Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer functions like it has a virus but antivirus cant find one.


  • This topic is locked This topic is locked
14 replies to this topic

#1 wicks_10

wicks_10

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 03 February 2009 - 06:46 PM

My computer started running slow and the CPU kept maxing out after I downloaded a torrent. Although I downloaded it, i never got it open before the computer started acting up. I couldn't run anything and could not get it to stop what ever it was doing. I even tried to delete the file but it wouldn't let me. I had a virus a few months ago that did a simmilar thing so I checked my system restore and like last time, it had erased all my restore points. After a little while the computer quit acting up and I was able to delete the file. I decided to restart it and when I did, the time on the computer reads in military time. This seemed to be the same thing I had before but with the various anti-virus and malware scanners I have used I can't seem to find what it is. Before I was able to find out what it was and get research a way to get rid of it. I think it was total secure 2009, false alert, and smityfraud virises before. I can't find out what it is now though and the computer is not doing so well right now so I thought maybe you guys could help me out. Thanks for your time.

(Edit)
I did a little looking around and found the same torrent file on other sites. Some of them had comments on them saying that they had a virus called Kryptic.FF. I can't seem to find any info on how to get rid of it.


Here is my DDS log file.




DDS (Ver_09-02-01.01) - NTFSx86
Run by Jolleys at 16:18:57.84 on Tue 02/03/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.111 [GMT -7:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\AVG\AVG8\avgrsx.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\Documents and Settings\Jolleys\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.altavista.com/
uDefault_Page_URL = hxxp://www.dell4me.com/myway
uSearch Bar = hxxp://bfc.myway.com/search/de_srchlft.html
uURLSearchHooks: H - No File
BHO: {1CF769EF-7B5E-4A76-9FFB-F2D74CB5E564} - No File
BHO: {1E79CCE2-F70B-4E0C-B56B-5E3BF158E8F1} - No File
BHO: {358F6941-A6B7-4FCC-9948-8032B5BBBBA1} - No File
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: {7016B321-B597-33E6-8E5D-D45EF13BFD6F} - No File
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
BHO: {ADEFE9B7-FEF0-464A-9D84-843E1FB5EA28} - No File
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\4.1.805.4472\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: {E199CC4F-570E-401C-ADE0-05D2F59D71FA} - No File
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {ECA461A0-4981-4FD7-A303-35142719883E} - No File
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [FreeRAM XP] "c:\program files\yourware solutions\freeram xp pro\FreeRAM XP Pro.exe" -win
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [CTSyncU.exe] "c:\program files\creative\sync manager unicode\CTSyncU.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [PRONoMgrWired] c:\program files\intel\prosetwired\ncs\proset\PRONoMgr.exe
mRun: [Lexmark X1100 Series] "c:\program files\lexmark x1100 series\lxbkbmgr.exe"
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [Dell Wireless Manager UI] c:\windows\system32\WLTRAY
mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photos.walmart.com/WalmartActivia.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: cbXNFvVN - cbXNFvVN.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: kykbwx.dll,ippuko.dll,mcsuzo.dll,niywel.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {ADEFE9B7-FEF0-464A-9D84-843E1FB5EA28} - No File
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
LSA: Authentication Packages = msv1_0 c:\windows\system32\cbXPjjkH

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-11-30 325128]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-11-30 27656]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-11-30 107272]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2008-9-3 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-9-3 55024]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-11-30 903960]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-11-30 298264]
S3 CEUSBAUD;DigiTech USB MIDI Driver;c:\windows\system32\drivers\ceusbaud.sys [2003-11-1 17920]
S3 PbsAuDrv;PolderbitS Audio Driver;c:\windows\system32\drivers\pbsaudrv.sys --> c:\windows\system32\drivers\pbsaudrv.sys [?]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2008-9-3 7408]
S3 TMPassthruMP;TMPassthruMP;c:\windows\system32\drivers\tmpassthru.sys --> c:\windows\system32\drivers\TMPassthru.sys [?]

