOWS\system32\dllcache\isign32.dll
+ 2005-05-27 02:04:27 137,216 -c--a-w C:\WINDOWS\system32\dllcache\itss.dll
+ 2004-08-04 12:00:00 54,272 -c--a-w C:\WINDOWS\system32\dllcache\ixsso.dll
+ 2004-08-04 12:00:00 47,616 -c--a-w C:\WINDOWS\system32\dllcache\iyuv_32.dll
+ 2004-08-04 12:00:00 18,432 -c--a-w C:\WINDOWS\system32\dllcache\jupiw.dll
+ 2004-08-04 12:00:00 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbd101.dll
+ 2004-08-04 12:00:00 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbd101a.dll
+ 2001-08-17 20:55:56 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbd101b.dll
+ 2001-08-17 20:55:56 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbd101c.dll
+ 2001-08-17 20:55:56 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbd103.dll
+ 2001-08-17 20:55:56 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbd106.dll
+ 2004-08-04 12:00:00 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbd106n.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbda1.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbda2.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbda3.dll
+ 2004-08-04 12:00:00 5,120 -c--a-w C:\WINDOWS\system32\dllcache\kbdarme.dll
+ 2004-08-04 12:00:00 5,120 -c--a-w C:\WINDOWS\system32\dllcache\kbdarmw.dll
+ 2004-08-04 12:00:00 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbdax2.dll
+ 2004-08-04 12:00:00 24,576 -c--a-w C:\WINDOWS\system32\dllcache\kbdclass.sys
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbddiv1.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbddiv2.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbdfa.dll
+ 2004-08-04 12:00:00 5,120 -c--a-w C:\WINDOWS\system32\dllcache\kbdgeo.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbdheb.dll
+ 2004-08-04 04:58:36 14,848 -c--a-w C:\WINDOWS\system32\dllcache\kbdhid.sys
+ 2004-08-04 12:00:00 7,168 -c--a-w C:\WINDOWS\system32\dllcache\kbdibm02.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbdindev.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbdinguj.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbdinhin.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbdinkan.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbdinmar.dll
+ 2004-08-04 12:00:00 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbdinpun.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbdintam.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbdintel.dll
+ 2001-08-18 04:36:18 8,704 -c--a-w C:\WINDOWS\system32\dllcache\kbdjpn.dll
+ 2001-08-18 04:36:18 8,192 -c--a-w C:\WINDOWS\system32\dllcache\kbdkor.dll
+ 2004-08-04 12:00:00 6,656 -c--a-w C:\WINDOWS\system32\dllcache\kbdlk41a.dll
+ 2004-08-04 12:00:00 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbdlk41j.dll
+ 2004-08-04 12:00:00 7,168 -c--a-w C:\WINDOWS\system32\dllcache\kbdnec95.dll
+ 2004-08-04 12:00:00 9,216 -c--a-w C:\WINDOWS\system32\dllcache\kbdnecat.dll
+ 2004-08-04 12:00:00 7,680 -c--a-w C:\WINDOWS\system32\dllcache\kbdnecnt.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbdsyr1.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbdsyr2.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbdth0.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbdth1.dll
+ 2004-08-04 12:00:00 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbdth2.dll
+ 2004-08-04 12:00:00 6,144 -c--a-w C:\WINDOWS\system32\dllcache\kbdth3.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbdurdu.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbdus.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbdusa.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\kbdvntc.dll
+ 2001-08-18 04:36:18 45,568 -c--a-w C:\WINDOWS\system32\dllcache\kdsui.dll
+ 2001-08-18 04:36:18 242,176 -c--a-w C:\WINDOWS\system32\dllcache\kdsusd.dll
+ 2005-06-15 17:49:30 295,936 -c--a-w C:\WINDOWS\system32\dllcache\kerberos.dll
+ 2004-08-04 12:00:00 70,656 -c--a-w C:\WINDOWS\system32\dllcache\korwbrkr.dll
+ 2001-08-18 04:36:18 37,376 -c--a-w C:\WINDOWS\system32\dllcache\kousd.dll
+ 2004-08-04 12:00:00 92,224 -c--a-w C:\WINDOWS\system32\dllcache\krnl386.exe
+ 2004-08-04 06:15:22 140,928 -c--a-w C:\WINDOWS\system32\dllcache\ks.sys
+ 2004-08-04 07:56:44 4,096 -c--a-w C:\WINDOWS\system32\dllcache\ksuser.dll
+ 2001-08-17 18:12:14 19,016 -c--a-w C:\WINDOWS\system32\dllcache\ktc111.sys
+ 2004-08-04 12:00:00 9,728 -c--a-w C:\WINDOWS\system32\dllcache\label.exe
+ 2001-08-17 18:12:50 26,442 -c--a-w C:\WINDOWS\system32\dllcache\lanepic5.sys
+ 2004-08-04 12:00:00 89,600 -c--a-w C:\WINDOWS\system32\dllcache\langwrbk.dll
+ 2004-08-04 04:59:34 34,688 -c--a-w C:\WINDOWS\system32\dllcache\lbrtfdc.sys
+ 2004-08-04 12:00:00 423,936 -c--a-w C:\WINDOWS\system32\dllcache\licdll.dll
+ 2004-08-04 12:00:00 58,880 -c--a-w C:\WINDOWS\system32\dllcache\licwmi.dll
+ 2004-08-04 12:00:00 29,696 -c--a-w C:\WINDOWS\system32\dllcache\lights.exe
+ 2005-09-01 01:41:53 19,968 -c--a-w C:\WINDOWS\system32\dllcache\linkinfo.dll
+ 2001-08-17 19:51:10 15,744 -c--a-w C:\WINDOWS\system32\dllcache\lit220p.sys
+ 2004-08-04 12:00:00 13,824 -c--a-w C:\WINDOWS\system32\dllcache\lmhsvc.dll
+ 2004-08-04 12:00:00 33,792 -c--a-w C:\WINDOWS\system32\dllcache\lmmib2.dll
+ 2001-08-17 18:11:52 25,065 -c--a-w C:\WINDOWS\system32\dllcache\lmndis3.sys
+ 2004-08-04 12:00:00 399,872 -c--a-w C:\WINDOWS\system32\dllcache\lmrt.dll
+ 2001-08-17 18:12:20 20,573 -c--a-w C:\WINDOWS\system32\dllcache\lne100.sys
+ 2001-08-17 18:12:24 70,730 -c--a-w C:\WINDOWS\system32\dllcache\lne100tx.sys
+ 2004-08-04 12:00:00 25,088 -c--a-w C:\WINDOWS\system32\dllcache\lnkstub.exe
+ 2004-08-04 12:00:00 97,280 -c--a-w C:\WINDOWS\system32\dllcache\loadperf.dll
+ 2004-08-04 12:00:00 341,504 -c--a-w C:\WINDOWS\system32\dllcache\localspl.dll
+ 2004-08-04 12:00:00 75,264 -c--a-w C:\WINDOWS\system32\dllcache\locator.exe
+ 2006-10-19 02:03:58 100,864 -c--a-w C:\WINDOWS\system32\dllcache\logagent.exe
+ 2004-08-04 12:00:00 59,392 -c--a-w C:\WINDOWS\system32\dllcache\logman.exe
+ 2004-08-04 12:00:00 15,360 -c--a-w C:\WINDOWS\system32\dllcache\logoff.exe
+ 2004-08-04 12:00:00 514,560 -c--a-w C:\WINDOWS\system32\dllcache\logonui.exe
+ 2001-08-17 19:53:42 4,992 -c--a-w C:\WINDOWS\system32\dllcache\loop.sys
+ 2004-08-04 12:00:00 22,528 -c--a-w C:\WINDOWS\system32\dllcache\lpdsvc.dll
+ 2004-08-04 12:00:00 22,016 -c--a-w C:\WINDOWS\system32\dllcache\lpk.dll
+ 2004-08-04 12:00:00 18,944 -c--a-w C:\WINDOWS\system32\dllcache\lprmon.dll
+ 2004-08-04 12:00:00 13,312 -c--a-w C:\WINDOWS\system32\dllcache\lsass.exe
+ 2001-08-17 19:28:18 727,786 -c--a-w C:\WINDOWS\system32\dllcache\ltck000c.sys
+ 2004-08-04 04:41:36 606,684 -c--a-w C:\WINDOWS\system32\dllcache\ltmdmnt.sys
+ 2001-08-17 19:28:08 576,746 -c--a-w C:\WINDOWS\system32\dllcache\ltmdmntl.sys
+ 2004-08-04 04:41:38 420,992 -c--a-w C:\WINDOWS\system32\dllcache\ltmdmntt.sys
+ 2004-08-04 05:00:08 7,040 -c--a-w C:\WINDOWS\system32\dllcache\ltotape.sys
+ 2001-08-17 19:28:10 802,683 -c--a-w C:\WINDOWS\system32\dllcache\ltsm.sys
+ 2001-08-17 19:28:12 797,500 -c--a-w C:\WINDOWS\system32\dllcache\ltsmt.sys
+ 2004-08-04 04:39:32 20,864 -c--a-w C:\WINDOWS\system32\dllcache\lwadihid.sys
+ 2001-08-17 18:49:20 22,848 -c--a-w C:\WINDOWS\system32\dllcache\lwusbhid.sys
+ 2001-08-18 04:36:18 58,368 -c--a-w C:\WINDOWS\system32\dllcache\m3091dc.dll
+ 2001-08-18 04:36:18 58,880 -c--a-w C:\WINDOWS\system32\dllcache\m3092dc.dll
+ 2001-08-17 18:19:58 48,768 -c--a-w C:\WINDOWS\system32\dllcache\maestro.sys
+ 2004-08-04 12:00:00 72,704 -c--a-w C:\WINDOWS\system32\dllcache\magnify.exe
+ 2004-08-04 12:00:00 85,504 -c--a-w C:\WINDOWS\system32\dllcache\makecab.exe
+ 2001-08-17 19:52:50 7,424 -c--a-w C:\WINDOWS\system32\dllcache\mammoth.sys
+ 2004-08-04 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\mcastmib.dll
+ 2004-08-04 12:00:00 84,480 -c--a-w C:\WINDOWS\system32\dllcache\mciavi32.dll
+ 2004-08-04 12:00:00 17,408 -c--a-w C:\WINDOWS\system32\dllcache\mcicda.dll
+ 2004-08-04 12:00:00 23,040 -c--a-w C:\WINDOWS\system32\dllcache\mciseq.dll
+ 2004-08-04 12:00:00 23,552 -c--a-w C:\WINDOWS\system32\dllcache\mciwave.dll
+ 2001-08-17 18:12:26 164,586 -c--a-w C:\WINDOWS\system32\dllcache\mdgndis5.sys
+ 2004-08-04 12:00:00 118,272 -c--a-w C:\WINDOWS\system32\dllcache\mdminst.dll
+ 2004-08-04 12:00:00 39,274 -c--a-w C:\WINDOWS\system32\dllcache\mem.exe
+ 2001-08-17 19:58:04 8,320 -c--a-w C:\WINDOWS\system32\dllcache\memcard.sys
+ 2001-08-18 04:36:20 47,616 -c--a-w C:\WINDOWS\system32\dllcache\memgrp.dll
+ 2004-08-04 05:00:50 26,112 -c--a-w C:\WINDOWS\system32\dllcache\memstpci.sys
+ 2004-08-04 12:00:00 362,496 -c--a-w C:\WINDOWS\system32\dllcache\metal_ss.dll
+ 2004-08-04 12:00:00 1,028,096 -c--a-w C:\WINDOWS\system32\dllcache\mfc42.dll
+ 2004-08-04 12:00:00 22,528 -c--a-w C:\WINDOWS\system32\dllcache\mfcsubs.dll
+ 2004-08-04 12:00:00 92,032 -c--a-w C:\WINDOWS\system32\dllcache\mga.dll
+ 2004-08-04 12:00:00 92,416 -c--a-w C:\WINDOWS\system32\dllcache\mga.sys
+ 2001-08-17 20:56:02 235,648 -c--a-w C:\WINDOWS\system32\dllcache\mgaud.dll
+ 2004-08-04 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\mgmtapi.dll
+ 2004-08-04 12:00:00 18,944 -c--a-w C:\WINDOWS\system32\dllcache\midimap.dll
+ 2004-08-04 12:00:00 34,304 -c--a-w C:\WINDOWS\system32\dllcache\migisol.exe
+ 2004-08-04 12:00:00 7,680 -c--a-w C:\WINDOWS\system32\dllcache\migregdb.exe
+ 2004-08-04 12:00:00 240,128 -c--a-w C:\WINDOWS\system32\dllcache\migwiz.exe
+ 2004-08-04 12:00:00 18,944 -c--a-w C:\WINDOWS\system32\dllcache\mimefilt.dll
+ 2001-08-17 19:52:50 6,528 -c--a-w C:\WINDOWS\system32\dllcache\miniqic.sys
+ 2004-08-04 12:00:00 586,240 -c--a-w C:\WINDOWS\system32\dllcache\mlang.dll
+ 2004-08-04 12:00:00 815,104 -c--a-w C:\WINDOWS\system32\dllcache\mmc.exe
+ 2004-08-04 12:00:00 70,656 -c--a-w C:\WINDOWS\system32\dllcache\mmcbase.dll
+ 2004-08-04 12:00:00 50,688 -c--a-w C:\WINDOWS\system32\dllcache\mmcshext.dll
+ 2004-08-04 12:00:00 17,408 -c--a-w C:\WINDOWS\system32\dllcache\mmfutil.dll
+ 2004-08-04 12:00:00 119,808 -c--a-w C:\WINDOWS\system32\dllcache\mmutilse.dll
+ 2004-08-04 12:00:00 34,560 -c--a-w C:\WINDOWS\system32\dllcache\mnmdd.dll
+ 2004-08-04 12:00:00 4,224 -c--a-w C:\WINDOWS\system32\dllcache\mnmdd.sys
+ 2004-08-04 12:00:00 32,768 -c--a-w C:\WINDOWS\system32\dllcache\mnmsrvc.exe
+ 2004-08-04 12:00:00 143,360 -c--a-w C:\WINDOWS\system32\dllcache\mobsync.exe
+ 2004-08-04 12:00:00 30,080 -c--a-w C:\WINDOWS\system32\dllcache\modem.sys
+ 2001-08-17 13:57:38 16,128 -c--a-w C:\WINDOWS\system32\dllcache\modemcsa.sys
+ 2004-08-04 12:00:00 153,600 -c--a-w C:\WINDOWS\system32\dllcache\modemui.dll
+ 2004-08-04 12:00:00 216,064 -c--a-w C:\WINDOWS\system32\dllcache\moricons.dll
+ 2006-10-19 03:47:14 4,096 -c--a-w C:\WINDOWS\system32\dllcache\mp43dmod.dll
+ 2006-10-19 03:47:14 4,096 -c--a-w C:\WINDOWS\system32\dllcache\mp4sdmod.dll
+ 2004-08-04 05:10:14 15,360 -c--a-w C:\WINDOWS\system32\dllcache\mpe.sys
+ 2006-10-19 03:47:14 4,096 -c--a-w C:\WINDOWS\system32\dllcache\mpg4dmod.dll
+ 2004-08-04 12:00:00 123,392 -c--a-w C:\WINDOWS\system32\dllcache\mplay32.exe
+ 2004-08-04 12:00:00 22,016 -c--a-w C:\WINDOWS\system32\dllcache\mpnotify.exe
+ 2004-08-04 12:00:00 59,904 -c--a-w C:\WINDOWS\system32\dllcache\mpr.dll
+ 2004-08-04 12:00:00 87,040 -c--a-w C:\WINDOWS\system32\dllcache\mprapi.dll
+ 2004-08-04 12:00:00 99,840 -c--a-w C:\WINDOWS\system32\dllcache\mprmsg.dll
+ 2006-10-19 03:47:14 243,712 -c--a-w C:\WINDOWS\system32\dllcache\mpvis.dll
+ 2001-08-17 19:52:12 17,280 -c--a-w C:\WINDOWS\system32\dllcache\mraid35x.sys
+ 2004-08-04 12:00:00 12,800 -c--a-w C:\WINDOWS\system32\dllcache\mrinfo.exe
+ 2004-08-04 12:00:00 181,248 -c--a-w C:\WINDOWS\system32\dllcache\mrxdav.sys
+ 2004-08-04 12:00:00 102,912 -c--a-w C:\WINDOWS\system32\dllcache\msaatext.dll
+ 2004-08-04 12:00:00 71,680 -c--a-w C:\WINDOWS\system32\dllcache\msacm32.dll
+ 2006-03-23 05:44:21 143,360 -c--a-w C:\WINDOWS\system32\dllcache\msadco.dll
+ 2004-08-04 12:00:00 57,344 -c--a-w C:\WINDOWS\system32\dllcache\msadrh15.dll
+ 2004-08-04 12:00:00 86,016 -c--a-w C:\WINDOWS\system32\dllcache\msapsspc.dll
+ 2004-08-04 12:00:00 57,344 -c--a-w C:\WINDOWS\system32\dllcache\msasn1.dll
+ 2004-08-04 12:00:00 7,168 -c--a-w C:\WINDOWS\system32\dllcache\mscat32.dll
+ 2005-06-29 01:46:00 74,240 -c--a-w C:\WINDOWS\system32\dllcache\mscms.dll
+ 2004-08-04 12:00:00 36,864 -c--a-w C:\WINDOWS\system32\dllcache\mscpxl32.dll
+ 2004-08-04 12:00:00 294,400 -c--a-w C:\WINDOWS\system32\dllcache\msctf.dll
+ 2004-08-04 12:00:00 118,784 -c--a-w C:\WINDOWS\system32\dllcache\msdadiag.dll
+ 2004-08-04 12:00:00 151,552 -c--a-w C:\WINDOWS\system32\dllcache\msdart.dll
+ 2004-08-04 12:00:00 94,208 -c--a-w C:\WINDOWS\system32\dllcache\msdatl3.dll
+ 2004-08-04 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\msdmo.dll
+ 2004-08-04 12:00:00 6,144 -c--a-w C:\WINDOWS\system32\dllcache\msdtc.exe
+ 2004-08-04 12:00:00 82,432 -c--a-w C:\WINDOWS\system32\dllcache\msdtcstp.dll
+ 2004-08-04 05:10:00 51,328 -c--a-w C:\WINDOWS\system32\dllcache\msdv.sys
+ 2004-08-04 12:00:00 19,072 -c--a-w C:\WINDOWS\system32\dllcache\msfs.sys
+ 2001-08-17 19:48:36 6,016 -c--a-w C:\WINDOWS\system32\dllcache\msfsio.sys
+ 2004-08-04 12:00:00 20,992 -c--a-w C:\WINDOWS\system32\dllcache\msg.exe
+ 2001-08-17 20:02:40 35,200 -c--a-w C:\WINDOWS\system32\dllcache\msgame.sys
+ 2005-01-27 00:46:39 996,864 -c--a-w C:\WINDOWS\system32\dllcache\msgina.dll
+ 2004-08-04 12:00:00 35,072 -c--a-w C:\WINDOWS\system32\dllcache\msgpc.sys
+ 2004-08-04 12:00:00 15,360 -c--a-w C:\WINDOWS\system32\dllcache\msgrocm.dll
+ 2004-08-04 12:00:00 126,976 -c--a-w C:\WINDOWS\system32\dllcache\mshearts.exe
+ 2007-04-18 16:12:23 2,854,400 -c--a-w C:\WINDOWS\system32\dllcache\msi.dll
+ 2004-08-04 12:00:00 51,712 -c--a-w C:\WINDOWS\system32\dllcache\msident.dll
+ 2004-08-04 12:00:00 6,656 -c--a-w C:\WINDOWS\system32\dllcache\msidle.dll
+ 2004-08-04 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\msidntld.dll
+ 2005-05-03 19:58:36 78,848 -c--a-w C:\WINDOWS\system32\dllcache\msiexec.exe
+ 2005-05-03 19:58:36 271,360 -c--a-w C:\WINDOWS\system32\dllcache\msihnd.dll
+ 2004-08-04 12:00:00 4,608 -c--a-w C:\WINDOWS\system32\dllcache\msimg32.dll
+ 2004-08-04 12:00:00 159,232 -c--a-w C:\WINDOWS\system32\dllcache\msimtf.dll
+ 2004-08-04 12:00:00 376,320 -c--a-w C:\WINDOWS\system32\dllcache\msinfo.dll
+ 2004-08-04 12:00:00 98,304 -c--a-w C:\WINDOWS\system32\dllcache\msir3jp.dll
+ 2004-08-04 05:00:48 22,016 -c--a-w C:\WINDOWS\system32\dllcache\msircomm.sys
+ 2004-08-04 12:00:00 40,960 -c--a-w C:\WINDOWS\system32\dllcache\msiregmv.exe
+ 2005-05-03 19:58:36 15,360 -c--a-w C:\WINDOWS\system32\dllcache\msisip.dll
+ 2004-08-04 12:00:00 1,507,356 -c--a-w C:\WINDOWS\system32\dllcache\msjet40.dll
+ 2004-08-04 12:00:00 358,976 -c--a-w C:\WINDOWS\system32\dllcache\msjetol1.dll
+ 2004-08-04 12:00:00 151,583 -c--a-w C:\WINDOWS\system32\dllcache\msjint40.dll
+ 2004-08-04 12:00:00 53,279 -c--a-w C:\WINDOWS\system32\dllcache\msjter40.dll
+ 2004-08-04 12:00:00 241,693 -c--a-w C:\WINDOWS\system32\dllcache\msjtes40.dll
+ 2004-08-03 22:58:42 7,552 -c--a-w C:\WINDOWS\system32\dllcache\mskssrv.sys
+ 2004-08-04 12:00:00 252,928 -c--a-w C:\WINDOWS\system32\dllcache\msoeacct.dll
+ 2004-08-04 12:00:00 105,984 -c--a-w C:\WINDOWS\system32\dllcache\msoert2.dll
+ 2004-08-04 12:00:00 20,480 -c--a-w C:\WINDOWS\system32\dllcache\msorc32r.dll
+ 2004-08-04 12:00:00 143,360 -c--a-w C:\WINDOWS\system32\dllcache\msorcl32.dll
+ 2004-08-04 12:00:00 343,040 -c--a-w C:\WINDOWS\system32\dllcache\mspaint.exe
+ 2004-08-04 12:00:00 30,208 -c--a-w C:\WINDOWS\system32\dllcache\mspatcha.dll
+ 2004-08-03 22:58:40 5,376 -c--a-w C:\WINDOWS\system32\dllcache\mspclock.sys
+ 2006-10-19 03:47:16 175,616 -c--a-w C:\WINDOWS\system32\dllcache\mspmsp.dll
+ 2004-08-04 12:00:00 41,984 -c--a-w C:\WINDOWS\system32\dllcache\msports.dll
+ 2004-08-03 22:58:42 4,992 -c--a-w C:\WINDOWS\system32\dllcache\mspqm.sys
+ 2004-08-04 12:00:00 48,128 -c--a-w C:\WINDOWS\system32\dllcache\msprivs.dll
+ 2004-08-04 12:00:00 60,416 -c--a-w C:\WINDOWS\system32\dllcache\msratelc.dll
+ 2001-08-17 19:48:50 12,416 -c--a-w C:\WINDOWS\system32\dllcache\msriffwv.sys
+ 2004-08-04 12:00:00 11,264 -c--a-w C:\WINDOWS\system32\dllcache\msrle32.dll
+ 2004-08-04 12:00:00 134,656 -c--a-w C:\WINDOWS\system32\dllcache\mssap.dll
+ 2004-08-04 12:00:00 15,488 -c--a-w C:\WINDOWS\system32\dllcache\mssmbios.sys
+ 2004-08-04 12:00:00 13,312 -c--a-w C:\WINDOWS\system32\dllcache\msswch.dll
+ 2004-08-04 05:10:00 49,024 -c--a-w C:\WINDOWS\system32\dllcache\mstape.sys
+ 2004-08-04 12:00:00 274,944 -c--a-w C:\WINDOWS\system32\dllcache\mstask.dll
+ 2004-08-04 12:00:00 12,288 -c--a-w C:\WINDOWS\system32\dllcache\mstinit.exe
+ 2004-08-04 12:00:00 115,712 -c--a-w C:\WINDOWS\system32\dllcache\mstlsapi.dll
+ 2004-08-04 12:00:00 407,552 -c--a-w C:\WINDOWS\system32\dllcache\mstsc.exe
+ 2004-08-04 12:00:00 655,360 -c--a-w C:\WINDOWS\system32\dllcache\mstscax.dll
+ 2004-08-04 12:00:00 195,072 -c--a-w C:\WINDOWS\system32\dllcache\msutb.dll
+ 2004-08-04 12:00:00 129,536 -c--a-w C:\WINDOWS\system32\dllcache\msv1_0.dll
+ 2004-08-04 12:00:00 54,784 -c--a-w C:\WINDOWS\system32\dllcache\msvcirt.dll
+ 2004-08-04 12:00:00 413,696 -c--a-w C:\WINDOWS\system32\dllcache\msvcp60.dll
+ 2004-08-04 12:00:00 343,040 -c--a-w C:\WINDOWS\system32\dllcache\msvcrt.dll
+ 2004-08-04 12:00:00 253,952 -c--a-w C:\WINDOWS\system32\dllcache\msvcrt20.dll
+ 2004-08-04 12:00:00 61,440 -c--a-w C:\WINDOWS\system32\dllcache\msvcrt40.dll
+ 2004-08-04 12:00:00 120,832 -c--a-w C:\WINDOWS\system32\dllcache\msvfw32.dll
+ 2004-08-04 12:00:00 25,600 -c--a-w C:\WINDOWS\system32\dllcache\msvidc32.dll
+ 2004-08-04 12:00:00 72,704 -c--a-w C:\WINDOWS\system32\dllcache\msw3prt.dll
+ 2006-10-19 03:47:16 321,536 -c--a-w C:\WINDOWS\system32\dllcache\mswmdm.dll
+ 2004-08-04 12:00:00 245,248 -c--a-w C:\WINDOWS\system32\dllcache\mswsock.dll
+ 2004-08-04 12:00:00 614,429 -c--a-w C:\WINDOWS\system32\dllcache\mswstr10.dll
+ 2004-08-04 12:00:00 701,440 -c--a-w C:\WINDOWS\system32\dllcache\msxml2.dll
+ 2004-08-04 12:00:00 44,032 -c--a-w C:\WINDOWS\system32\dllcache\msxml3r.dll
+ 2004-08-04 12:00:00 17,408 -c--a-w C:\WINDOWS\system32\dllcache\msyuv.dll
+ 2004-08-04 04:41:40 126,686 -c--a-w C:\WINDOWS\system32\dllcache\mtlmnt5.sys
+ 2004-08-04 04:41:38 1,309,184 -c--a-w C:\WINDOWS\system32\dllcache\mtlstrm.sys
+ 2004-08-04 12:00:00 111,104 -c--a-w C:\WINDOWS\system32\dllcache\mtstocom.exe
+ 2006-03-01 19:42:42 66,560 -c--a-w C:\WINDOWS\system32\dllcache\mtxclu.dll
+ 2004-08-04 12:00:00 20,480 -c--a-w C:\WINDOWS\system32\dllcache\mtxdm.dll
+ 2004-08-04 12:00:00 4,096 -c--a-w C:\WINDOWS\system32\dllcache\mtxex.dll
+ 2006-03-01 19:42:42 91,136 -c--a-w C:\WINDOWS\system32\dllcache\mtxoci.dll
+ 2004-08-04 06:56:46 1,737,856 -c--a-w C:\WINDOWS\system32\dllcache\mtxparhd.dll
+ 2004-08-04 04:29:38 452,736 -c--a-w C:\WINDOWS\system32\dllcache\mtxparhm.sys
+ 2001-08-17 18:50:04 103,296 -c--a-w C:\WINDOWS\system32\dllcache\mtxvideo.sys
+ 2004-08-04 12:00:00 229,439 -c--a-w C:\WINDOWS\system32\dllcache\multibox.dll
+ 2004-08-04 05:04:52 12,672 -c--a-w C:\WINDOWS\system32\dllcache\mutohpen.sys
+ 2001-08-17 19:50:48 21,888 -c--a-w C:\WINDOWS\system32\dllcache\mxcard.sys
+ 2001-08-18 04:36:26 19,968 -c--a-w C:\WINDOWS\system32\dllcache\mxicfg.dll
+ 2001-08-17 19:49:32 19,968 -c--a-w C:\WINDOWS\system32\dllcache\mxnic.sys
+ 2001-08-18 04:36:26 7,168 -c--a-w C:\WINDOWS\system32\dllcache\mxport.dll
+ 2001-08-17 19:50:54 75,520 -c--a-w C:\WINDOWS\system32\dllcache\mxport.sys
+ 2004-08-04 12:00:00 90,112 -c--a-w C:\WINDOWS\system32\dllcache\mycomput.dll
+ 2004-08-04 12:00:00 90,624 -c--a-w C:\WINDOWS\system32\dllcache\mydocs.dll
+ 2001-08-17 18:11:36 52,255 -c--a-w C:\WINDOWS\system32\dllcache\n1000nt5.sys
+ 2001-08-17 18:11:38 128,000 -c--a-w C:\WINDOWS\system32\dllcache\n100325.sys
+ 2001-08-17 20:56:02 35,392 -c--a-w C:\WINDOWS\system32\dllcache\n9i128.dll
+ 2001-08-17 18:50:06 13,664 -c--a-w C:\WINDOWS\system32\dllcache\n9i128.sys
+ 2001-08-18 04:36:02 59,104 -c--a-w C:\WINDOWS\system32\dllcache\n9i128v2.dll
+ 2001-08-17 18:50:08 33,088 -c--a-w C:\WINDOWS\system32\dllcache\n9i128v2.sys
+ 2001-08-17 18:50:10 27,936 -c--a-w C:\WINDOWS\system32\dllcache\n9i3d.sys
+ 2001-08-17 20:56:02 91,488 -c--a-w C:\WINDOWS\system32\dllcache\n9i3disp.dll
+ 2004-08-04 12:00:00 53,760 -c--a-w C:\WINDOWS\system32\dllcache\narrator.exe
+ 2004-08-04 12:00:00 20,480 -c--a-w C:\WINDOWS\system32\dllcache\nbtstat.exe
+ 2004-08-04 12:00:00 36,352 -c--a-w C:\WINDOWS\system32\dllcache\ncobjapi.dll
+ 2004-08-04 12:00:00 47,104 -c--a-w C:\WINDOWS\system32\dllcache\ncprov.dll
+ 2004-08-04 12:00:00 17,920 -c--a-w C:\WINDOWS\system32\dllcache\nddeapi.dll
+ 2004-08-04 12:00:00 18,944 -c--a-w C:\WINDOWS\system32\dllcache\nddenb32.dll
+ 2004-08-04 12:00:00 9,600 -c--a-w C:\WINDOWS\system32\dllcache\ndistapi.sys
+ 2004-08-04 12:00:00 12,928 -c--a-w C:\WINDOWS\system32\dllcache\ndisuio.sys
+ 2004-08-04 12:00:00 91,776 -c--a-w C:\WINDOWS\system32\dllcache\ndiswan.sys
+ 2004-08-04 12:00:00 38,016 -c--a-w C:\WINDOWS\system32\dllcache\ndproxy.sys
+ 2001-08-17 19:49:14 15,872 -c--a-w C:\WINDOWS\system32\dllcache\ne2000.sys
+ 2001-08-18 04:36:02 60,480 -c--a-w C:\WINDOWS\system32\dllcache\neo20xx.dll
+ 2001-08-17 18:50:04 39,264 -c--a-w C:\WINDOWS\system32\dllcache\neo20xx.sys
+ 2004-08-04 12:00:00 42,496 -c--a-w C:\WINDOWS\system32\dllcache\net.exe
+ 2004-08-04 12:00:00 124,928 -c--a-w C:\WINDOWS\system32\dllcache\net1.exe
+ 2004-08-04 12:00:00 108,464 -c--a-w C:\WINDOWS\system32\dllcache\netapi.dll
+ 2004-08-04 12:00:00 34,560 -c--a-w C:\WINDOWS\system32\dllcache\netbios.sys
+ 2004-08-04 12:00:00 162,816 -c--a-w C:\WINDOWS\system32\dllcache\netbt.sys
+ 2004-08-04 12:00:00 622,080 -c--a-w C:\WINDOWS\system32\dllcache\netcfgx.dll
+ 2004-08-04 12:00:00 111,104 -c--a-w C:\WINDOWS\system32\dllcache\netdde.exe
+ 2001-08-17 18:11:36 65,278 -c--a-w C:\WINDOWS\system32\dllcache\netflx3.sys
+ 2004-08-04 12:00:00 139,264 -c--a-w C:\WINDOWS\system32\dllcache\netid.dll
+ 2004-08-04 12:00:00 407,040 -c--a-w C:\WINDOWS\system32\dllcache\netlogon.dll
+ 2005-08-22 18:29:46 197,632 -c--a-w C:\WINDOWS\system32\dllcache\netman.dll
+ 2004-08-04 12:00:00 171,008 -c--a-w C:\WINDOWS\system32\dllcache\netmsg.dll
+ 2004-08-04 12:00:00 77,312 -c--a-w C:\WINDOWS\system32\dllcache\netoc.dll
+ 2004-08-04 12:00:00 875,008 -c--a-w C:\WINDOWS\system32\dllcache\netplwiz.dll
+ 2004-08-04 12:00:00 12,288 -c--a-w C:\WINDOWS\system32\dllcache\netrap.dll
+ 2004-08-04 12:00:00 329,728 -c--a-w C:\WINDOWS\system32\dllcache\netsetup.exe
+ 2004-08-04 12:00:00 86,016 -c--a-w C:\WINDOWS\system32\dllcache\netsh.exe
+ 2004-08-04 12:00:00 1,708,032 -c--a-w C:\WINDOWS\system32\dllcache\netshell.dll
+ 2004-08-04 12:00:00 36,864 -c--a-w C:\WINDOWS\system32\dllcache\netstat.exe
+ 2004-08-04 12:00:00 80,896 -c--a-w C:\WINDOWS\system32\dllcache\netui0.dll
+ 2004-08-04 12:00:00 245,760 -c--a-w C:\WINDOWS\system32\dllcache\netui1.dll
+ 2004-08-04 12:00:00 308,224 -c--a-w C:\WINDOWS\system32\dllcache\netui2.dll
+ 2004-08-04 04:31:42 132,695 -c--a-w C:\WINDOWS\system32\dllcache\netwlan5.sys
+ 2004-08-04 12:00:00 248,832 -c--a-w C:\WINDOWS\system32\dllcache\newdev.dll
+ 2001-08-17 18:12:20 32,840 -c--a-w C:\WINDOWS\system32\dllcache\ngrpci.sys
+ 2004-08-04 12:00:00 61,824 -c--a-w C:\WINDOWS\system32\dllcache\nic1394.sys
+ 2004-08-04 12:00:00 103,936 -c--a-w C:\WINDOWS\system32\dllcache\nlhtml.dll
+ 2001-08-17 18:20:08 126,080 -c--a-w C:\WINDOWS\system32\dllcache\nm5a2wdm.sys
+ 2001-08-17 18:20:08 87,040 -c--a-w C:\WINDOWS\system32\dllcache\nm6wdm.sys
+ 2004-08-04 12:00:00 188,416 -c--a-w C:\WINDOWS\system32\dllcache\nmwb.dll
+ 2004-08-04 12:00:00 69,120 -c--a-w C:\WINDOWS\system32\dllcache\notepad.exe
+ 2004-08-04 12:00:00 30,848 -c--a-w C:\WINDOWS\system32\dllcache\npfs.sys
+ 2004-08-04 12:00:00 54,784 -c--a-w C:\WINDOWS\system32\dllcache\npptools.dll
+ 2004-08-04 05:00:52 28,672 -c--a-w C:\WINDOWS\system32\dllcache\nscirda.sys
+ 2004-08-04 12:00:00 76,800 -c--a-w C:\WINDOWS\system32\dllcache\nslookup.exe
+ 2001-08-17 19:53:02 7,552 -c--a-w C:\WINDOWS\system32\dllcache\nsmmc.sys
+ 2001-08-17 19:47:22 9,344 -c--a-w C:\WINDOWS\system32\dllcache\ntapm.sys
+ 2004-08-04 12:00:00 708,096 -c--a-w C:\WINDOWS\system32\dllcache\ntdll.dll
+ 2004-08-04 12:00:00 67,072 -c--a-w C:\WINDOWS\system32\dllcache\ntdsapi.dll
+ 2001-08-17 18:49:04 51,552 -c--a-w C:\WINDOWS\system32\dllcache\ntgrip.sys
+ 2004-08-04 12:00:00 43,520 -c--a-w C:\WINDOWS\system32\dllcache\ntlanman.dll
+ 2004-08-04 12:00:00 57,856 -c--a-w C:\WINDOWS\system32\dllcache\ntlanui.dll
+ 2004-08-04 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\ntlanui2.dll
+ 2004-08-04 12:00:00 8,192 -c--a-w C:\WINDOWS\system32\dllcache\ntlsapi.dll
+ 2004-08-04 12:00:00 118,784 -c--a-w C:\WINDOWS\system32\dllcache\ntmarta.dll
+ 2004-08-04 12:00:00 36,864 -c--a-w C:\WINDOWS\system32\dllcache\ntmsevt.dll
+ 2004-08-04 04:41:40 180,360 -c--a-w C:\WINDOWS\system32\dllcache\ntmtlfax.sys
+ 2004-08-04 12:00:00 62,976 -c--a-w C:\WINDOWS\system32\dllcache\ntoc.dll
+ 2004-08-04 12:00:00 91,136 -c--a-w C:\WINDOWS\system32\dllcache\ntprint.dll
+ 2004-08-04 12:00:00 31,744 -c--a-w C:\WINDOWS\system32\dllcache\ntsd.exe
+ 2004-08-04 12:00:00 36,864 -c--a-w C:\WINDOWS\system32\dllcache\ntsdexts.dll
+ 2004-08-04 12:00:00 143,872 -c--a-w C:\WINDOWS\system32\dllcache\ntshrui.dll
+ 2004-08-04 12:00:00 419,840 -c--a-w C:\WINDOWS\system32\dllcache\ntvdm.exe
+ 2004-08-04 12:00:00 13,312 -c--a-w C:\WINDOWS\system32\dllcache\ntvdmd.dll
+ 2001-08-18 04:36:02 123,776 -c--a-w C:\WINDOWS\system32\dllcache\nv3.dll
+ 2001-08-17 18:50:18 198,144 -c--a-w C:\WINDOWS\system32\dllcache\nv3.sys
+ 2004-08-04 04:29:56 1,897,408 -c--a-w C:\WINDOWS\system32\dllcache\nv4_mini.sys
+ 2004-08-04 12:00:00 12,416 -c--a-w C:\WINDOWS\system32\dllcache\nwlnkflt.sys
+ 2004-08-04 12:00:00 32,512 -c--a-w C:\WINDOWS\system32\dllcache\nwlnkfwd.sys
+ 2004-08-04 12:00:00 266,752 -c--a-w C:\WINDOWS\system32\dllcache\oakley.dll
+ 2004-08-04 12:00:00 15,872 -c--a-w C:\WINDOWS\system32\dllcache\ocgen.dll
+ 2004-08-04 12:00:00 60,928 -c--a-w C:\WINDOWS\system32\dllcache\ocmanage.dll
+ 2004-08-04 12:00:00 17,408 -c--a-w C:\WINDOWS\system32\dllcache\ocmsn.dll
+ 2004-08-04 12:00:00 249,856 -c--a-w C:\WINDOWS\system32\dllcache\odbc32.dll
+ 2004-08-04 12:00:00 16,384 -c--a-w C:\WINDOWS\system32\dllcache\odbc32gt.dll
+ 2004-08-04 12:00:00 32,768 -c--a-w C:\WINDOWS\system32\dllcache\odbcad32.exe
+ 2004-08-04 12:00:00 135,168 -c--a-w C:\WINDOWS\system32\dllcache\odbcconf.dll
+ 2004-08-04 12:00:00 69,632 -c--a-w C:\WINDOWS\system32\dllcache\odbcconf.exe
+ 2004-08-04 12:00:00 106,496 -c--a-w C:\WINDOWS\system32\dllcache\odbccp32.dll
+ 2004-08-04 12:00:00 65,536 -c--a-w C:\WINDOWS\system32\dllcache\odbccr32.dll
+ 2004-08-04 12:00:00 65,536 -c--a-w C:\WINDOWS\system32\dllcache\odbccu32.dll
+ 2004-08-04 12:00:00 94,208 -c--a-w C:\WINDOWS\system32\dllcache\odbcint.dll
+ 2004-08-04 12:00:00 53,279 -c--a-w C:\WINDOWS\system32\dllcache\odbcji32.dll
+ 2004-08-04 12:00:00 278,559 -c--a-w C:\WINDOWS\system32\dllcache\odbcjt32.dll
+ 2004-08-04 12:00:00 20,511 -c--a-w C:\WINDOWS\system32\dllcache\oddbse32.dll
+ 2004-08-04 12:00:00 20,510 -c--a-w C:\WINDOWS\system32\dllcache\odexl32.dll
+ 2004-08-04 12:00:00 20,510 -c--a-w C:\WINDOWS\system32\dllcache\odfox32.dll
+ 2004-08-04 12:00:00 20,510 -c--a-w C:\WINDOWS\system32\dllcache\odpdx32.dll
+ 2004-08-04 12:00:00 20,511 -c--a-w C:\WINDOWS\system32\dllcache\odtext32.dll
+ 2005-06-09 22:45:24 13,107,200 -c--a-w C:\WINDOWS\system32\dllcache\oembios.bin
+ 2004-08-04 12:00:00 120,832 -c--a-w C:\WINDOWS\system32\dllcache\offfilt.dll
+ 2004-08-04 12:00:00 61,056 -c--a-w C:\WINDOWS\system32\dllcache\ohci1394.sys
+ 2005-07-26 04:39:48 1,285,120 -c--a-w C:\WINDOWS\system32\dllcache\ole32.dll
+ 2004-08-04 12:00:00 163,328 -c--a-w C:\WINDOWS\system32\dllcache\oleacc.dll
+ 2004-08-04 12:00:00 16,896 -c--a-w C:\WINDOWS\system32\dllcache\oleaccrc.dll
+ 2005-07-26 04:39:48 74,752 -c--a-w C:\WINDOWS\system32\dllcache\olecli32.dll
+ 2005-07-26 04:39:49 37,888 -c--a-w C:\WINDOWS\system32\dllcache\olecnv32.dll
+ 2004-08-04 12:00:00 487,424 -c--a-w C:\WINDOWS\system32\dllcache\oledb32.dll
+ 2004-08-04 12:00:00 65,536 -c--a-w C:\WINDOWS\system32\dllcache\oledb32r.dll
+ 2004-08-04 12:00:00 107,008 -c--a-w C:\WINDOWS\system32\dllcache\oleprn.dll
+ 2004-08-04 12:00:00 83,456 -c--a-w C:\WINDOWS\system32\dllcache\olepro32.dll
+ 2004-08-04 12:00:00 22,016 -c--a-w C:\WINDOWS\system32\dllcache\olesvr32.dll
+ 2004-08-04 12:00:00 69,120 -c--a-w C:\WINDOWS\system32\dllcache\olethk32.dll
+ 2004-08-04 12:00:00 713,728 -c--a-w C:\WINDOWS\system32\dllcache\opengl32.dll
+ 2001-08-17 18:20:16 54,528 -c--a-w C:\WINDOWS\system32\dllcache\opl3sax.sys
+ 2004-08-04 12:00:00 215,552 -c--a-w C:\WINDOWS\system32\dllcache\osk.exe
+ 2004-08-04 12:00:00 67,584 -c--a-w C:\WINDOWS\system32\dllcache\osuninst.dll
+ 2004-08-04 12:00:00 40,448 -c--a-w C:\WINDOWS\system32\dllcache\osuninst.exe
+ 2001-08-17 18:12:36 27,209 -c--a-w C:\WINDOWS\system32\dllcache\otc06x5.sys
+ 2001-08-17 18:12:36 43,689 -c--a-w C:\WINDOWS\system32\dllcache\otceth5.sys
+ 2001-08-17 19:28:12 54,186 -c--a-w C:\WINDOWS\system32\dllcache\otcsercb.sys
+ 2001-08-17 20:05:04 25,088 -c--a-w C:\WINDOWS\system32\dllcache\ovca.sys
+ 2001-08-17 20:05:12 48,000 -c--a-w C:\WINDOWS\system32\dllcache\ovcam2.sys
+ 2001-08-17 20:05:16 28,032 -c--a-w C:\WINDOWS\system32\dllcache\ovcd.sys
+ 2001-08-17 20:05:20 31,872 -c--a-w C:\WINDOWS\system32\dllcache\ovce.sys