=============== Created Last 30 ================

2009-02-03 14:42 <DIR> --d----- c:\program files\Uniblue
2009-02-03 14:41 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2009-02-03 10:21 <DIR> --d----- c:\docume~1\jolleys\applic~1\AVGTOOLBAR
2009-02-02 20:19 <DIR> --d----- c:\docume~1\jolleys\applic~1\Symantec
2009-02-02 20:19 <DIR> --d----- c:\documents and settings\Jolleys
2009-01-21 12:19 <DIR> --d----- c:\program files\Microsoft
2009-01-21 12:19 <DIR> --d----- c:\program files\Windows Live SkyDrive
2009-01-21 12:18 <DIR> --d----- c:\program files\Free Audio Pack
2009-01-21 12:18 <DIR> --d----- c:\docume~1\alluse~1\applic~1\FreeRIP
2009-01-21 12:17 <DIR> --d----- c:\program files\PolderbitS
2009-01-21 12:15 <DIR> --d----- c:\windows\LastGood(2).Tmp
2009-01-19 21:28 135,168 a------- c:\windows\system32\igfxres.dll
2009-01-19 20:56 <DIR> --d----- c:\program files\Windows Desktop Search
2009-01-19 20:56 <DIR> --d----- c:\windows\system32\GroupPolicy
2009-01-19 20:54 192,000 -------- c:\windows\system32\dllcache\offfilt.dll
2009-01-19 20:54 98,304 -------- c:\windows\system32\dllcache\nlhtml.dll
2009-01-19 20:54 29,696 -------- c:\windows\system32\dllcache\mimefilt.dll
2009-01-19 20:53 <DIR> --d----- c:\program files\Windows Media Connect 2
2009-01-19 20:46 33,664 a------- c:\windows\system32\drivers\BCMWLNPF.SYS
2009-01-19 20:46 86,016 a------- c:\windows\system32\preflib.dll
2009-01-19 20:46 69,632 a------- c:\windows\system32\bcmwlpkt.dll
2009-01-19 20:46 2,129,920 a------- c:\windows\system32\WLBCGCBPRO731.DLL
2009-01-19 20:46 757,760 a------- c:\windows\system32\bcm1xsup.dll
2009-01-19 20:02 <DIR> --d----- c:\program files\common files\Windows Live
2009-01-19 11:08 110,592 a------- c:\windows\system32\RCSigProc.dll
2009-01-19 11:08 6,760,280 a------- c:\windows\system32\NEFcodec.dll
2009-01-19 11:08 200,704 a------- c:\windows\system32\Strato7.dll
2009-01-14 21:27 5,068,152 a------- c:\windows\system32\SpoonUninstall.exe
2009-01-14 21:27 33,846 a------- c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.bmp
2009-01-14 21:27 13,785 a------- c:\windows\system32\SpoonUninstall-dBpoweramp Music Converter.dat
2009-01-14 21:27 <DIR> --d----- c:\program files\Illustrate
2009-01-14 16:39 <DIR> --d----- c:\program files\FreeRIP3
2009-01-14 16:24 <DIR> --d----- c:\program files\GoodSoft Development
2009-01-14 12:23 <DIR> --d----- C:\92029e905f7a8c77867eda

==================== Find3M ====================

2009-01-30 17:28 10,520 a------- c:\windows\system32\avgrsstx.dll
2009-01-30 17:28 325,128 a------- c:\windows\system32\drivers\avgldx86.sys
2009-01-30 17:28 107,272 a------- c:\windows\system32\drivers\avgtdix.sys
2009-01-30 11:05 20 ----h--- c:\docume~1\alluse~1\applic~1\PKP_DLdw.DAT
2009-01-14 16:11 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-14 16:11 15,504 a------- c:\windows\system32\drivers\mbam.sys
2008-12-15 12:33 410,984 a------- c:\windows\system32\deploytk.dll
2008-12-12 23:40 3,593,216 a------- c:\windows\system32\dllcache\mshtml.dll
2008-12-11 14:45 0 a---h--- c:\windows\system32\drivers\Msft_User_ZuneDriver_01_07_00.Wdf
2008-12-11 14:45 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_WinUSB_01007.Wdf
2008-12-11 14:38 0 a---h--- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2008-12-11 10:25 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_zumbus_01007.Wdf
2008-12-11 10:25 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2008-12-11 03:57 333,952 a------- c:\windows\system32\drivers\srv.sys
2008-12-11 03:57 333,952 -------- c:\windows\system32\dllcache\srv.sys
2008-12-02 12:59 118,784 a------- c:\windows\dsdxirmv.exe
2008-11-10 10:56 78,295 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2005-09-20 18:43 1,890 a--sh--- c:\windows\system32\KGyGaAvL.sys

============= FINISH: 16:19:53.32 ===============

Attached Files


Edited by wicks_10, 03 February 2009 - 08:17 PM.


BC AdBot (Login to Remove)

 


#2 wicks_10

wicks_10
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 10 February 2009 - 05:50 PM

Did a little more looking around and some other people said that the file contains Win32/AutoRun.ABH worm & Win32/TrojanDownloader.Agent trojan. Don't know if this will help but I hope it does.