+ 2001-08-18 04:36:28 116,736 -c--a-w C:\WINDOWS\system32\dllcache\ovcodec2.dll
+ 2001-08-18 04:36:28 20,480 -c--a-w C:\WINDOWS\system32\dllcache\ovcomc.dll
+ 2001-08-18 04:36:54 39,424 -c--a-w C:\WINDOWS\system32\dllcache\ovcoms.exe
+ 2001-08-17 20:05:06 25,216 -c--a-w C:\WINDOWS\system32\dllcache\ovsound2.sys
+ 2001-08-18 04:36:28 44,544 -c--a-w C:\WINDOWS\system32\dllcache\ovui2.dll
+ 2001-08-18 04:36:28 41,984 -c--a-w C:\WINDOWS\system32\dllcache\ovui2rc.dll
+ 2004-08-04 12:00:00 116,224 -c--a-w C:\WINDOWS\system32\dllcache\p2p.dll
+ 2004-08-04 12:00:00 86,016 -c--a-w C:\WINDOWS\system32\dllcache\p2pgasvc.dll
+ 2004-08-04 12:00:00 88,064 -c--a-w C:\WINDOWS\system32\dllcache\p2pnetsh.dll
+ 2004-08-04 12:00:00 58,368 -c--a-w C:\WINDOWS\system32\dllcache\packager.exe
+ 2004-08-04 12:00:00 15,872 -c--a-w C:\WINDOWS\system32\dllcache\padrs404.dll
+ 2004-08-04 12:00:00 36,927 -c--a-w C:\WINDOWS\system32\dllcache\padrs411.dll
+ 2004-08-04 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\padrs412.dll
+ 2004-08-04 12:00:00 15,360 -c--a-w C:\WINDOWS\system32\dllcache\padrs804.dll
+ 2004-08-04 12:00:00 80,128 -c--a-w C:\WINDOWS\system32\dllcache\parport.sys
+ 2004-08-04 12:00:00 21,504 -c--a-w C:\WINDOWS\system32\dllcache\pathping.exe
+ 2001-08-17 18:12:18 30,495 -c--a-w C:\WINDOWS\system32\dllcache\pc100nds.sys
+ 2004-08-04 04:31:24 29,502 -c--a-w C:\WINDOWS\system32\dllcache\pca200e.sys
+ 2004-08-04 12:00:00 102,400 -c--a-w C:\WINDOWS\system32\dllcache\pchshell.dll
+ 2004-08-04 12:00:00 38,912 -c--a-w C:\WINDOWS\system32\dllcache\pchsvc.dll
+ 2004-08-04 06:07:48 68,224 -c--a-w C:\WINDOWS\system32\dllcache\pci.sys
+ 2001-08-17 20:51:52 3,328 -c--a-w C:\WINDOWS\system32\dllcache\pciide.sys
+ 2001-08-17 18:12:18 26,153 -c--a-w C:\WINDOWS\system32\dllcache\pcmlm56.sys
+ 2001-08-17 18:11:22 30,282 -c--a-w C:\WINDOWS\system32\dllcache\pcntn5hl.sys
+ 2001-08-17 18:11:20 29,769 -c--a-w C:\WINDOWS\system32\dllcache\pcntn5m.sys
+ 2001-08-17 18:11:22 35,328 -c--a-w C:\WINDOWS\system32\dllcache\pcntpci5.sys
+ 2001-08-18 04:36:54 86,016 -c--a-w C:\WINDOWS\system32\dllcache\pctspk.exe
+ 2004-08-04 04:06:18 169,984 -c--a-w C:\WINDOWS\system32\dllcache\pcx500.sys
+ 2004-08-04 12:00:00 283,648 -c--a-w C:\WINDOWS\system32\dllcache\pdh.dll
+ 2004-08-04 12:00:00 15,360 -c--a-w C:\WINDOWS\system32\dllcache\pentnt.exe
+ 2001-08-17 20:07:40 27,296 -c--a-w C:\WINDOWS\system32\dllcache\perc2.sys
+ 2001-08-17 20:07:42 5,504 -c--a-w C:\WINDOWS\system32\dllcache\perc2hib.sys
+ 2004-08-04 12:00:00 15,872 -c--a-w C:\WINDOWS\system32\dllcache\perfmon.exe
+ 2004-08-04 12:00:00 16,896 -c--a-w C:\WINDOWS\system32\dllcache\perfnet.dll
+ 2004-08-04 12:00:00 25,088 -c--a-w C:\WINDOWS\system32\dllcache\perfos.dll
+ 2004-08-04 05:06:56 27,904 -c--a-w C:\WINDOWS\system32\dllcache\perm2.sys
+ 2004-08-04 06:56:24 211,712 -c--a-w C:\WINDOWS\system32\dllcache\perm2dll.dll
+ 2004-08-04 05:06:58 28,032 -c--a-w C:\WINDOWS\system32\dllcache\perm3.sys
+ 2004-08-04 06:56:24 259,328 -c--a-w C:\WINDOWS\system32\dllcache\perm3dd.dll
+ 2001-08-18 04:36:28 16,384 -c--a-w C:\WINDOWS\system32\dllcache\philcam1.dll
+ 2001-08-17 20:04:50 75,776 -c--a-w C:\WINDOWS\system32\dllcache\philcam1.sys
+ 2001-08-17 20:04:08 173,696 -c--a-w C:\WINDOWS\system32\dllcache\philcam2.sys
+ 2001-08-17 20:04:04 92,416 -c--a-w C:\WINDOWS\system32\dllcache\phildec.sys
+ 2001-08-17 20:07:20 19,840 -c--a-w C:\WINDOWS\system32\dllcache\philtune.sys
+ 2001-08-18 04:36:28 121,344 -c--a-w C:\WINDOWS\system32\dllcache\phvfwext.dll
+ 2004-08-04 12:00:00 24,064 -c--a-w C:\WINDOWS\system32\dllcache\pidgen.dll
+ 2004-08-04 12:00:00 17,920 -c--a-w C:\WINDOWS\system32\dllcache\ping.exe
+ 2004-08-04 12:00:00 33,280 -c--a-w C:\WINDOWS\system32\dllcache\ping6.exe
+ 2004-08-04 12:00:00 175,104 -c--a-w C:\WINDOWS\system32\dllcache\pintlcsa.dll
+ 2004-08-04 12:00:00 53,760 -c--a-w C:\WINDOWS\system32\dllcache\pintlcsd.dll
+ 2004-08-04 12:00:00 70,144 -c--a-w C:\WINDOWS\system32\dllcache\pintlphr.exe
+ 2004-08-04 12:00:00 15,360 -c--a-w C:\WINDOWS\system32\dllcache\pjlmon.dll
+ 2004-08-04 12:00:00 30,720 -c--a-w C:\WINDOWS\system32\dllcache\plustab.dll
+ 2004-08-04 12:00:00 67,584 -c--a-w C:\WINDOWS\system32\dllcache\pmigrate.dll
+ 2004-08-04 12:00:00 6,144 -c--a-w C:\WINDOWS\system32\dllcache\pmxgl.dll
+ 2004-08-04 12:00:00 11,264 -c--a-w C:\WINDOWS\system32\dllcache\pmxmcro.dll
+ 2004-08-04 12:00:00 131,584 -c--a-w C:\WINDOWS\system32\dllcache\pmxviceo.dll
+ 2001-08-17 19:53:04 7,168 -c--a-w C:\WINDOWS\system32\dllcache\pnrmc.sys
+ 2004-08-04 12:00:00 105,472 -c--a-w C:\WINDOWS\system32\dllcache\polstore.dll
+ 2004-03-16 18:58:20 136,960 -c--a-w C:\WINDOWS\system32\dllcache\portcls.sys
+ 2004-08-04 12:00:00 49,152 -c--a-w C:\WINDOWS\system32\dllcache\powercfg.exe
+ 2001-08-17 19:53:14 7,552 -c--a-w C:\WINDOWS\system32\dllcache\powerfil.sys
+ 2004-08-04 12:00:00 17,408 -c--a-w C:\WINDOWS\system32\dllcache\powrprof.dll
+ 2001-08-17 19:53:22 17,792 -c--a-w C:\WINDOWS\system32\dllcache\ppa.sys
+ 2004-08-04 05:00:18 17,664 -c--a-w C:\WINDOWS\system32\dllcache\ppa3.sys
+ 2004-08-04 12:00:00 16,384 -c--a-w C:\WINDOWS\system32\dllcache\prflbmsg.dll
+ 2004-08-04 12:00:00 9,216 -c--a-w C:\WINDOWS\system32\dllcache\print.exe
+ 2004-08-04 12:00:00 560,640 -c--a-w C:\WINDOWS\system32\dllcache\printui.dll
+ 2004-08-04 12:00:00 27,648 -c--a-w C:\WINDOWS\system32\dllcache\profmap.dll
+ 2004-08-04 12:00:00 109,568 -c--a-w C:\WINDOWS\system32\dllcache\progman.exe
+ 2004-08-04 12:00:00 50,176 -c--a-w C:\WINDOWS\system32\dllcache\proquota.exe
+ 2004-08-04 12:00:00 9,216 -c--a-w C:\WINDOWS\system32\dllcache\proxycfg.exe
+ 2004-08-04 12:00:00 23,040 -c--a-w C:\WINDOWS\system32\dllcache\psapi.dll
+ 2004-08-04 12:00:00 96,768 -c--a-w C:\WINDOWS\system32\dllcache\psbase.dll
+ 2004-08-04 12:00:00 69,120 -c--a-w C:\WINDOWS\system32\dllcache\psched.sys
+ 2001-08-17 19:51:08 16,128 -c--a-w C:\WINDOWS\system32\dllcache\pscr.sys
+ 2004-08-04 06:56:46 363,520 -c--a-w C:\WINDOWS\system32\dllcache\psisdecd.dll
+ 2001-08-18 04:36:28 35,328 -c--a-w C:\WINDOWS\system32\dllcache\psisload.dll
+ 2004-08-04 12:00:00 43,520 -c--a-w C:\WINDOWS\system32\dllcache\pstorec.dll
+ 2004-08-04 12:00:00 34,304 -c--a-w C:\WINDOWS\system32\dllcache\pstorsvc.dll
+ 2004-08-04 12:00:00 17,792 -c--a-w C:\WINDOWS\system32\dllcache\ptilink.sys
+ 2001-08-18 04:36:30 5,632 -c--a-w C:\WINDOWS\system32\dllcache\ptpusb.dll
+ 2004-08-04 06:56:46 159,232 -c--a-w C:\WINDOWS\system32\dllcache\ptpusd.dll
+ 2001-08-17 19:28:12 128,286 -c--a-w C:\WINDOWS\system32\dllcache\ptserli.sys
+ 2001-08-17 19:28:14 112,574 -c--a-w C:\WINDOWS\system32\dllcache\ptserlp.sys
+ 2001-08-17 19:28:14 130,942 -c--a-w C:\WINDOWS\system32\dllcache\ptserlv.sys
+ 2004-08-04 12:00:00 16,896 -c--a-w C:\WINDOWS\system32\dllcache\qappsrv.exe
+ 2006-10-19 03:47:18 211,456 -c--a-w C:\WINDOWS\system32\dllcache\qasf.dll
+ 2004-08-04 12:00:00 192,512 -c--a-w C:\WINDOWS\system32\dllcache\qcap.dll
+ 2004-08-04 12:00:00 279,040 -c--a-w C:\WINDOWS\system32\dllcache\qdv.dll
+ 2004-08-04 12:00:00 385,024 -c--a-w C:\WINDOWS\system32\dllcache\qdvd.dll
+ 2004-08-04 12:00:00 733,696 -c--a-w C:\WINDOWS\system32\dllcache\qedwipes.dll
+ 2004-08-04 05:00:06 6,016 -c--a-w C:\WINDOWS\system32\dllcache\qic157.sys
+ 2001-08-17 19:52:20 40,320 -c--a-w C:\WINDOWS\system32\dllcache\ql1080.sys
+ 2001-08-17 19:52:16 33,152 -c--a-w C:\WINDOWS\system32\dllcache\ql10wnt.sys
+ 2001-08-17 19:52:20 45,312 -c--a-w C:\WINDOWS\system32\dllcache\ql12160.sys
+ 2001-08-17 19:52:16 40,448 -c--a-w C:\WINDOWS\system32\dllcache\ql1240.sys
+ 2001-08-17 19:52:18 49,024 -c--a-w C:\WINDOWS\system32\dllcache\ql1280.sys
+ 2004-08-04 12:00:00 382,464 -c--a-w C:\WINDOWS\system32\dllcache\qmgr.dll
+ 2004-08-04 12:00:00 18,944 -c--a-w C:\WINDOWS\system32\dllcache\qmgrprxy.dll
+ 2004-08-04 12:00:00 20,480 -c--a-w C:\WINDOWS\system32\dllcache\qprocess.exe
+ 2005-08-30 03:54:26 1,287,168 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2004-08-04 12:00:00 9,728 -c--a-w C:\WINDOWS\system32\dllcache\query.exe
+ 2004-08-04 12:00:00 16,384 -c--a-w C:\WINDOWS\system32\dllcache\quser.exe
+ 2001-08-17 19:53:32 3,328 -c--a-w C:\WINDOWS\system32\dllcache\qv2kux.sys
+ 2001-08-18 04:36:30 41,472 -c--a-w C:\WINDOWS\system32\dllcache\qvusd.dll
+ 2004-08-04 12:00:00 22,016 -c--a-w C:\WINDOWS\system32\dllcache\qwinsta.exe
+ 2001-08-17 19:28:20 714,762 -c--a-w C:\WINDOWS\system32\dllcache\r2mdmkxx.sys
+ 2004-08-04 12:00:00 20,736 -c--a-w C:\WINDOWS\system32\dllcache\ramdisk.sys
+ 2004-08-04 12:00:00 8,832 -c--a-w C:\WINDOWS\system32\dllcache\rasacd.sys
+ 2004-08-04 12:00:00 236,544 -c--a-w C:\WINDOWS\system32\dllcache\rasapi32.dll
+ 2004-08-04 12:00:00 89,088 -c--a-w C:\WINDOWS\system32\dllcache\rasauto.dll
+ 2004-08-04 12:00:00 11,776 -c--a-w C:\WINDOWS\system32\dllcache\rasautou.exe
+ 2004-08-04 12:00:00 69,632 -c--a-w C:\WINDOWS\system32\dllcache\raschap.dll
+ 2004-08-04 12:00:00 11,264 -c--a-w C:\WINDOWS\system32\dllcache\rasdial.exe
+ 2004-08-04 12:00:00 657,920 -c--a-w C:\WINDOWS\system32\dllcache\rasdlg.dll
+ 2001-08-17 19:51:32 19,584 -c--a-w C:\WINDOWS\system32\dllcache\rasirda.sys
+ 2004-08-04 12:00:00 51,328 -c--a-w C:\WINDOWS\system32\dllcache\rasl2tp.sys
+ 2004-08-04 12:00:00 61,440 -c--a-w C:\WINDOWS\system32\dllcache\rasman.dll
+ 2004-08-04 12:00:00 143,360 -c--a-w C:\WINDOWS\system32\dllcache\rasmontr.dll
+ 2004-08-04 12:00:00 22,528 -c--a-w C:\WINDOWS\system32\dllcache\rasmxs.dll
+ 2004-08-04 12:00:00 56,832 -c--a-w C:\WINDOWS\system32\dllcache\rasphone.exe
+ 2004-08-04 12:00:00 206,336 -c--a-w C:\WINDOWS\system32\dllcache\rasppp.dll
+ 2004-08-04 12:00:00 41,472 -c--a-w C:\WINDOWS\system32\dllcache\raspppoe.sys
+ 2004-08-04 12:00:00 48,384 -c--a-w C:\WINDOWS\system32\dllcache\raspptp.sys
+ 2004-08-04 12:00:00 16,512 -c--a-w C:\WINDOWS\system32\dllcache\raspti.sys
+ 2004-08-04 12:00:00 23,552 -c--a-w C:\WINDOWS\system32\dllcache\rasrad.dll
+ 2004-08-04 12:00:00 16,896 -c--a-w C:\WINDOWS\system32\dllcache\rassapi.dll
+ 2004-08-04 12:00:00 58,880 -c--a-w C:\WINDOWS\system32\dllcache\rastapi.dll
+ 2004-08-04 12:00:00 112,128 -c--a-w C:\WINDOWS\system32\dllcache\rastls.dll
+ 2004-08-04 12:00:00 102,400 -c--a-w C:\WINDOWS\system32\dllcache\rcbdyctl.dll
+ 2004-08-04 12:00:00 35,840 -c--a-w C:\WINDOWS\system32\dllcache\rcimlby.exe
+ 2004-08-04 12:00:00 21,504 -c--a-w C:\WINDOWS\system32\dllcache\rcp.exe
+ 2004-08-04 12:00:00 4,224 -c--a-w C:\WINDOWS\system32\dllcache\rdpcdd.sys
+ 2004-08-04 12:00:00 4,096 -c--a-w C:\WINDOWS\system32\dllcache\rdpcfgex.dll
+ 2004-08-04 12:00:00 62,464 -c--a-w C:\WINDOWS\system32\dllcache\rdpclip.exe
+ 2004-08-04 12:00:00 92,168 -c--a-w C:\WINDOWS\system32\dllcache\rdpdd.dll
+ 2004-08-04 12:00:00 19,968 -c--a-w C:\WINDOWS\system32\dllcache\rdpsnd.dll
+ 2004-08-04 12:00:00 87,176 -c--a-w C:\WINDOWS\system32\dllcache\rdpwsx.dll
+ 2004-08-04 12:00:00 13,824 -c--a-w C:\WINDOWS\system32\dllcache\rdsaddin.exe
+ 2004-08-04 12:00:00 67,072 -c--a-w C:\WINDOWS\system32\dllcache\rdshost.exe
+ 2004-08-04 04:41:40 13,776 -c--a-w C:\WINDOWS\system32\dllcache\recagent.sys
+ 2004-08-03 22:59:38 57,472 -c--a-w C:\WINDOWS\system32\dllcache\redbook.sys
+ 2004-08-04 12:00:00 50,176 -c--a-w C:\WINDOWS\system32\dllcache\reg.exe
+ 2004-08-04 12:00:00 49,664 -c--a-w C:\WINDOWS\system32\dllcache\regapi.dll
+ 2004-08-04 12:00:00 146,432 -c--a-w C:\WINDOWS\system32\dllcache\regedit.exe
+ 2004-08-04 12:00:00 33,792 -c--a-w C:\WINDOWS\system32\dllcache\regini.exe
+ 2004-08-04 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\register.exe
+ 2004-08-04 12:00:00 11,776 -c--a-w C:\WINDOWS\system32\dllcache\regsvr32.exe
+ 2004-08-04 12:00:00 107,520 -c--a-w C:\WINDOWS\system32\dllcache\rend.dll
+ 2004-08-04 12:00:00 177,152 -c--a-w C:\WINDOWS\system32\dllcache\repdrvfs.dll
+ 2004-08-04 12:00:00 12,800 -c--a-w C:\WINDOWS\system32\dllcache\replace.exe
+ 2004-08-04 12:00:00 9,728 -c--a-w C:\WINDOWS\system32\dllcache\reset.exe
+ 2001-08-18 04:36:30 86,097 -c--a-w C:\WINDOWS\system32\dllcache\reslog32.dll
+ 2004-08-04 12:00:00 58,880 -c--a-w C:\WINDOWS\system32\dllcache\resutils.dll
+ 2004-08-04 12:00:00 13,824 -c--a-w C:\WINDOWS\system32\dllcache\rexec.exe
+ 2004-08-04 05:10:40 59,648 -c--a-w C:\WINDOWS\system32\dllcache\rfcomm.sys
+ 2004-08-04 12:00:00 3,584 -c--a-w C:\WINDOWS\system32\dllcache\riched32.dll
+ 2001-08-17 18:12:36 37,563 -c--a-w C:\WINDOWS\system32\dllcache\rlnet5.sys
+ 2004-08-04 05:04:32 30,080 -c--a-w C:\WINDOWS\system32\dllcache\rndismpx.sys
+ 2004-08-04 04:59:12 79,104 -c--a-w C:\WINDOWS\system32\dllcache\rocket.sys
+ 2004-08-04 12:00:00 19,968 -c--a-w C:\WINDOWS\system32\dllcache\route.exe
+ 2004-08-04 12:00:00 25,600 -c--a-w C:\WINDOWS\system32\dllcache\routemon.exe
+ 2004-08-04 12:00:00 22,016 -c--a-w C:\WINDOWS\system32\dllcache\rpcns4.dll
+ 2005-07-26 04:39:49 397,824 -c--a-w C:\WINDOWS\system32\dllcache\rpcss.dll
+ 2001-08-17 18:19:20 3,840 -c--a-w C:\WINDOWS\system32\dllcache\rpfun.sys
+ 2004-08-04 12:00:00 152,576 -c--a-w C:\WINDOWS\system32\dllcache\rsaenh.dll
+ 2004-08-04 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\rsh.exe
+ 2004-08-04 12:00:00 49,152 -c--a-w C:\WINDOWS\system32\dllcache\rsm.exe
+ 2001-08-18 04:36:30 9,216 -c--a-w C:\WINDOWS\system32\dllcache\rsmgrstr.dll
+ 2004-08-04 12:00:00 18,944 -c--a-w C:\WINDOWS\system32\dllcache\rsmps.dll
+ 2004-08-04 12:00:00 24,576 -c--a-w C:\WINDOWS\system32\dllcache\rsmsink.exe
+ 2004-08-04 12:00:00 49,152 -c--a-w C:\WINDOWS\system32\dllcache\rsmui.exe
+ 2004-08-04 12:00:00 380,416 -c--a-w C:\WINDOWS\system32\dllcache\rstrui.exe
+ 2004-08-04 12:00:00 132,608 -c--a-w C:\WINDOWS\system32\dllcache\rsvp.exe
+ 2004-08-04 12:00:00 23,552 -c--a-w C:\WINDOWS\system32\dllcache\rsvpmsg.dll
+ 2004-08-04 12:00:00 90,112 -c--a-w C:\WINDOWS\system32\dllcache\rsvpsp.dll
+ 2004-08-04 12:00:00 77,312 -c--a-w C:\WINDOWS\system32\dllcache\rtcshare.exe
+ 2001-08-17 18:19:22 30,720 -c--a-w C:\WINDOWS\system32\dllcache\rthwcls.sys
+ 2004-08-04 12:00:00 31,744 -c--a-w C:\WINDOWS\system32\dllcache\rtipxmib.dll
+ 2001-08-17 18:12:40 19,017 -c--a-w C:\WINDOWS\system32\dllcache\rtl8029.sys
+ 2004-08-04 04:31:34 20,992 -c--a-w C:\WINDOWS\system32\dllcache\rtl8139.sys
+ 2004-08-04 12:00:00 98,304 -c--a-w C:\WINDOWS\system32\dllcache\rtm.dll
+ 2004-08-04 12:00:00 44,032 -c--a-w C:\WINDOWS\system32\dllcache\rtutils.dll
+ 2004-08-04 12:00:00 16,384 -c--a-w C:\WINDOWS\system32\dllcache\runas.exe
+ 2004-08-04 12:00:00 33,280 -c--a-w C:\WINDOWS\system32\dllcache\rundll32.exe
+ 2004-08-04 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\runonce.exe
+ 2004-08-04 12:00:00 753,236 -c--a-w C:\WINDOWS\system32\dllcache\rvseres.dll
+ 2004-08-04 12:00:00 24,576 -c--a-w C:\WINDOWS\system32\dllcache\rw001ext.dll
+ 2004-08-04 12:00:00 26,624 -c--a-w C:\WINDOWS\system32\dllcache\rw330ext.dll
+ 2001-08-18 04:36:30 24,576 -c--a-w C:\WINDOWS\system32\dllcache\rw430ext.dll
+ 2001-08-18 04:36:30 26,624 -c--a-w C:\WINDOWS\system32\dllcache\rw450ext.dll
+ 2004-08-04 12:00:00 79,872 -c--a-w C:\WINDOWS\system32\dllcache\rwia001.dll
+ 2004-08-04 12:00:00 79,872 -c--a-w C:\WINDOWS\system32\dllcache\rwia330.dll
+ 2001-08-18 04:36:30 79,872 -c--a-w C:\WINDOWS\system32\dllcache\rwia430.dll
+ 2001-08-18 04:36:30 82,432 -c--a-w C:\WINDOWS\system32\dllcache\rwia450.dll
+ 2004-08-04 12:00:00 15,872 -c--a-w C:\WINDOWS\system32\dllcache\rwinsta.exe
+ 2004-08-04 04:29:52 166,912 -c--a-w C:\WINDOWS\system32\dllcache\s3gnbm.sys
+ 2001-08-17 20:56:04 66,048 -c--a-w C:\WINDOWS\system32\dllcache\s3legacy.dll
+ 2001-08-17 19:57:46 65,664 -c--a-w C:\WINDOWS\system32\dllcache\s3legacy.sys
+ 2001-08-17 18:50:34 166,720 -c--a-w C:\WINDOWS\system32\dllcache\s3m.sys
+ 2001-08-17 20:56:04 182,272 -c--a-w C:\WINDOWS\system32\dllcache\s3mt3d.dll
+ 2001-08-17 18:50:40 41,216 -c--a-w C:\WINDOWS\system32\dllcache\s3mt3d.sys
+ 2001-08-18 04:36:02 62,496 -c--a-w C:\WINDOWS\system32\dllcache\s3mtrio.dll
+ 2001-08-17 20:56:04 210,496 -c--a-w C:\WINDOWS\system32\dllcache\s3mvirge.dll
+ 2001-08-17 20:56:04 179,264 -c--a-w C:\WINDOWS\system32\dllcache\s3sav3d.dll
+ 2001-08-17 18:50:22 61,504 -c--a-w C:\WINDOWS\system32\dllcache\s3sav3dm.sys
+ 2001-08-17 20:56:04 198,400 -c--a-w C:\WINDOWS\system32\dllcache\s3sav4.dll
+ 2001-08-17 18:50:28 77,824 -c--a-w C:\WINDOWS\system32\dllcache\s3sav4m.sys
+ 2001-08-17 20:56:04 245,632 -c--a-w C:\WINDOWS\system32\dllcache\s3savmx.dll
+ 2001-08-17 18:50:34 75,392 -c--a-w C:\WINDOWS\system32\dllcache\s3savmxm.sys
+ 2004-08-04 12:00:00 64,000 -c--a-w C:\WINDOWS\system32\dllcache\samlib.dll
+ 2004-08-04 12:00:00 415,744 -c--a-w C:\WINDOWS\system32\dllcache\samsrv.dll
+ 2004-08-04 12:00:00 13,312 -c--a-w C:\WINDOWS\system32\dllcache\savedump.exe
+ 2004-08-04 04:59:58 43,136 -c--a-w C:\WINDOWS\system32\dllcache\sbp2port.sys
+ 2004-08-04 12:00:00 31,232 -c--a-w C:\WINDOWS\system32\dllcache\sc.exe
+ 2004-08-04 12:00:00 118,784 -c--a-w C:\WINDOWS\system32\dllcache\scardssp.dll
+ 2004-08-04 12:00:00 95,744 -c--a-w C:\WINDOWS\system32\dllcache\scardsvr.exe
+ 2001-08-17 19:51:10 23,936 -c--a-w C:\WINDOWS\system32\dllcache\sccmn50m.sys
+ 2001-08-17 19:51:14 23,936 -c--a-w C:\WINDOWS\system32\dllcache\sccmusbm.sys
+ 2004-08-04 12:00:00 180,224 -c--a-w C:\WINDOWS\system32\dllcache\scecli.dll
+ 2004-08-12 20:26:48 313,856 -c--a-w C:\WINDOWS\system32\dllcache\scesrv.dll
+ 2004-08-04 12:00:00 190,976 -c--a-w C:\WINDOWS\system32\dllcache\schedsvc.dll
+ 2004-08-04 12:00:00 20,992 -c--a-w C:\WINDOWS\system32\dllcache\sclgntfy.dll
+ 2001-08-17 19:51:14 16,640 -c--a-w C:\WINDOWS\system32\dllcache\scmstcs.sys
+ 2001-08-17 19:51:16 17,280 -c--a-w C:\WINDOWS\system32\dllcache\scr111.sys
+ 2004-08-04 12:00:00 159,744 -c--a-w C:\WINDOWS\system32\dllcache\scrobj.dll
+ 2004-08-04 12:00:00 151,552 -c--a-w C:\WINDOWS\system32\dllcache\scrrun.dll
+ 2001-08-17 19:52:34 11,648 -c--a-w C:\WINDOWS\system32\dllcache\scsiprnt.sys
+ 2001-08-17 19:53:26 10,880 -c--a-w C:\WINDOWS\system32\dllcache\scsiscan.sys
+ 2004-08-04 12:00:00 77,312 -c--a-w C:\WINDOWS\system32\dllcache\sdbinst.exe
+ 2004-08-04 12:00:00 130,048 -c--a-w C:\WINDOWS\system32\dllcache\sdpblb.dll
+ 2001-08-17 19:53:10 6,912 -c--a-w C:\WINDOWS\system32\dllcache\seaddsmc.sys
+ 2004-08-04 12:00:00 18,944 -c--a-w C:\WINDOWS\system32\dllcache\seclogon.dll
+ 2004-08-04 12:00:00 55,808 -c--a-w C:\WINDOWS\system32\dllcache\secur32.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\security.dll
+ 2004-08-04 12:00:00 55,296 -c--a-w C:\WINDOWS\system32\dllcache\sendmail.dll
+ 2004-08-04 12:00:00 38,912 -c--a-w C:\WINDOWS\system32\dllcache\sens.dll
+ 2004-08-04 12:00:00 6,656 -c--a-w C:\WINDOWS\system32\dllcache\sensapi.dll
+ 2004-08-04 12:00:00 13,824 -c--a-w C:\WINDOWS\system32\dllcache\senscfg.dll
+ 2004-08-04 12:00:00 64,896 -c--a-w C:\WINDOWS\system32\dllcache\serial.sys
+ 2004-08-04 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\serialui.dll
+ 2001-08-17 19:48:00 17,664 -c--a-w C:\WINDOWS\system32\dllcache\sermouse.sys
+ 2001-08-17 19:53:32 6,784 -c--a-w C:\WINDOWS\system32\dllcache\serscan.sys
+ 2004-08-04 12:00:00 56,320 -c--a-w C:\WINDOWS\system32\dllcache\servdeps.dll
+ 2004-08-04 12:00:00 108,032 -c--a-w C:\WINDOWS\system32\dllcache\services.exe
+ 2004-08-04 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\serwvdrv.dll
+ 2004-08-04 12:00:00 140,800 -c--a-w C:\WINDOWS\system32\dllcache\sessmgr.exe
+ 2004-08-04 12:00:00 31,232 -c--a-w C:\WINDOWS\system32\dllcache\sethc.exe
+ 2004-08-04 12:00:00 23,040 -c--a-w C:\WINDOWS\system32\dllcache\setup.exe
+ 2006-11-02 00:31:38 1,669,120 -c--a-w C:\WINDOWS\system32\dllcache\setup_wm.exe
+ 2004-08-04 12:00:00 73,216 -c--a-w C:\WINDOWS\system32\dllcache\setup50.exe
+ 2004-08-04 12:00:00 983,552 -c--a-w C:\WINDOWS\system32\dllcache\setupapi.dll
+ 2004-08-04 12:00:00 101,376 -c--a-w C:\WINDOWS\system32\dllcache\setupqry.dll
+ 2004-08-04 12:00:00 5,120 -c--a-w C:\WINDOWS\system32\dllcache\sfc.dll
+ 2004-08-04 12:00:00 9,728 -c--a-w C:\WINDOWS\system32\dllcache\sfc.exe
+ 2004-08-04 12:00:00 140,288 -c--a-w C:\WINDOWS\system32\dllcache\sfc_os.dll
+ 2004-08-04 12:00:00 1,580,544 -c--a-w C:\WINDOWS\system32\dllcache\sfcfiles.dll
+ 2004-08-04 12:00:00 11,392 -c--a-w C:\WINDOWS\system32\dllcache\sfloppy.sys
+ 2001-08-17 18:19:34 36,480 -c--a-w C:\WINDOWS\system32\dllcache\sfmanm.sys
+ 2004-08-04 12:00:00 23,552 -c--a-w C:\WINDOWS\system32\dllcache\sfmapi.dll
+ 2001-08-18 04:36:02 386,560 -c--a-w C:\WINDOWS\system32\dllcache\sgiul50.dll
+ 2001-08-17 18:51:04 98,080 -c--a-w C:\WINDOWS\system32\dllcache\sgiulnt5.sys
+ 2001-07-21 20:29:20 18,400 -c--a-w C:\WINDOWS\system32\dllcache\sgsmld.sys
+ 2001-07-21 20:29:20 161,568 -c--a-w C:\WINDOWS\system32\dllcache\sgsmusb.sys
+ 2004-08-04 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\shadow.exe
+ 2004-08-04 12:00:00 549,376 -c--a-w C:\WINDOWS\system32\dllcache\shdoclc.dll
+ 2004-08-04 12:00:00 25,088 -c--a-w C:\WINDOWS\system32\dllcache\shfolder.dll
+ 2004-08-04 12:00:00 68,096 -c--a-w C:\WINDOWS\system32\dllcache\shgina.dll
+ 2004-08-04 12:00:00 65,536 -c--a-w C:\WINDOWS\system32\dllcache\shimeng.dll
+ 2004-08-04 12:00:00 438,272 -c--a-w C:\WINDOWS\system32\dllcache\shimgvw.dll
+ 2004-08-04 12:00:00 42,496 -c--a-w C:\WINDOWS\system32\dllcache\shmgrate.exe
+ 2004-08-04 12:00:00 77,824 -c--a-w C:\WINDOWS\system32\dllcache\shrpubw.exe
+ 2004-08-04 12:00:00 27,648 -c--a-w C:\WINDOWS\system32\dllcache\shscrap.dll
+ 2003-03-24 22:52:04 20,536 -c--a-w C:\WINDOWS\system32\dllcache\shtml.dll
+ 2003-03-24 22:52:04 16,437 -c--a-w C:\WINDOWS\system32\dllcache\shtml.exe
+ 2004-08-04 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\shutdown.exe
+ 2004-08-04 12:00:00 2,178,131 -c--a-w C:\WINDOWS\system32\dllcache\shvlres.dll
+ 2004-08-04 12:00:00 13,312 -c--a-w C:\WINDOWS\system32\dllcache\sigtab.dll
+ 2004-08-04 12:00:00 70,144 -c--a-w C:\WINDOWS\system32\dllcache\sigverif.exe
+ 2004-08-04 06:56:46 3,901 -c--a-w C:\WINDOWS\system32\dllcache\siint5.dll
+ 2004-08-04 12:00:00 18,944 -c--a-w C:\WINDOWS\system32\dllcache\simptcp.dll
+ 2001-08-17 18:50:46 101,760 -c--a-w C:\WINDOWS\system32\dllcache\sis300ip.sys
+ 2001-08-17 20:56:04 252,032 -c--a-w C:\WINDOWS\system32\dllcache\sis300iv.dll
+ 2001-08-17 18:50:56 68,608 -c--a-w C:\WINDOWS\system32\dllcache\sis6306p.sys
+ 2001-08-17 20:56:04 150,144 -c--a-w C:\WINDOWS\system32\dllcache\sis6306v.dll
+ 2004-08-04 05:07:44 41,088 -c--a-w C:\WINDOWS\system32\dllcache\sisagp.sys
+ 2004-08-04 12:00:00 13,824 -c--a-w C:\WINDOWS\system32\dllcache\sisbkup.dll
+ 2001-08-17 18:50:48 104,064 -c--a-w C:\WINDOWS\system32\dllcache\sisgrp.sys
+ 2001-08-18 04:36:32 238,592 -c--a-w C:\WINDOWS\system32\dllcache\sisgrv.dll
+ 2004-08-04 04:31:36 32,768 -c--a-w C:\WINDOWS\system32\dllcache\sisnic.sys
+ 2001-08-17 18:50:56 50,432 -c--a-w C:\WINDOWS\system32\dllcache\sisv.sys
+ 2001-08-17 20:56:04 157,696 -c--a-w C:\WINDOWS\system32\dllcache\sisv256.dll
+ 2001-08-17 18:12:52 94,698 -c--a-w C:\WINDOWS\system32\dllcache\sk98xwin.sys
+ 2004-08-04 12:00:00 26,112 -c--a-w C:\WINDOWS\system32\dllcache\skeys.exe
+ 2001-08-17 18:12:52 91,294 -c--a-w C:\WINDOWS\system32\dllcache\skfpwin.sys
+ 2004-08-04 04:31:42 63,547 -c--a-w C:\WINDOWS\system32\dllcache\sla30nd5.sys
+ 2004-08-04 12:00:00 98,304 -c--a-w C:\WINDOWS\system32\dllcache\slbiop.dll
+ 2004-08-04 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\slbrccsp.dll
+ 2004-08-04 06:56:46 73,832 -c--a-w C:\WINDOWS\system32\dllcache\slcoinst.dll
+ 2004-08-04 06:56:46 286,792 -c--a-w C:\WINDOWS\system32\dllcache\slextspk.dll
+ 2004-08-04 06:56:46 188,508 -c--a-w C:\WINDOWS\system32\dllcache\slgen.dll
+ 2004-08-04 04:41:42 129,535 -c--a-w C:\WINDOWS\system32\dllcache\slnt7554.sys
+ 2004-08-04 04:41:46 95,424 -c--a-w C:\WINDOWS\system32\dllcache\slnthal.sys
+ 2004-08-04 06:56:58 32,866 -c--a-w C:\WINDOWS\system32\dllcache\slrundll.exe
+ 2004-08-04 06:56:58 73,796 -c--a-w C:\WINDOWS\system32\dllcache\slserv.exe
+ 2004-08-04 04:41:46 13,240 -c--a-w C:\WINDOWS\system32\dllcache\slwdmsup.sys
+ 2004-08-04 12:00:00 25,088 -c--a-w C:\WINDOWS\system32\dllcache\sm59w.dll
+ 2004-08-04 12:00:00 30,208 -c--a-w C:\WINDOWS\system32\dllcache\sm81w.dll
+ 2004-08-04 12:00:00 30,208 -c--a-w C:\WINDOWS\system32\dllcache\sm87w.dll
+ 2004-08-04 12:00:00 26,112 -c--a-w C:\WINDOWS\system32\dllcache\sm89w.dll
+ 2004-08-04 12:00:00 26,112 -c--a-w C:\WINDOWS\system32\dllcache\sm8aw.dll
+ 2004-08-04 12:00:00 29,184 -c--a-w C:\WINDOWS\system32\dllcache\sm8cw.dll
+ 2004-08-04 12:00:00 26,112 -c--a-w C:\WINDOWS\system32\dllcache\sm8dw.dll
+ 2004-08-04 12:00:00 26,112 -c--a-w C:\WINDOWS\system32\dllcache\sm90w.dll
+ 2001-08-18 04:36:32 28,160 -c--a-w C:\WINDOWS\system32\dllcache\sm91w.dll
+ 2004-08-04 12:00:00 26,624 -c--a-w C:\WINDOWS\system32\dllcache\sm92w.dll
+ 2004-08-04 12:00:00 26,624 -c--a-w C:\WINDOWS\system32\dllcache\sm93w.dll
+ 2004-08-04 12:00:00 38,912 -c--a-w C:\WINDOWS\system32\dllcache\sm9aw.dll
+ 2001-08-18 04:36:32 28,672 -c--a-w C:\WINDOWS\system32\dllcache\sma0w.dll
+ 2004-08-04 12:00:00 31,744 -c--a-w C:\WINDOWS\system32\dllcache\sma3w.dll
+ 2001-08-18 04:36:32 33,792 -c--a-w C:\WINDOWS\system32\dllcache\smb0w.dll
+ 2001-08-18 04:36:32 45,568 -c--a-w C:\WINDOWS\system32\dllcache\smb3w.dll
+ 2004-08-04 12:00:00 31,744 -c--a-w C:\WINDOWS\system32\dllcache\smb6w.dll
+ 2004-08-04 05:07:38 6,016 -c--a-w C:\WINDOWS\system32\dllcache\smbali.sys
+ 2004-08-04 05:07:36 16,128 -c--a-w C:\WINDOWS\system32\dllcache\smbbatt.sys
+ 2004-08-04 05:07:36 6,912 -c--a-w C:\WINDOWS\system32\dllcache\smbclass.sys
+ 2001-08-17 19:57:56 6,784 -c--a-w C:\WINDOWS\system32\dllcache\smbhc.sys
+ 2001-08-17 18:12:46 24,576 -c--a-w C:\WINDOWS\system32\dllcache\smc8000n.sys
+ 2001-08-17 18:10:28 35,913 -c--a-w C:\WINDOWS\system32\dllcache\smcirda.sys
+ 2001-08-17 18:12:48 25,034 -c--a-w C:\WINDOWS\system32\dllcache\smcpwr2n.sys
+ 2004-08-04 12:00:00 236,544 -c--a-w C:\WINDOWS\system32\dllcache\smi2smir.exe
+ 2001-08-17 20:56:04 147,200 -c--a-w C:\WINDOWS\system32\dllcache\smidispb.dll
+ 2004-08-04 12:00:00 15,872 -c--a-w C:\WINDOWS\system32\dllcache\smierrsm.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\smierrsy.dll
+ 2001-08-17 18:51:00 58,368 -c--a-w C:\WINDOWS\system32\dllcache\smiminib.sys
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\smimsgif.dll
+ 2004-08-04 12:00:00 89,600 -c--a-w C:\WINDOWS\system32\dllcache\smlogsvc.exe
+ 2004-08-04 12:00:00 50,688 -c--a-w C:\WINDOWS\system32\dllcache\smss.exe
+ 2004-08-04 12:00:00 131,584 -c--a-w C:\WINDOWS\system32\dllcache\sndrec32.exe
+ 2004-08-04 12:00:00 138,752 -c--a-w C:\WINDOWS\system32\dllcache\sndvol32.exe
+ 2004-08-04 12:00:00 32,768 -c--a-w C:\WINDOWS\system32\dllcache\snmp.exe
+ 2004-08-04 12:00:00 18,944 -c--a-w C:\WINDOWS\system32\dllcache\snmpapi.dll
+ 2004-08-04 12:00:00 259,072 -c--a-w C:\WINDOWS\system32\dllcache\snmpcl.dll
+ 2004-08-04 12:00:00 358,400 -c--a-w C:\WINDOWS\system32\dllcache\snmpincl.dll
+ 2004-08-04 12:00:00 6,144 -c--a-w C:\WINDOWS\system32\dllcache\snmpmib.dll
+ 2004-08-04 12:00:00 188,416 -c--a-w C:\WINDOWS\system32\dllcache\snmpsmir.dll
+ 2004-08-04 12:00:00 10,240 -c--a-w C:\WINDOWS\system32\dllcache\snmpstup.dll
+ 2004-08-04 12:00:00 40,448 -c--a-w C:\WINDOWS\system32\dllcache\snmpthrd.dll
+ 2004-08-04 12:00:00 8,704 -c--a-w C:\WINDOWS\system32\dllcache\snmptrap.exe
+ 2001-08-17 19:53:14 7,040 -c--a-w C:\WINDOWS\system32\dllcache\snyaitmc.sys
+ 2004-08-04 12:00:00 143,422 -c--a-w C:\WINDOWS\system32\dllcache\softkey.dll
+ 2004-08-04 12:00:00 56,832 -c--a-w C:\WINDOWS\system32\dllcache\sol.exe
+ 2004-08-04 05:00:06 7,552 -c--a-w C:\WINDOWS\system32\dllcache\sonyait.sys
+ 2001-08-17 19:53:04 9,600 -c--a-w C:\WINDOWS\system32\dllcache\sonymc.sys
+ 2001-08-17 18:51:20 20,752 -c--a-w C:\WINDOWS\system32\dllcache\sonync.sys
+ 2001-08-18 04:36:32 114,688 -c--a-w C:\WINDOWS\system32\dllcache\sonypi.dll
+ 2001-08-17 18:51:22 37,040 -c--a-w C:\WINDOWS\system32\dllcache\sonypi.sys
+ 2001-08-17 19:56:16 7,552 -c--a-w C:\WINDOWS\system32\dllcache\sonypvu1.sys
+ 2004-08-04 12:00:00 23,552 -c--a-w C:\WINDOWS\system32\dllcache\sort.exe
+ 2001-08-17 20:07:44 19,072 -c--a-w C:\WINDOWS\system32\dllcache\sparrow.sys
+ 2001-08-18 04:36:32 106,584 -c--a-w C:\WINDOWS\system32\dllcache\spdports.dll
+ 2001-08-17 19:51:00 61,824 -c--a-w C:\WINDOWS\system32\dllcache\speed.sys
+ 2004-08-04 12:00:00 538,624 -c--a-w C:\WINDOWS\system32\dllcache\spider.exe
+ 2004-08-04 12:00:00 11,776 -c--a-w C:\WINDOWS\system32\dllcache\spnpinst.exe
+ 2004-08-04 12:00:00 74,752 -c--a-w C:\WINDOWS\system32\dllcache\spoolss.dll
+ 2005-06-10 23:53:32 57,856 -c--a-w C:\WINDOWS\system32\dllcache\spoolsv.exe
+ 2004-08-04 12:00:00 9,728 -c--a-w C:\WINDOWS\system32\dllcache\sprestrt.exe
+ 2004-08-04 12:00:00 70,656 -c--a-w C:\WINDOWS\system32\dllcache\sprio600.dll
+ 2004-08-04 12:00:00 72,192 -c--a-w C:\WINDOWS\system32\dllcache\sprio800.dll
+ 2004-08-04 12:00:00 250,880 -c--a-w C:\WINDOWS\system32\dllcache\sptip.dll
+ 2004-08-04 12:00:00 24,661 -c--a-w C:\WINDOWS\system32\dllcache\spxcoins.dll
+ 2001-08-18 04:36:32 24,660 -c--a-w C:\WINDOWS\system32\dllcache\spxupchk.dll
+ 2004-08-04 12:00:00 73,472 -c--a-w C:\WINDOWS\system32\dllcache\sr.sys
+ 2004-08-04 12:00:00 67,584 -c--a-w C:\WINDOWS\system32\dllcache\srclient.dll
+ 2004-08-04 12:00:00 239,104 -c--a-w C:\WINDOWS\system32\dllcache\srrstr.dll
+ 2004-08-04 12:00:00 170,496 -c--a-w C:\WINDOWS\system32\dllcache\srsvc.dll