Thanks again

#3 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:14 AM

Posted 12 February 2009 - 06:46 PM

Hello. I am PropagandaPanda (Panda or PP for short), and I will be helping you with your log.

I apologize for the delay in response. We get overwhelmed with logs at times, but we are trying our best to keep up. If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following so I can have a look at the current condition of your machine.

You may want to keep the link to this topic in your favourites. Alternatively, you can click the Posted Image button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.

Download and Run ATFCleaner
Please download ATF Cleaner by Atribune. This program will clear out temporary files before we run OTScanIt. You will likely be logged out of the forum where you are recieving help.

This program is for XP and Windows 2000 only.
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main Select Files to Delete choose: Select All.
  • Click the Empty Selected button.
  • If you use any other browsers, select them appropriately from the top and empty all items.
Download and Run OTScanIt
Download OTScanIt by OldTimer to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt on your desktop.
  • Open the OTScanIt folder and double-click on OTScanIt.exe to start the program. If you are running on Vista then right-click the program and choose Run as Administrator.
  • Click the Extras button under "Additional Scans".
  • Now click the Run Scan button on the toolbar.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
  • Close Notepad (saving the change if necessary).
  • Use the Add Reply button in the forum and Attach the scan back here (do not copy/paste it as it will be too big to fit into the post). It will be located in the OTScanIt folder and named OTScanIt.txt.
Download and Run Scan with GMER
We will use GMER to scan for rootkits.

Please download GMER.zip to your desktop from any of the links below:
LINK1, LINK2
  • Right click on GMER.zip and select "Extract All".
  • Close all other open programs as there is a slight chance your computer will crash.
  • Double click GMER.exe. If you are using Windows Vista, right click the icon and select "Run as Administrator". Your security programs may detect GMER's driver trying to load. Allow it.
  • You may see a warning saying "GMER has detected rootkit activity". If so, select NO.
  • Leaving the settings at default, click Scan.
  • When the scan is complete, click Save and save the log onto your desktop.
Please include the log in your next reply.
In your next reply include:
-the OTScanIt log (attached)
-the GMER log (pasted directly into your reply)

Please also tell me of any changes you have made to your computer since your topic was started.

If you do not make a reply in 5 days, we will need to close your topic.

With Regards,
The Panda

#4 wicks_10

wicks_10
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 12 February 2009 - 10:21 PM

Hello and thanks for the assistance. Since I posted this topic I have ran checkdisk and system file checker. I hope that these wont hurt anything at this point. Here is my GMAR log and OTScan log. Thanks again for your help.

GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2009-02-12 20:10:09
Windows 5.1.2600 Service Pack 3


---- Kernel code sections - GMER 1.0.14 ----

? System32\Drivers\hiber_WMILIB.SYS The system cannot find the file specified. !

---- Devices - GMER 1.0.14 ----

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Ip ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)

Device \FileSystem\Fastfat \Fat A8E23D20

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Cdfs \Cdfs tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

---- Registry - GMER 1.0.14 ----

Reg HKLM\SOFTWARE\Classes\CLSID\{31E3FC97-DFA6-BD2D-E982-A7B9DBD87050}\InprocServer32@ C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{31E3FC97-DFA6-BD2D-E982-A7B9DBD87050}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{31E3FC97-DFA6-BD2D-E982-A7B9DBD87050}\MiscStatus@ 0
Reg HKLM\SOFTWARE\Classes\CLSID\{31E3FC97-DFA6-BD2D-E982-A7B9DBD87050}\MiscStatus\1
Reg HKLM\SOFTWARE\Classes\CLSID\{31E3FC97-DFA6-BD2D-E982-A7B9DBD87050}\MiscStatus\1@ 2229649
Reg HKLM\SOFTWARE\Classes\CLSID\{31E3FC97-DFA6-BD2D-E982-A7B9DBD87050}\ProgID@ OWC11.DataSourceControl.11
Reg HKLM\SOFTWARE\Classes\CLSID\{31E3FC97-DFA6-BD2D-E982-A7B9DBD87050}\ToolboxBitmap32@ C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL, 1001
Reg HKLM\SOFTWARE\Classes\CLSID\{31E3FC97-DFA6-BD2D-E982-A7B9DBD87050}\TypeLib@ {0002E558-0000-0000-C000-000000000046}
Reg HKLM\SOFTWARE\Classes\CLSID\{31E3FC97-DFA6-BD2D-E982-A7B9DBD87050}\Version@ 1.0
Reg HKLM\SOFTWARE\Classes\CLSID\{31E3FC97-DFA6-BD2D-E982-A7B9DBD87050}\VersionIndependentProgID@ OWC11.DataSourceControl

---- EOF - GMER 1.0.14 ----

Attached Files



#5 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:14 AM

Posted 13 February 2009 - 09:28 AM

Hello.