+ 2004-08-04 12:00:00 101,376 -c--a-w C:\WINDOWS\system32\dllcache\srusbusd.dll
+ 2001-08-18 04:36:32 99,328 -c--a-w C:\WINDOWS\system32\dllcache\srusd.dll
+ 2004-12-07 19:32:34 96,768 -c--a-w C:\WINDOWS\system32\dllcache\srvsvc.dll
+ 2001-08-17 18:11:08 48,736 -c--a-w C:\WINDOWS\system32\dllcache\srwlnd5.sys
+ 2004-08-04 12:00:00 34,816 -c--a-w C:\WINDOWS\system32\dllcache\ssdpapi.dll
+ 2004-08-04 12:00:00 71,680 -c--a-w C:\WINDOWS\system32\dllcache\ssdpsrv.dll
+ 2004-08-04 12:00:00 22,016 -c--a-w C:\WINDOWS\system32\dllcache\startoc.dll
+ 2004-08-04 12:00:00 54,272 -c--a-w C:\WINDOWS\system32\dllcache\stclient.dll
+ 2001-08-17 19:51:20 16,896 -c--a-w C:\WINDOWS\system32\dllcache\stcusb.sys
+ 2004-08-04 12:00:00 67,584 -c--a-w C:\WINDOWS\system32\dllcache\sti.dll
+ 2004-08-04 12:00:00 136,704 -c--a-w C:\WINDOWS\system32\dllcache\sti_ci.dll
+ 2004-08-04 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\stimon.exe
+ 2001-08-18 04:36:32 53,248 -c--a-w C:\WINDOWS\system32\dllcache\stlncoin.dll
+ 2001-08-18 04:36:32 155,648 -c--a-w C:\WINDOWS\system32\dllcache\stlnprop.dll
+ 2004-08-04 12:00:00 121,856 -c--a-w C:\WINDOWS\system32\dllcache\stobject.dll
+ 2004-08-04 00:56:46 74,752 -c--a-w C:\WINDOWS\system32\dllcache\storprop.dll
+ 2004-08-04 06:08:04 48,640 -c--a-w C:\WINDOWS\system32\dllcache\stream.sys
+ 2004-08-04 12:00:00 75,776 -c--a-w C:\WINDOWS\system32\dllcache\strmfilt.dll
+ 2004-08-04 12:00:00 9,216 -c--a-w C:\WINDOWS\system32\dllcache\subst.exe
+ 2004-08-04 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\svchost.exe
+ 2001-08-18 04:36:32 41,472 -c--a-w C:\WINDOWS\system32\dllcache\sw_effct.dll
+ 2001-08-18 04:36:32 53,760 -c--a-w C:\WINDOWS\system32\dllcache\sw_wheel.dll
+ 2004-08-04 12:00:00 4,352 -c--a-w C:\WINDOWS\system32\dllcache\swenum.sys
+ 2001-08-17 21:00:52 54,272 -c--a-w C:\WINDOWS\system32\dllcache\swmidi.sys
+ 2001-08-18 04:36:32 10,240 -c--a-w C:\WINDOWS\system32\dllcache\swpdflt2.dll
+ 2001-08-18 04:36:32 10,240 -c--a-w C:\WINDOWS\system32\dllcache\swpidflt.dll
+ 2004-08-04 12:00:00 138,752 -c--a-w C:\WINDOWS\system32\dllcache\swprv.dll
+ 2001-08-17 20:02:56 3,968 -c--a-w C:\WINDOWS\system32\dllcache\swusbflt.sys
+ 2001-08-17 19:50:58 103,936 -c--a-w C:\WINDOWS\system32\dllcache\sx.sys
+ 2001-08-18 04:36:32 94,293 -c--a-w C:\WINDOWS\system32\dllcache\sxports.dll
+ 2001-08-17 20:07:40 28,384 -c--a-w C:\WINDOWS\system32\dllcache\sym_hi.sys
+ 2001-08-17 20:07:42 30,688 -c--a-w C:\WINDOWS\system32\dllcache\sym_u3.sys
+ 2001-08-17 20:07:34 16,256 -c--a-w C:\WINDOWS\system32\dllcache\symc810.sys
+ 2001-08-17 20:07:36 32,640 -c--a-w C:\WINDOWS\system32\dllcache\symc8xx.sys
+ 2004-08-04 12:00:00 51,200 -c--a-w C:\WINDOWS\system32\dllcache\syncapp.exe
+ 2004-08-04 12:00:00 57,856 -c--a-w C:\WINDOWS\system32\dllcache\synceng.dll
+ 2004-08-04 06:15:56 60,800 -c--a-w C:\WINDOWS\system32\dllcache\sysaudio.sys
+ 2004-08-04 12:00:00 18,896 -c--a-w C:\WINDOWS\system32\dllcache\sysedit.exe
+ 2004-08-04 12:00:00 15,872 -c--a-w C:\WINDOWS\system32\dllcache\sysinv.dll
+ 2004-08-04 12:00:00 36,864 -c--a-w C:\WINDOWS\system32\dllcache\syskey.exe
+ 2004-08-04 12:00:00 105,984 -c--a-w C:\WINDOWS\system32\dllcache\sysocmgr.exe
+ 2004-08-04 12:00:00 984,576 -c--a-w C:\WINDOWS\system32\dllcache\syssetup.dll
+ 2005-10-17 21:14:46 118,272 -c--a-w C:\WINDOWS\system32\dllcache\t2embed.dll
+ 2001-08-17 20:56:04 172,768 -c--a-w C:\WINDOWS\system32\dllcache\t2r4disp.dll
+ 2001-08-17 18:50:12 36,640 -c--a-w C:\WINDOWS\system32\dllcache\t2r4mini.sys
+ 2001-08-17 19:52:54 7,040 -c--a-w C:\WINDOWS\system32\dllcache\tandqic.sys
+ 2004-08-04 12:00:00 181,760 -c--a-w C:\WINDOWS\system32\dllcache\tapi32.dll
+ 2005-07-08 16:27:56 249,344 -c--a-w C:\WINDOWS\system32\dllcache\tapisrv.dll
+ 2004-08-04 12:00:00 78,848 -c--a-w C:\WINDOWS\system32\dllcache\tapiui.dll
+ 2004-08-04 12:00:00 15,360 -c--a-w C:\WINDOWS\system32\dllcache\taskman.exe
+ 2004-08-04 12:00:00 135,680 -c--a-w C:\WINDOWS\system32\dllcache\taskmgr.exe
+ 2001-08-17 19:49:46 30,464 -c--a-w C:\WINDOWS\system32\dllcache\tbatm155.sys
+ 2004-08-04 12:00:00 12,288 -c--a-w C:\WINDOWS\system32\dllcache\tcmsetup.exe
- 2007-10-05 20:57:49 359,808 -c--a-w C:\WINDOWS\system32\dllcache\TCPIP.SYS
+ 2006-04-20 11:51:50 359,808 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2004-08-04 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\tcpmib.dll
+ 2004-08-04 12:00:00 45,568 -c--a-w C:\WINDOWS\system32\dllcache\tcpmon.dll
+ 2004-08-04 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\tcpsvcs.exe
+ 2003-03-24 22:52:04 32,827 -c--a-w C:\WINDOWS\system32\dllcache\tcptest.exe
+ 2003-03-24 22:52:06 16,384 -c--a-w C:\WINDOWS\system32\dllcache\tcptsat.dll
+ 2004-08-04 12:00:00 13,192 -c--a-w C:\WINDOWS\system32\dllcache\tdasync.sys
+ 2004-08-04 12:00:00 18,560 -c--a-w C:\WINDOWS\system32\dllcache\tdi.sys
+ 2004-08-04 12:00:00 21,896 -c--a-w C:\WINDOWS\system32\dllcache\tdipx.sys
+ 2001-08-17 18:13:00 37,961 -c--a-w C:\WINDOWS\system32\dllcache\tdk100b.sys
+ 2001-08-17 18:13:00 17,129 -c--a-w C:\WINDOWS\system32\dllcache\tdkcd31.sys
+ 2004-08-04 12:00:00 19,464 -c--a-w C:\WINDOWS\system32\dllcache\tdspx.sys
+ 2005-05-10 23:45:48 75,776 -c--a-w C:\WINDOWS\system32\dllcache\telnet.exe
+ 2004-08-04 08:01:08 40,840 -c--a-w C:\WINDOWS\system32\dllcache\termdd.sys
+ 2004-08-04 12:00:00 295,424 -c--a-w C:\WINDOWS\system32\dllcache\termsrv.dll
+ 2004-08-04 05:00:06 149,376 -c--a-w C:\WINDOWS\system32\dllcache\tffsport.sys
+ 2004-08-04 12:00:00 16,896 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe
+ 2001-08-17 20:56:04 81,408 -c--a-w C:\WINDOWS\system32\dllcache\tgiul50.dll
+ 2001-08-17 18:51:10 138,528 -c--a-w C:\WINDOWS\system32\dllcache\tgiulnt5.sys
+ 2004-08-04 12:00:00 185,344 -c--a-w C:\WINDOWS\system32\dllcache\thawbrkr.dll
+ 2004-08-04 12:00:00 385,536 -c--a-w C:\WINDOWS\system32\dllcache\themeui.dll
+ 2004-08-04 12:00:00 44,032 -c--a-w C:\WINDOWS\system32\dllcache\tintlphr.exe
+ 2004-08-04 12:00:00 455,168 -c--a-w C:\WINDOWS\system32\dllcache\tintsetp.exe
+ 2001-08-17 18:14:26 123,995 -c--a-w C:\WINDOWS\system32\dllcache\tjisdn.sys
+ 2004-08-04 12:00:00 10,240 -c--a-w C:\WINDOWS\system32\dllcache\tmigrate.dll
+ 2004-08-04 12:00:00 13,888 -c--a-w C:\WINDOWS\system32\dllcache\toolhelp.dll
+ 2001-08-17 18:10:26 28,232 -c--a-w C:\WINDOWS\system32\dllcache\tos4mo.sys
+ 2001-08-17 20:01:52 241,664 -c--a-w C:\WINDOWS\system32\dllcache\tosdvd02.sys
+ 2001-08-17 20:02:00 230,912 -c--a-w C:\WINDOWS\system32\dllcache\tosdvd03.sys
+ 2001-08-17 19:51:56 4,992 -c--a-w C:\WINDOWS\system32\dllcache\toside.sys
+ 2004-08-04 12:00:00 347,136 -c--a-w C:\WINDOWS\system32\dllcache\tourstrt.exe
+ 2001-08-18 04:36:32 31,744 -c--a-w C:\WINDOWS\system32\dllcache\tp4.dll
+ 2004-08-04 06:56:58 82,432 -c--a-w C:\WINDOWS\system32\dllcache\tp4mon.exe
+ 2001-08-18 04:35:42 42,496 -c--a-w C:\WINDOWS\system32\dllcache\tp4res.dll
+ 2001-08-17 18:12:12 34,375 -c--a-w C:\WINDOWS\system32\dllcache\tpro4.sys
+ 2004-08-04 12:00:00 12,288 -c--a-w C:\WINDOWS\system32\dllcache\tracert.exe
+ 2004-08-04 12:00:00 31,744 -c--a-w C:\WINDOWS\system32\dllcache\tracert6.exe
+ 2004-08-04 12:00:00 31,232 -c--a-w C:\WINDOWS\system32\dllcache\traffic.dll
+ 2001-08-17 20:56:06 315,520 -c--a-w C:\WINDOWS\system32\dllcache\trid3d.dll
+ 2001-08-17 18:51:16 222,336 -c--a-w C:\WINDOWS\system32\dllcache\trid3dm.sys
+ 2001-08-17 20:56:06 440,576 -c--a-w C:\WINDOWS\system32\dllcache\tridkb.dll
+ 2001-08-17 18:51:16 159,232 -c--a-w C:\WINDOWS\system32\dllcache\tridkbm.sys
+ 2001-08-17 18:51:22 166,784 -c--a-w C:\WINDOWS\system32\dllcache\tridxpm.sys
+ 2004-08-04 12:00:00 90,624 -c--a-w C:\WINDOWS\system32\dllcache\trkwks.dll
+ 2004-08-04 12:00:00 52,224 -c--a-w C:\WINDOWS\system32\dllcache\tsappcmp.dll
+ 2004-08-04 12:00:00 8,192 -c--a-w C:\WINDOWS\system32\dllcache\tsbyuv.dll
+ 2004-08-04 12:00:00 93,696 -c--a-w C:\WINDOWS\system32\dllcache\tscfgwmi.dll
+ 2004-08-04 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\tscon.exe
+ 2004-08-04 12:00:00 44,544 -c--a-w C:\WINDOWS\system32\dllcache\tscupgrd.exe
+ 2004-08-04 12:00:00 15,360 -c--a-w C:\WINDOWS\system32\dllcache\tsd32.dll
+ 2004-08-04 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\tsdiscon.exe
+ 2004-08-04 12:00:00 16,384 -c--a-w C:\WINDOWS\system32\dllcache\tskill.exe
+ 2004-08-04 12:00:00 121,856 -c--a-w C:\WINDOWS\system32\dllcache\tsoc.dll
+ 2004-08-04 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\tsprof.exe
+ 2004-08-04 12:00:00 16,896 -c--a-w C:\WINDOWS\system32\dllcache\tsshutdn.exe
+ 2004-08-04 12:00:00 94,784 -c--a-w C:\WINDOWS\system32\dllcache\twain.dll
+ 2004-08-04 12:00:00 50,688 -c--a-w C:\WINDOWS\system32\dllcache\twain_32.dll
+ 2001-08-17 19:48:14 11,520 -c--a-w C:\WINDOWS\system32\dllcache\twotrack.sys
+ 2004-08-04 12:00:00 49,680 -c--a-w C:\WINDOWS\system32\dllcache\twunk_16.exe
+ 2004-08-04 12:00:00 25,600 -c--a-w C:\WINDOWS\system32\dllcache\twunk_32.exe
+ 2005-07-26 04:39:49 101,376 -c--a-w C:\WINDOWS\system32\dllcache\txflog.dll
+ 2004-08-04 05:07:44 44,672 -c--a-w C:\WINDOWS\system32\dllcache\uagp35.sys
+ 2004-08-04 12:00:00 82,432 -c--a-w C:\WINDOWS\system32\dllcache\ufat.dll
+ 2004-08-04 12:00:00 275,456 -c--a-w C:\WINDOWS\system32\dllcache\ulib.dll
+ 2001-08-17 19:52:22 36,736 -c--a-w C:\WINDOWS\system32\dllcache\ultra.sys
+ 2001-08-18 04:36:34 216,064 -c--a-w C:\WINDOWS\system32\dllcache\um34scan.dll
+ 2001-08-18 04:36:34 211,968 -c--a-w C:\WINDOWS\system32\dllcache\um54scan.dll
+ 2001-08-18 04:36:34 47,616 -c--a-w C:\WINDOWS\system32\dllcache\umaxcam.dll
+ 2001-08-18 04:36:34 50,176 -c--a-w C:\WINDOWS\system32\dllcache\umaxp60.dll
+ 2001-08-17 19:58:12 22,912 -c--a-w C:\WINDOWS\system32\dllcache\umaxpcls.sys
+ 2001-08-18 04:36:34 50,688 -c--a-w C:\WINDOWS\system32\dllcache\umaxscan.dll
+ 2001-08-18 04:36:34 69,632 -c--a-w C:\WINDOWS\system32\dllcache\umaxu12.dll
+ 2001-08-18 04:36:34 26,624 -c--a-w C:\WINDOWS\system32\dllcache\umaxu22.dll
+ 2001-08-18 04:36:34 28,160 -c--a-w C:\WINDOWS\system32\dllcache\umaxu40.dll
+ 2001-08-18 04:36:34 94,720 -c--a-w C:\WINDOWS\system32\dllcache\umaxud32.dll
+ 2004-08-04 12:00:00 13,312 -c--a-w C:\WINDOWS\system32\dllcache\umdmxfrm.dll
+ 2005-08-23 03:35:42 123,392 -c--a-w C:\WINDOWS\system32\dllcache\umpnpmgr.dll
+ 2004-08-04 12:00:00 76,288 -c--a-w C:\WINDOWS\system32\dllcache\uniime.dll
+ 2004-08-04 12:00:00 74,240 -c--a-w C:\WINDOWS\system32\dllcache\unimdmat.dll
+ 2004-08-04 12:00:00 13,824 -c--a-w C:\WINDOWS\system32\dllcache\uniplat.dll
+ 2007-06-27 03:10:26 317,440 -c--a-w C:\WINDOWS\system32\dllcache\unregmp2.exe
+ 2004-08-04 12:00:00 132,608 -c--a-w C:\WINDOWS\system32\dllcache\upnp.dll
+ 2004-08-04 12:00:00 16,896 -c--a-w C:\WINDOWS\system32\dllcache\upnpcont.exe
+ 2004-08-04 12:00:00 18,432 -c--a-w C:\WINDOWS\system32\dllcache\ups.exe
+ 2004-08-04 12:00:00 17,920 -c--a-w C:\WINDOWS\system32\dllcache\ureg.dll
+ 2004-08-04 04:31:26 32,384 -c--a-w C:\WINDOWS\system32\dllcache\usb101et.sys
+ 2004-08-04 05:04:34 12,672 -c--a-w C:\WINDOWS\system32\dllcache\usb8023x.sys
+ 2004-08-04 05:07:56 59,264 -c--a-w C:\WINDOWS\system32\dllcache\usbaudio.sys
+ 2004-08-04 07:08:48 31,616 -c--a-w C:\WINDOWS\system32\dllcache\usbccgp.sys
+ 2004-08-04 12:00:00 4,736 -c--a-w C:\WINDOWS\system32\dllcache\usbd.sys
+ 2004-08-04 06:08:38 26,624 -c--a-w C:\WINDOWS\system32\dllcache\usbehci.sys
+ 2004-08-04 06:08:44 57,600 -c--a-w C:\WINDOWS\system32\dllcache\usbhub.sys
+ 2004-08-04 12:00:00 16,896 -c--a-w C:\WINDOWS\system32\dllcache\usbmon.dll
+ 2004-08-04 05:08:38 17,024 -c--a-w C:\WINDOWS\system32\dllcache\usbohci.sys
+ 2004-08-04 06:08:44 142,976 -c--a-w C:\WINDOWS\system32\dllcache\usbport.sys
+ 2004-08-04 07:01:26 25,856 -c--a-w C:\WINDOWS\system32\dllcache\usbprint.sys
+ 2004-08-04 05:08:44 25,600 -c--a-w C:\WINDOWS\system32\dllcache\usbser.sys
+ 2004-08-03 23:08:48 26,496 -c--a-w C:\WINDOWS\system32\dllcache\usbstor.sys
+ 2004-08-04 06:08:38 20,480 -c--a-w C:\WINDOWS\system32\dllcache\usbuhci.sys
+ 2004-08-04 07:56:48 74,240 -c--a-w C:\WINDOWS\system32\dllcache\usbui.dll
+ 2004-08-04 05:10:12 78,464 -c--a-w C:\WINDOWS\system32\dllcache\usbvideo.sys
+ 2004-08-04 12:00:00 47,872 -c--a-w C:\WINDOWS\system32\dllcache\user.exe
+ 2004-08-04 12:00:00 723,456 -c--a-w C:\WINDOWS\system32\dllcache\userenv.dll
+ 2004-08-04 12:00:00 24,576 -c--a-w C:\WINDOWS\system32\dllcache\userinit.exe
+ 2004-08-04 12:00:00 406,528 -c--a-w C:\WINDOWS\system32\dllcache\usp10.dll
+ 2001-08-17 19:28:16 793,598 -c--a-w C:\WINDOWS\system32\dllcache\usr1806.sys
+ 2001-08-17 19:28:18 794,399 -c--a-w C:\WINDOWS\system32\dllcache\usr1806v.sys
+ 2001-08-17 19:28:24 224,802 -c--a-w C:\WINDOWS\system32\dllcache\usr1807a.sys
+ 2004-08-04 12:00:00 77,890 -c--a-w C:\WINDOWS\system32\dllcache\usrdpa.dll
+ 2004-08-04 12:00:00 86,073 -c--a-w C:\WINDOWS\system32\dllcache\usrfaxa.dll
+ 2004-08-04 12:00:00 53,305 -c--a-w C:\WINDOWS\system32\dllcache\usrlbva.dll
+ 2004-08-04 12:00:00 77,891 -c--a-w C:\WINDOWS\system32\dllcache\usrmlnka.exe
+ 2001-08-17 19:28:24 7,556 -c--a-w C:\WINDOWS\system32\dllcache\usroslba.sys
+ 2001-08-17 19:28:26 113,762 -c--a-w C:\WINDOWS\system32\dllcache\usrpda.sys
+ 2004-08-04 12:00:00 61,508 -c--a-w C:\WINDOWS\system32\dllcache\usrprbda.exe
+ 2004-08-04 12:00:00 77,883 -c--a-w C:\WINDOWS\system32\dllcache\usrrtosa.dll
+ 2004-08-04 12:00:00 69,700 -c--a-w C:\WINDOWS\system32\dllcache\usrshuta.exe
+ 2001-08-17 19:28:14 765,884 -c--a-w C:\WINDOWS\system32\dllcache\usrti.sys
+ 2004-08-04 12:00:00 102,457 -c--a-w C:\WINDOWS\system32\dllcache\usrv42a.dll
+ 2001-08-17 19:28:26 687,999 -c--a-w C:\WINDOWS\system32\dllcache\usrwdxjs.sys
+ 2004-08-04 12:00:00 25,600 -c--a-w C:\WINDOWS\system32\dllcache\utildll.dll
+ 2004-08-04 12:00:00 50,176 -c--a-w C:\WINDOWS\system32\dllcache\utilman.exe
+ 2004-08-04 12:00:00 218,624 -c--a-w C:\WINDOWS\system32\dllcache\uxtheme.dll
+ 2004-08-04 12:00:00 30,749 -c--a-w C:\WINDOWS\system32\dllcache\vbajet32.dll
+ 2004-08-04 06:56:48 11,325 -c--a-w C:\WINDOWS\system32\dllcache\vchnt5.dll
+ 2004-08-04 12:00:00 26,112 -c--a-w C:\WINDOWS\system32\dllcache\vdmdbg.dll
+ 2004-08-04 12:00:00 13,312 -c--a-w C:\WINDOWS\system32\dllcache\verifier.dll
+ 2004-08-04 12:00:00 98,304 -c--a-w C:\WINDOWS\system32\dllcache\verifier.exe
+ 2004-08-04 12:00:00 18,944 -c--a-w C:\WINDOWS\system32\dllcache\version.dll
+ 2004-08-04 12:00:00 9,344 -c--a-w C:\WINDOWS\system32\dllcache\vga.dll
+ 2004-08-04 12:00:00 20,992 -c--a-w C:\WINDOWS\system32\dllcache\vga.sys
+ 2004-08-04 12:00:00 18,176 -c--a-w C:\WINDOWS\system32\dllcache\vga64k.dll
+ 2004-08-04 05:07:44 42,240 -c--a-w C:\WINDOWS\system32\dllcache\viaagp.sys
+ 2004-08-04 04:59:44 5,376 -c--a-w C:\WINDOWS\system32\dllcache\viaide.sys
+ 2001-08-17 19:49:04 24,576 -c--a-w C:\WINDOWS\system32\dllcache\viairda.sys
+ 2004-08-04 12:00:00 79,744 -c--a-w C:\WINDOWS\system32\dllcache\videoprt.sys
+ 2001-08-17 18:14:12 249,402 -c--a-w C:\WINDOWS\system32\dllcache\vinwm.sys
+ 2001-08-17 19:28:14 604,253 -c--a-w C:\WINDOWS\system32\dllcache\vmodem.sys
+ 2004-08-04 12:00:00 426,041 -c--a-w C:\WINDOWS\system32\dllcache\voicepad.dll
+ 2004-08-04 12:00:00 86,073 -c--a-w C:\WINDOWS\system32\dllcache\voicesub.dll
+ 2001-08-17 19:28:16 397,502 -c--a-w C:\WINDOWS\system32\dllcache\vpctcom.sys
+ 2004-08-04 12:00:00 16,896 -c--a-w C:\WINDOWS\system32\dllcache\vss_ps.dll
+ 2004-08-04 12:00:00 33,792 -c--a-w C:\WINDOWS\system32\dllcache\vssadmin.exe
+ 2004-08-04 12:00:00 430,592 -c--a-w C:\WINDOWS\system32\dllcache\vssapi.dll
+ 2004-08-04 12:00:00 289,792 -c--a-w C:\WINDOWS\system32\dllcache\vssvc.exe
+ 2001-08-17 19:28:16 64,605 -c--a-w C:\WINDOWS\system32\dllcache\vvoice.sys
+ 2004-08-04 12:00:00 48,256 -c--a-w C:\WINDOWS\system32\dllcache\w32.dll
+ 2004-08-04 12:00:00 174,592 -c--a-w C:\WINDOWS\system32\dllcache\w32time.dll
+ 2004-08-04 12:00:00 49,664 -c--a-w C:\WINDOWS\system32\dllcache\w32tm.exe
+ 2004-08-04 12:00:00 22,016 -c--a-w C:\WINDOWS\system32\dllcache\w32topl.dll
+ 2004-08-04 12:00:00 15,872 -c--a-w C:\WINDOWS\system32\dllcache\w3ssl.dll
+ 2001-08-17 18:13:08 19,528 -c--a-w C:\WINDOWS\system32\dllcache\w840nd.sys
+ 2001-08-17 18:13:08 19,016 -c--a-w C:\WINDOWS\system32\dllcache\w926nd.sys
+ 2001-08-17 18:13:12 16,925 -c--a-w C:\WINDOWS\system32\dllcache\w940nd.sys
+ 2004-08-04 05:04:54 13,568 -c--a-w C:\WINDOWS\system32\dllcache\wacompen.sys
+ 2004-08-04 04:29:38 12,415 -c--a-w C:\WINDOWS\system32\dllcache\wadv01nt.sys
+ 2004-08-04 04:29:38 12,127 -c--a-w C:\WINDOWS\system32\dllcache\wadv02nt.sys
+ 2004-08-04 04:29:38 11,775 -c--a-w C:\WINDOWS\system32\dllcache\wadv05nt.sys
+ 2004-08-04 04:29:40 11,807 -c--a-w C:\WINDOWS\system32\dllcache\wadv07nt.sys
+ 2004-08-04 04:29:40 11,295 -c--a-w C:\WINDOWS\system32\dllcache\wadv08nt.sys
+ 2004-08-04 04:29:42 11,871 -c--a-w C:\WINDOWS\system32\dllcache\wadv09nt.sys
+ 2004-08-04 04:29:42 11,935 -c--a-w C:\WINDOWS\system32\dllcache\wadv11nt.sys
+ 2004-08-04 12:00:00 34,560 -c--a-w C:\WINDOWS\system32\dllcache\wanarp.sys
+ 2004-08-04 12:00:00 17,664 -c--a-w C:\WINDOWS\system32\dllcache\watchdog.sys
+ 2004-08-04 04:29:42 29,311 -c--a-w C:\WINDOWS\system32\dllcache\watv01nt.sys
+ 2004-08-04 04:29:44 19,551 -c--a-w C:\WINDOWS\system32\dllcache\watv02nt.sys
+ 2004-08-04 04:29:44 33,599 -c--a-w C:\WINDOWS\system32\dllcache\watv04nt.sys
+ 2004-08-04 04:29:46 22,271 -c--a-w C:\WINDOWS\system32\dllcache\watv06nt.sys
+ 2004-08-04 04:29:46 25,471 -c--a-w C:\WINDOWS\system32\dllcache\watv10nt.sys
+ 2004-08-04 12:00:00 214,528 -c--a-w C:\WINDOWS\system32\dllcache\wbemcomn.dll
+ 2004-08-04 12:00:00 71,680 -c--a-w C:\WINDOWS\system32\dllcache\wbemcons.dll
+ 2004-08-04 12:00:00 530,944 -c--a-w C:\WINDOWS\system32\dllcache\wbemcore.dll
+ 2004-08-04 12:00:00 273,920 -c--a-w C:\WINDOWS\system32\dllcache\wbemess.dll
+ 2004-08-04 12:00:00 18,944 -c--a-w C:\WINDOWS\system32\dllcache\wbemprox.dll
+ 2004-08-04 12:00:00 43,520 -c--a-w C:\WINDOWS\system32\dllcache\wbemsvc.dll
+ 2001-08-17 18:10:30 35,871 -c--a-w C:\WINDOWS\system32\dllcache\wbfirdma.sys
+ 2004-08-04 05:08:48 31,744 -c--a-w C:\WINDOWS\system32\dllcache\wceusbsh.sys
+ 2004-08-04 04:29:46 23,615 -c--a-w C:\WINDOWS\system32\dllcache\wch7xxnt.sys
+ 2001-08-17 19:28:02 701,386 -c--a-w C:\WINDOWS\system32\dllcache\wdhaalba.sys
+ 2006-03-24 04:37:50 49,152 -c--a-w C:\WINDOWS\system32\dllcache\wdigest.dll
+ 2006-01-04 03:35:05 68,096 -c--a-w C:\WINDOWS\system32\dllcache\webclnt.dll
+ 2004-08-04 12:00:00 135,680 -c--a-w C:\WINDOWS\system32\dllcache\webvw.dll
+ 2004-08-04 12:00:00 41,600 -c--a-w C:\WINDOWS\system32\dllcache\weitekp9.dll
+ 2004-08-04 12:00:00 31,232 -c--a-w C:\WINDOWS\system32\dllcache\weitekp9.sys
+ 2004-08-04 12:00:00 65,536 -c--a-w C:\WINDOWS\system32\dllcache\wextract.exe
+ 2004-08-04 12:00:00 433,664 -c--a-w C:\WINDOWS\system32\dllcache\wiaacmgr.exe
+ 2004-08-04 12:00:00 463,360 -c--a-w C:\WINDOWS\system32\dllcache\wiadefui.dll
+ 2004-08-04 12:00:00 124,416 -c--a-w C:\WINDOWS\system32\dllcache\wiadss.dll
+ 2001-08-18 04:36:34 87,040 -c--a-w C:\WINDOWS\system32\dllcache\wiafbdrv.dll
+ 2001-08-18 04:36:34 53,760 -c--a-w C:\WINDOWS\system32\dllcache\wiamsmud.dll
+ 2004-08-04 12:00:00 75,776 -c--a-w C:\WINDOWS\system32\dllcache\wiascr.dll
+ 2004-08-04 12:00:00 589,312 -c--a-w C:\WINDOWS\system32\dllcache\wiashext.dll
+ 2004-08-04 12:00:00 111,104 -c--a-w C:\WINDOWS\system32\dllcache\wiavideo.dll
+ 2004-08-04 12:00:00 101,888 -c--a-w C:\WINDOWS\system32\dllcache\win32spl.dll
+ 2004-08-04 12:00:00 13,312 -c--a-w C:\WINDOWS\system32\dllcache\win87em.dll
+ 2004-08-04 12:00:00 937,984 -c--a-w C:\WINDOWS\system32\dllcache\winbrand.dll
+ 2004-08-04 12:00:00 35,328 -c--a-w C:\WINDOWS\system32\dllcache\winchat.exe
+ 2004-08-04 12:00:00 256,192 -c--a-w C:\WINDOWS\system32\dllcache\winhelp.exe
+ 2004-08-04 12:00:00 283,648 -c--a-w C:\WINDOWS\system32\dllcache\winhlp32.exe
+ 2004-08-04 12:00:00 351,232 -c--a-w C:\WINDOWS\system32\dllcache\winhttp.dll
+ 2004-08-04 12:00:00 32,768 -c--a-w C:\WINDOWS\system32\dllcache\winipsec.dll
+ 2004-08-04 12:00:00 502,272 -c--a-w C:\WINDOWS\system32\dllcache\winlogon.exe
+ 2004-08-04 12:00:00 119,808 -c--a-w C:\WINDOWS\system32\dllcache\winmine.exe
+ 2004-08-04 12:00:00 176,128 -c--a-w C:\WINDOWS\system32\dllcache\winmm.dll
+ 2004-08-04 12:00:00 11,776 -c--a-w C:\WINDOWS\system32\dllcache\winmsd.exe
+ 2004-08-04 12:00:00 764,928 -c--a-w C:\WINDOWS\system32\dllcache\winntbbu.dll
+ 2004-08-04 12:00:00 16,896 -c--a-w C:\WINDOWS\system32\dllcache\winrnr.dll
+ 2004-08-04 12:00:00 99,328 -c--a-w C:\WINDOWS\system32\dllcache\winscard.dll
+ 2004-08-04 12:00:00 17,408 -c--a-w C:\WINDOWS\system32\dllcache\winshfhc.dll
+ 2004-08-04 12:00:00 53,760 -c--a-w C:\WINDOWS\system32\dllcache\winsta.dll
+ 2004-08-04 12:00:00 18,944 -c--a-w C:\WINDOWS\system32\dllcache\winstrm.dll
+ 2004-08-04 12:00:00 176,640 -c--a-w C:\WINDOWS\system32\dllcache\wintrust.dll
+ 2001-08-17 18:12:38 34,890 -c--a-w C:\WINDOWS\system32\dllcache\wlandrv2.sys
+ 2004-08-04 12:00:00 172,032 -c--a-w C:\WINDOWS\system32\dllcache\wldap32.dll
+ 2004-08-04 04:31:28 154,624 -c--a-w C:\WINDOWS\system32\dllcache\wlluc48.sys
+ 2004-08-04 12:00:00 92,672 -c--a-w C:\WINDOWS\system32\dllcache\wlnotify.dll
+ 2006-10-19 03:47:18 757,248 -c--a-w C:\WINDOWS\system32\dllcache\wmadmod.dll
+ 2006-10-19 03:47:18 222,208 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll
+ 2006-10-19 03:47:18 37,376 -c--a-w C:\WINDOWS\system32\dllcache\wmdmps.dll
+ 2006-10-19 03:47:20 227,328 -c--a-w C:\WINDOWS\system32\dllcache\wmerror.dll
+ 2004-08-04 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\wmi.dll
+ 2004-08-04 12:00:00 45,568 -c--a-w C:\WINDOWS\system32\dllcache\wmi2xml.dll
+ 2004-08-04 05:07:42 8,832 -c--a-w C:\WINDOWS\system32\dllcache\wmiacpi.sys
+ 2004-08-04 12:00:00 126,464 -c--a-w C:\WINDOWS\system32\dllcache\wmiapsrv.exe
+ 2004-08-04 12:00:00 4,352 -c--a-w C:\WINDOWS\system32\dllcache\wmilib.sys
+ 2004-08-04 12:00:00 18,944 -c--a-w C:\WINDOWS\system32\dllcache\wmiprop.dll
+ 2004-08-04 12:00:00 437,248 -c--a-w C:\WINDOWS\system32\dllcache\wmiprvsd.dll
+ 2004-08-04 12:00:00 218,112 -c--a-w C:\WINDOWS\system32\dllcache\wmiprvse.exe
+ 2004-08-04 12:00:00 144,896 -c--a-w C:\WINDOWS\system32\dllcache\wmisvc.dll
+ 2004-08-04 12:00:00 95,232 -c--a-w C:\WINDOWS\system32\dllcache\wmiutils.dll
+ 2004-08-04 12:00:00 4,256,768 -c--a-w C:\WINDOWS\system32\dllcache\wmm2res.dll
+ 2006-10-19 03:47:20 937,984 -c--a-w C:\WINDOWS\system32\dllcache\wmnetmgr.dll
+ 2007-06-12 04:51:12 10,834,944 -c--a-w C:\WINDOWS\system32\dllcache\wmp.dll
+ 2006-10-19 03:47:20 242,688 -c--a-w C:\WINDOWS\system32\dllcache\wmpasf.dll
+ 2004-08-11 08:45:04 20,480 -c--a-w C:\WINDOWS\system32\dllcache\wmpcd.dll
+ 2004-08-11 08:45:04 20,480 -c--a-w C:\WINDOWS\system32\dllcache\wmpcore.dll
+ 2006-10-19 03:47:20 314,880 -c--a-w C:\WINDOWS\system32\dllcache\wmpdxm.dll
+ 2006-10-19 03:46:20 64,000 -c--a-w C:\WINDOWS\system32\dllcache\wmplayer.exe
+ 2006-10-19 03:47:20 8,231,936 -c--a-w C:\WINDOWS\system32\dllcache\wmploc.dll
+ 2006-10-19 03:47:20 99,840 -c--a-w C:\WINDOWS\system32\dllcache\wmpshell.dll
+ 2004-08-11 08:45:04 20,480 -c--a-w C:\WINDOWS\system32\dllcache\wmpui.dll
+ 2006-10-19 03:47:22 4,096 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmod.dll
+ 2004-08-04 12:00:00 115,200 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmoe.dll
+ 2006-10-19 03:47:22 4,096 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmoe2.dll
+ 2006-10-19 03:47:22 603,648 -c--a-w C:\WINDOWS\system32\dllcache\wmspdmod.dll
+ 2006-10-19 03:47:22 4,096 -c--a-w C:\WINDOWS\system32\dllcache\wmvdmod.dll
+ 2006-10-19 03:47:22 4,096 -c--a-w C:\WINDOWS\system32\dllcache\wmvdmoe2.dll
+ 2004-08-04 12:00:00 214,528 -c--a-w C:\WINDOWS\system32\dllcache\wordpad.exe
+ 2004-08-04 12:00:00 264,192 -c--a-w C:\WINDOWS\system32\dllcache\wow32.dll
+ 2004-08-04 12:00:00 10,368 -c--a-w C:\WINDOWS\system32\dllcache\wowexec.exe
+ 2004-08-04 12:00:00 13,824 -c--a-w C:\WINDOWS\system32\dllcache\wowfaxui.dll
+ 2004-08-04 12:00:00 32,256 -c--a-w C:\WINDOWS\system32\dllcache\wpabaln.exe
+ 2004-08-04 12:00:00 32,256 -c--a-w C:\WINDOWS\system32\dllcache\wpnpinst.exe
+ 2004-08-04 12:00:00 82,944 -c--a-w C:\WINDOWS\system32\dllcache\ws2_32.dll
+ 2004-08-04 12:00:00 19,968 -c--a-w C:\WINDOWS\system32\dllcache\ws2help.dll
+ 2004-08-04 12:00:00 13,824 -c--a-w C:\WINDOWS\system32\dllcache\wscntfy.exe
+ 2004-08-04 12:00:00 114,688 -c--a-w C:\WINDOWS\system32\dllcache\wscript.exe
+ 2004-08-04 12:00:00 81,408 -c--a-w C:\WINDOWS\system32\dllcache\wscsvc.dll
+ 2004-08-04 12:00:00 108,032 -c--a-w C:\WINDOWS\system32\dllcache\wshbth.dll
+ 2004-08-04 12:00:00 65,536 -c--a-w C:\WINDOWS\system32\dllcache\wshext.dll
+ 2004-08-04 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\wship6.dll
+ 2004-08-04 06:56:48 8,192 -c--a-w C:\WINDOWS\system32\dllcache\wshirda.dll
+ 2004-08-04 12:00:00 19,968 -c--a-w C:\WINDOWS\system32\dllcache\wshtcpip.dll
+ 2004-08-04 04:29:48 12,063 -c--a-w C:\WINDOWS\system32\dllcache\wsiintxx.sys
+ 2004-08-04 12:00:00 22,528 -c--a-w C:\WINDOWS\system32\dllcache\wsock32.dll
+ 2004-08-04 12:00:00 50,688 -c--a-w C:\WINDOWS\system32\dllcache\wstdecod.dll
+ 2004-08-04 12:00:00 18,432 -c--a-w C:\WINDOWS\system32\dllcache\wtsapi32.dll
+ 2005-05-26 12:16:30 172,312 -c--a-w C:\WINDOWS\system32\dllcache\wuauclt1.exe
+ 2004-08-04 12:00:00 6,656 -c--a-w C:\WINDOWS\system32\dllcache\wuauserv.dll
+ 2004-08-04 12:00:00 32,256 -c--a-w C:\WINDOWS\system32\dllcache\wupdmgr.exe
+ 2004-08-04 04:29:50 19,455 -c--a-w C:\WINDOWS\system32\dllcache\wvchntxx.sys
+ 2004-08-04 12:00:00 51,712 -c--a-w C:\WINDOWS\system32\dllcache\wzcsapi.dll
+ 2004-08-04 12:00:00 359,936 -c--a-w C:\WINDOWS\system32\dllcache\wzcsvc.dll
+ 2004-08-04 12:00:00 91,648 -c--a-w C:\WINDOWS\system32\dllcache\xactsrv.dll
+ 2004-08-04 12:00:00 30,720 -c--a-w C:\WINDOWS\system32\dllcache\xcopy.exe
+ 2001-08-17 18:11:14 16,970 -c--a-w C:\WINDOWS\system32\dllcache\xem336n5.sys
+ 2001-08-18 04:37:02 99,865 -c--a-w C:\WINDOWS\system32\dllcache\xlog.exe
+ 2004-08-04 12:00:00 129,536 -c--a-w C:\WINDOWS\system32\dllcache\xmlprov.dll
+ 2004-08-04 12:00:00 438,784 -c--a-w C:\WINDOWS\system32\dllcache\xpob2res.dll
+ 2004-08-04 12:00:00 187,392 -c--a-w C:\WINDOWS\system32\dllcache\xpsp1res.dll
+ 2004-08-04 12:00:00 2,897,920 -c--a-w C:\WINDOWS\system32\dllcache\xpsp2res.dll
+ 2001-08-18 04:37:02 4,608 -c--a-w C:\WINDOWS\system32\dllcache\xrxflnch.exe
+ 2001-08-18 04:37:02 27,648 -c--a-w C:\WINDOWS\system32\dllcache\xrxftplt.exe
+ 2001-08-18 04:36:36 17,408 -c--a-w C:\WINDOWS\system32\dllcache\xrxscnui.dll
+ 2001-08-18 04:36:36 23,040 -c--a-w C:\WINDOWS\system32\dllcache\xrxwbtmp.dll
+ 2004-08-04 06:56:48 116,224 -c--a-w C:\WINDOWS\system32\dllcache\xrxwiadr.dll
+ 2004-08-04 12:00:00 337,920 -c--a-w C:\WINDOWS\system32\dllcache\zipfldr.dll
+ 2004-08-04 12:00:00 8,261 -c--a-w C:\WINDOWS\system32\dllcache\zoneoc.dll
- 2007-10-05 20:57:49 359,808 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS
+ 2006-04-20 11:51:50 359,808 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2007-10-31 20:09:14 30,464 -c--a-w C:\WINDOWS\system32\DRVSTORE\usbaapl_4351B7DAFF62FD33510D77DFAE3CF8CC82517571\usbaapl.sys
+ 2007-12-11 21:25:19 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_578.dat
+ 2007-12-11 21:25:20 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_94.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 10:24]
"ATI DeviceDetect"="C:\Program Files\ATI Multimedia\main\ATIDtct.EXE" [2004-11-04 18:13]
"ATI Remote Control"="C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe" [2004-08-26 23:51]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2006-11-30 21:49]
"ccleaner"="C:\Program Files\CCleaner\ccleaner.exe" [2007-11-22 10:10]
"PhotoShow Deluxe Media Manager"="C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe" [2005-01-21 18:04]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 15:46]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-03 21:10]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-02-08 12:36]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-02-08 12:32]
"CreateCD_Reminder"="C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe" [2004-07-16 13:17]
"VAIO Update 2"="C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" [2005-01-14 14:43]
"VZRemoteCommander"="C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe" [2005-01-31 10:10]
"VAIO Recovery"="C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe" [2003-04-19 23:08]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-10-25 10:20]
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe" [2006-03-21 19:30]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-30 00:14]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 13:19]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06]
"SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-10-15 19:40]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-11-14 23:43]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-15 13:11]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2007-08-13 18:04]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
ymetray.lnk - C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe [2007-08-28 12:09:10]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"System"="kdqoo.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=C:\WINDOWS\pss\Logitech SetPoint.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
2007-07-13 19:45 32768 --a------ C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

R2 AdobeActiveFileMonitor;Adobe Active File Monitor;C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB
R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB

.
Contents of the 'Scheduled Tasks' folder
"2007-11-24 04:22:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-11-11 15:00:00 C:\WINDOWS\Tasks\rpc.job"
- C:\Program Files\Winferno\RegistryPowerCleaner\RegPowerClean.exe
"2007-12-10 01:00:00 C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job"
- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
.
**************************************************************************

catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-11 15:25:52
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-11 15:28:30 - machine was rebooted
C:\ComboFix2.txt ... 2007-12-06 16:23
C:\ComboFix3.txt ... 2007-11-13 15:15
.
--- E O F ---


next Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:31:01 PM, on 12/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ATI Multimedia\main\ATIDtct.EXE
C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: IE7pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7pro\IE7pro.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: EWPBrowseObject Class - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [CreateCD_Reminder] C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\ATIDtct.EXE
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll
O9 - Extra 'Tools' menuitem: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {32305793-C19A-48E7-AD2F-D87FF7B264A4} (TenebrilSpywareScanner Control) - http://www.tenebril.com/assets/activeX/SpywareScannerV2.ocx
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://zone.msn.com/bingame/dsh2/default/D...h2.1.0.0.68.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165789270203
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/chnz/default/mjolauncher.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (MSN Games Texas Holdem Poker) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab60231.cab
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} (ZPA_SHVL Object) - http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://zone.msn.com/bingame/fotg/default/ddfotg.1.0.0.37.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/default/SproutLauncher.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/cnma/default/ct.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://zone.msn.com/bingame/dash/default/D...sh.1.0.0.94.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3698B8B7-7369-49FD-8AB7-47EA6363398E}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{C97AA0ED-25DC-4640-B258-D38B9C0274D2}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{D15F6213-42F4-411F-A556-7F3CB1B728BB}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: bw-0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)

--
End of file - 16918 bytes

#13 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,590 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:11 AM

Posted 11 December 2007 - 04:50 PM

* Open notepad - don't use any other texteditor than notepad or the script will fail.
Copy/paste the text in the quotebox below into notepad:

File::
C:\WINDOWS\iun6002.exe

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"System"=""


Save this as the txtfile CFScript

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

Posted Image

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThislog.

#14 Bipolargandolf

Bipolargandolf
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:09:11 AM

Posted 11 December 2007 - 09:11 PM

ok, heres the 2 requested logs:

ComboFix 07-12-05.2 - Greg 2007-12-11 20:01:09.6 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1493 [GMT -6:00]
Running from: C:\Documents and Settings\Greg\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Greg\Desktop\CFScript.txt
* Created a new restore point

FILE
C:\WINDOWS\iun6002.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\iun6002.exe

.
((((((((((((((((((((((((( Files Created from 2007-11-12 to 2007-12-12 )))))))))))))))))))))))))))))))
.

2007-12-09 12:43 . 2007-12-09 12:43 <DIR> d-------- C:\Program Files\iPod
2007-12-07 17:43 . 2001-08-17 13:28 771,581 --a--c--- C:\WINDOWS\system32\dllcache\winacisa.sys
2007-12-07 17:42 . 2001-08-17 13:28 794,654 --a--c--- C:\WINDOWS\system32\dllcache\usr1801.sys
2007-12-07 17:41 . 2001-08-17 22:36 525,568 --a--c--- C:\WINDOWS\system32\dllcache\tridxp.dll
2007-12-07 17:40 . 2004-08-04 06:00 571,392 --a--c--- C:\WINDOWS\system32\dllcache\tintlgnt.ime
2007-12-07 17:39 . 2001-08-17 12:18 285,760 --a--c--- C:\WINDOWS\system32\dllcache\stlnata.sys
2007-12-07 17:38 . 2004-08-04 06:00 456,704 --a--c--- C:\WINDOWS\system32\dllcache\smtpsvc.dll
2007-12-07 17:37 . 2004-08-03 22:41 404,990 --a--c--- C:\WINDOWS\system32\dllcache\slntamr.sys
2007-12-07 17:36 . 2001-08-17 22:36 495,616 --a--c--- C:\WINDOWS\system32\dllcache\sblfx.dll
2007-12-07 17:35 . 2004-08-04 00:56 397,056 --a--c--- C:\WINDOWS\system32\dllcache\s3gnb.dll
2007-12-07 17:34 . 2001-08-17 13:28 899,146 --a--c--- C:\WINDOWS\system32\dllcache\r2mdkxga.sys
2007-12-07 17:33 . 2004-08-04 06:00 482,304 --a--c--- C:\WINDOWS\system32\dllcache\pintlgnt.ime
2007-12-07 17:32 . 2001-08-17 14:05 351,616 --a--c--- C:\WINDOWS\system32\dllcache\ovcodek2.sys
2007-12-07 17:31 . 2004-08-04 00:56 4,274,816 --a--c--- C:\WINDOWS\system32\dllcache\nv4_disp.dll
2007-12-07 17:30 . 2004-08-04 06:00 1,875,968 --a--c--- C:\WINDOWS\system32\dllcache\msir3jp.lex
2007-12-07 17:29 . 2001-08-17 12:50 320,384 --a--c--- C:\WINDOWS\system32\dllcache\mgaum.sys
2007-12-07 17:28 . 2004-08-04 06:00 1,158,818 --a--c--- C:\WINDOWS\system32\dllcache\korwbrkr.lex
2007-12-07 17:27 . 2004-08-04 06:00 811,064 --a--c--- C:\WINDOWS\system32\dllcache\imjp81k.dll
2007-12-07 17:26 . 2004-08-04 06:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2007-12-07 17:25 . 2001-08-17 13:28 907,456 --a--c--- C:\WINDOWS\system32\dllcache\hcf_msft.sys
2007-12-07 17:24 . 2001-08-17 14:56 1,733,120 --a--c--- C:\WINDOWS\system32\dllcache\g400d.dll
2007-12-07 17:23 . 2001-08-17 13:28 634,134 --a--c--- C:\WINDOWS\system32\dllcache\el656ct5.sys
2007-12-07 17:22 . 2001-08-17 12:14 952,007 --a--c--- C:\WINDOWS\system32\dllcache\diwan.sys
2007-12-07 17:21 . 2004-08-04 06:00 1,677,824 --a--c--- C:\WINDOWS\system32\dllcache\chsbrkr.dll
2007-12-07 17:20 . 2001-08-17 13:28 871,388 --a--c--- C:\WINDOWS\system32\dllcache\bcmdm.sys
2007-12-07 17:19 . 2004-08-04 00:56 870,784 --a--c--- C:\WINDOWS\system32\dllcache\ati3d1ag.dll
2007-12-07 17:18 . 2004-05-13 00:39 876,653 --a--c--- C:\WINDOWS\system32\dllcache\fp4awel.dll
2007-11-28 18:20 . 2007-11-28 18:20 3,566 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-28 18:19 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-11-28 18:19 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-11-28 18:19 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-11-28 18:19 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-11-28 18:19 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-11-18 21:44 . 2007-11-18 22:13 7,433 --a------ C:\tempsend.dzk
2007-11-17 21:14 . 2007-11-18 22:46 <DIR> d-------- C:\Program Files\Rubies of Eventide
2007-11-14 23:43 . 2007-11-14 23:43 65,536 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2007-11-14 23:43 . 2007-11-14 23:43 49,152 --a------ C:\WINDOWS\system32\QuickTime.qts
2007-11-13 14:51 . 2007-11-13 14:51 <DIR> d-------- C:\Program Files\Trend Micro
2007-11-12 22:39 . 2007-11-12 22:39 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Yahoo!
2007-11-12 22:39 . 2007-11-12 22:39 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\IE7pro
2007-11-12 22:05 . 2007-11-12 22:05 <DIR> d-------- C:\Program Files\Sygate
2007-11-12 22:05 . 2004-10-15 18:32 83,096 --a------ C:\WINDOWS\system32\SSSensor.dll
2007-11-12 22:05 . 2004-10-15 18:17 60,496 --a------ C:\WINDOWS\system32\drivers\Teefer.sys
2007-11-12 22:05 . 2004-10-15 18:18 21,075 --a------ C:\WINDOWS\system32\drivers\wpsdrvnt.sys
2007-11-12 22:05 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg6n.sys
2007-11-12 22:05 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg5n.sys
2007-11-12 22:05 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg4n.sys
2007-11-12 22:05 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg3n.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-09 18:43 --------- d-----w C:\Program Files\iTunes
2007-12-09 18:42 --------- d-----w C:\Program Files\QuickTime
2007-12-09 04:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-30 23:54 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-29 01:05 --------- d-----w C:\Program Files\SpywareBlaster
2007-11-28 00:13 --------- d-----w C:\Program Files\MSN Games
2007-11-16 21:29 --------- d-----w C:\Program Files\LimeWire
2007-11-13 10:25 20,480 ----a-r C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-10 17:56 --------- d-----w C:\Program Files\Lavasoft
2007-11-10 17:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-11-10 17:55 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-11-10 03:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\STOPzilla!
2007-11-03 16:03 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-02 23:08 --------- d-----w C:\Documents and Settings\Greg\Application Data\Move Networks
2007-10-28 01:45 --------- d-----w C:\Documents and Settings\Greg\Application Data\Microsoft Games
2007-10-28 01:41 --------- d-----w C:\Program Files\GameSpy Arcade
2007-10-28 01:38 --------- d-----w C:\Program Files\Microsoft Games
2007-10-26 20:20 --------- d-----w C:\Program Files\Java
2007-10-25 17:05 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-10-25 17:05 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-10-25 17:03 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-10-25 17:01 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-10-25 16:58 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-08-18 02:23 774,144 ----a-w C:\Program Files\RngInterstitial.dll
.

((((((((((((((((((((((((((((( snapshot_2007-12-11_15.27.36.45 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-08-20 10:04:34 124,928 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\advpack.dll
+ 2007-08-20 10:04:34 214,528 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\dxtrans.dll
+ 2007-08-20 10:04:34 132,608 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\extmgr.dll
+ 2007-08-20 10:04:34 63,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\icardie.dll
+ 2007-08-17 10:20:54 63,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ie4uinit.exe
+ 2007-08-20 10:04:34 153,088 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakeng.dll
+ 2007-08-20 10:04:35 230,400 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieaksie.dll
+ 2007-08-17 07:34:25 161,792 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakui.dll
+ 2007-08-20 10:04:35 383,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dll
+ 2007-08-20 10:04:35 384,512 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iedkcs32.dll
+ 2007-08-20 10:04:37 6,058,496 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieframe.dll
+ 2007-08-20 10:04:38 44,544 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iernonce.dll
+ 2007-08-20 10:04:38 267,776 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iertutil.dll
+ 2007-08-17 10:20:54 13,824 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieudinit.exe
+ 2007-08-17 10:21:21 625,152 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe
+ 2007-08-20 10:04:39 27,648 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\jsproxy.dll
+ 2007-08-20 10:04:39 459,264 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeeds.dll
+ 2007-08-20 10:04:39 52,224 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeedsbs.dll
+ 2007-08-20 10:04:41 3,584,512 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtml.dll
+ 2007-08-20 10:04:41 477,696 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtmled.dll
+ 2007-08-20 10:04:41 193,024 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msrating.dll
+ 2007-08-20 10:04:42 671,232 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mstime.dll
+ 2007-08-20 10:04:42 102,400 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\occache.dll
+ 2007-03-06 01:22:41 213,216 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\updspapi.dll
+ 2007-08-20 10:04:42 105,984 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\url.dll
+ 2007-08-20 10:04:42 1,152,000 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\urlmon.dll
+ 2007-08-20 10:04:42 232,960 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\webcheck.dll
+ 2007-08-20 10:04:43 824,832 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
- 2007-08-20 10:04:34 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2007-10-10 23:55:51 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2007-08-20 10:04:34 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2007-10-10 23:55:51 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
- 2007-08-20 10:04:34 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2007-10-10 23:55:51 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2007-08-20 10:04:34 132,608 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2007-10-10 23:55:51 132,608 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2007-08-20 10:04:34 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2007-10-10 23:55:51 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2007-08-17 10:20:54 63,488 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2007-10-10 10:59:40 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2007-08-20 10:04:34 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2007-10-10 23:55:51 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2007-08-20 10:04:35 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2007-10-10 23:55:51 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2007-08-17 07:34:25 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2007-10-10 05:46:55 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2007-08-20 10:04:35 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2007-10-10 23:55:52 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2007-08-20 10:04:35 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2007-10-10 23:55:52 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2007-08-20 10:04:37 6,058,496 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2007-10-10 23:55:54 6,065,664 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2007-08-20 10:04:38 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2007-10-10 23:55:55 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2007-08-20 10:04:38 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2007-10-10 23:55:55 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2007-08-17 10:20:54 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2007-10-10 10:59:40 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2007-08-17 10:21:21 625,152 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2007-10-10 10:59:52 625,152 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2007-08-20 10:04:39 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2007-10-10 23:55:56 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2007-08-20 10:04:39 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2007-10-10 23:55:56 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2007-08-20 10:04:39 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2007-10-10 23:55:56 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2007-08-20 10:04:41 3,584,512 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2007-10-30 23:42:28 3,590,656 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-08-20 10:04:41 477,696 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2007-10-10 23:55:58 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2007-08-20 10:04:41 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2007-10-10 23:55:58 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2007-08-20 10:04:42 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2007-10-10 23:55:59 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2007-08-20 10:04:42 102,400 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2007-10-10 23:55:59 102,400 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
- 2005-08-30 03:54:26 1,287,168 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2007-10-29 22:43:03 1,287,680 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
- 2007-08-20 10:04:42 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
+ 2007-10-10 23:55:59 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
- 2007-08-20 10:04:42 1,152,000 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2007-10-10 23:56:00 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2007-08-20 10:04:42 232,960 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2007-10-10 23:56:00 232,960 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2007-08-20 10:04:43 824,832 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2007-10-10 23:56:00 824,832 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2006-10-19 03:47:18 222,208 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll
+ 2007-10-27 23:40:30 222,720 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll
- 2007-08-20 10:04:34 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2007-10-10 23:55:51 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2007-08-20 10:04:34 132,608 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2007-10-10 23:55:51 132,608 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2007-08-20 10:04:34 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2007-10-10 23:55:51 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2007-08-17 10:20:54 63,488 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2007-10-10 10:59:40 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2007-08-20 10:04:34 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2007-10-10 23:55:51 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2007-08-20 10:04:35 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2007-10-10 23:55:51 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2007-08-17 07:34:25 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2007-10-10 05:46:55 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
- 2007-08-20 10:04:35 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2007-10-10 23:55:52 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2007-08-20 10:04:35 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2007-10-10 23:55:52 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2007-08-20 10:04:37 6,058,496 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2007-10-10 23:55:54 6,065,664 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2007-08-20 10:04:38 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2007-10-10 23:55:55 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2007-08-20 10:04:38 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2007-10-10 23:55:55 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2007-08-17 10:20:54 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2007-10-10 10:59:40 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2007-08-20 10:04:39 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2007-10-10 23:55:56 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
- 2007-11-02 07:12:57 18,238,072 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2007-12-02 23:00:05 18,684,536 ----a-w C:\WINDOWS\system32\MRT.exe
- 2007-08-20 10:04:39 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2007-10-10 23:55:56 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2007-08-20 10:04:39 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2007-10-10 23:55:56 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2007-08-20 10:04:41 3,584,512 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2007-10-30 23:42:28 3,590,656 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-08-20 10:04:41 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2007-10-10 23:55:58 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2007-08-20 10:04:41 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2007-10-10 23:55:58 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
- 2007-08-20 10:04:42 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2007-10-10 23:55:59 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
- 2007-08-20 10:04:42 102,400 ----a-w C:\WINDOWS\system32\occache.dll
+ 2007-10-10 23:55:59 102,400 ----a-w C:\WINDOWS\system32\occache.dll
- 2005-08-30 03:54:26 1,287,168 ----a-w C:\WINDOWS\system32\quartz.dll
+ 2007-10-29 22:43:03 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
- 2007-07-18 12:42:22 60,416 ------w C:\WINDOWS\system32\tzchange.exe
+ 2007-11-13 11:31:11 60,416 ------w C:\WINDOWS\system32\tzchange.exe
- 2007-08-20 10:04:42 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2007-10-10 23:55:59 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2007-08-20 10:04:42 1,152,000 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2007-10-10 23:56:00 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2007-08-20 10:04:42 232,960 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-10-10 23:56:00 232,960 ----a-w C:\WINDOWS\system32\webcheck.dll
- 2007-08-20 10:04:43 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2007-10-10 23:56:00 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
- 2006-10-19 03:47:18 222,208 ----a-w C:\WINDOWS\system32\WMASF.dll
+ 2007-10-27 23:40:30 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
+ 2007-12-12 02:04:34 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_4b8.dat
+ 2007-12-12 02:03:42 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_570.dat
+ 2007-12-12 02:03:46 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_98.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 10:24]
"ATI DeviceDetect"="C:\Program Files\ATI Multimedia\main\ATIDtct.EXE" [2004-11-04 18:13]
"ATI Remote Control"="C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe" [2004-08-26 23:51]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2006-11-30 21:49]
"ccleaner"="C:\Program Files\CCleaner\ccleaner.exe" [2007-11-22 10:10]
"PhotoShow Deluxe Media Manager"="C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe" [2005-01-21 18:04]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 15:46]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-11-03 21:10]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-02-08 12:36]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-02-08 12:32]
"CreateCD_Reminder"="C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe" [2004-07-16 13:17]
"VAIO Update 2"="C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" [2005-01-14 14:43]
"VZRemoteCommander"="C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe" [2005-01-31 10:10]
"VAIO Recovery"="C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe" [2003-04-19 23:08]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-10-25 10:20]
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe" [2006-03-21 19:30]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-30 00:14]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 13:19]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06]
"SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-10-15 19:40]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-11-14 23:43]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-15 13:11]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2007-08-13 18:04]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
ymetray.lnk - C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe [2007-08-28 12:09:10]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"system"="kdqoo.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=C:\WINDOWS\pss\Logitech SetPoint.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
2007-07-13 19:45 32768 --a------ C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

R2 AdobeActiveFileMonitor;Adobe Active File Monitor;C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB
R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB

.
Contents of the 'Scheduled Tasks' folder
"2007-11-24 04:22:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-11-11 15:00:00 C:\WINDOWS\Tasks\rpc.job"
- C:\Program Files\Winferno\RegistryPowerCleaner\RegPowerClean.exe
"2007-12-10 01:00:00 C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job"
- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
.
**************************************************************************

catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-11 20:04:28
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-11 20:07:11 - machine was rebooted
C:\ComboFix2.txt ... 2007-12-11 15:28
C:\ComboFix3.txt ... 2007-12-06 16:23
.
--- E O F ---


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:09:09 PM, on 12/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ATI Multimedia\main\ATIDtct.EXE
C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: IE7pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7pro\IE7pro.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: EWPBrowseObject Class - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [CreateCD_Reminder] C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [VZRemoteCommander] C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\ATIDtct.EXE
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll
O9 - Extra 'Tools' menuitem: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7pro\IE7pro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {32305793-C19A-48E7-AD2F-D87FF7B264A4} (TenebrilSpywareScanner Control) - http://www.tenebril.com/assets/activeX/SpywareScannerV2.ocx
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://zone.msn.com/bingame/dsh2/default/D...h2.1.0.0.68.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165789270203
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/chnz/default/mjolauncher.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (MSN Games Texas Holdem Poker) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab60231.cab
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} (ZPA_SHVL Object) - http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} (CPlayFirstddfotgControl Object) - http://zone.msn.com/bingame/fotg/default/ddfotg.1.0.0.37.cab
O16 - DPF: {D54160C3-DB7B-4534-9B65-190EE4A9C7F7} (SproutLauncherCtrl Class) - http://zone.msn.com/bingame/feed/default/SproutLauncher.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://zone.msn.com/bingame/cnma/default/ct.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://zone.msn.com/bingame/dash/default/D...sh.1.0.0.94.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3698B8B7-7369-49FD-8AB7-47EA6363398E}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{C97AA0ED-25DC-4640-B258-D38B9C0274D2}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{D15F6213-42F4-411F-A556-7F3CB1B728BB}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: bw-0 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0A656BCC-9B9B-4A84-ADB0-8E0A51E3069C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)

--
End of file - 17053 bytes

#15 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,590 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:11 AM

Posted 12 December 2007 - 11:01 AM

Download this tool to your desktop:
http://www.uploads.ejvindh.net/rootchk.exe
Run the program. After a short time a logfile will turn up. Copy the contents of the log into the thread.

Notice: Some security-programs prevent the creation of dummy drivers with certain names. This may cause false positives. If the log of rootchk contains a lot of hidden drivers, you may want to turn of your security programs while rootchk is scanning (you should then unhook your network connection as well)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users