I see some leftovers of infection. Nothing active.

Disable Realtime Protection
Antimalware programs can interfere with the tools we need to run. Please temporarily disable all realtime protections you have enabled. Refer to this page, if you are unsure how.

To disable AVG:
  • Please navigate to the system tray on the bottom right hand corner and look for this Posted Image sign.
  • Right click it-> select Quit Control Center.
  • A warning will pop up, click Yes
Run Fix with OTScanIt
We will run OTScanIt with directives. If you have lost your copy of OTScanIt, download it here and extract it like you did last time.
  • Double click the OTScanIt.exe icon in the OTScanIt folder on your desktop. If you are using Windows Vista, right click OTScanIt.exe and select Run as Administrator.
  • Copy the contents of the codebox below into the "Paste fix here" box.
    [Kill Explorer]
    [Registry - Safe List]
    < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
    YN -> {1CF769EF-7B5E-4A76-9FFB-F2D74CB5E564} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
    YN -> {1E79CCE2-F70B-4E0C-B56B-5E3BF158E8F1} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
    YN -> {358F6941-A6B7-4FCC-9948-8032B5BBBBA1} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
    YN -> {7016B321-B597-33E6-8E5D-D45EF13BFD6F} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
    YN -> {ADEFE9B7-FEF0-464A-9D84-843E1FB5EA28} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
    YN -> {E199CC4F-570E-401C-ADE0-05D2F59D71FA} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
    YN -> {ECA461A0-4981-4FD7-A303-35142719883E} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
    < AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
    *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls
    YN -> kykbwx.dll -> 
    YN -> ippuko.dll -> 
    YN -> mcsuzo.dll -> 
    YN -> niywel.dll -> 
    < AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
    < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
    YN -> cbXNFvVN -> 
    < LSA Authentication Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages
    *LSA Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages
    NY -> C:\WINDOWS\system32\cbXPjjkH -> 
    < LSA Authentication Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages
    [Empty Temp Folders]
    [Reboot]
  • Close all windows except OTScanIt.
  • Click it Run Fix button.
When the fix is completed a message box will popup either telling you that it is finished, or that a reboot is needed to complete the fix. If the fix is complete, click OK and Notepad will open with a log of actions taken during the fix. Post that log back here in your next reply.

If a reboot is required, click the "Yes" button to reboot the machine. After the reboot, OTScanIt2 will finish moving any files that could not be moved during the fix. Notepad will open with the final results at that time. Post that log back here in your next reply.

Run Scan with Kaspersky
Please do a scan with Kaspersky Online Scanner.

This scan is for Internet Explorer Only.

If you are using Windows Vista, open your browser by right-clicking on its icon and select Run as administrator to perform this scan.

  • Please disable your realtime protection software before proceeding. Refer to this page if you are unsure how.
  • Open the Kaspersky Scanner page.
  • Click on Accept and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
You can refer to this animation by sundavis.

This scanner will only scan. It does not remove any malware it finds.


Please post back with:
-the OTScanIt fix log
-the Kaspersky scan log
-a new OTscanIt scan log

Please tell me of any symptoms that are present at this point.

With Regards,
The Panda

#6 wicks_10

wicks_10
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 13 February 2009 - 10:23 PM

Sorry for taking so long to reply. I was having troubles with the Kaspersky scan. Would take two hours only to freeze at 95%. It did find a few things and I had to scan each folder individually after the file it would freeze on. Not sure what it says about that file. It was in the windows/softwaredistribution folder. As far as symptoms, the clock is still in millitary time but other than that, the computer runs much faster. It does seem much better and seems to be using less memory and CPU. The OTScanIt log file that is named 02132009_124800 is the first one. The Docs and Settings file is the Kaspersky scan results and the results below are the current OTScanIt log. Sorry, it wouldn't let me attach it to the post. Let me know if there are any problems. Thanks again.


OTScanIt2 logfile created on: 2/13/2009 7:52:56 PM - Run 2
OTScanIt2 by OldTimer - Version 1.0.7.1	 Folder = C:\Documents and Settings\Jolleys\Desktop\OTScanIt2
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
503.37 Mb Total Physical Memory | 345.89 Mb Available Physical Memory | 68.72% Memory free
929.79 Mb Paging File | 625.21 Mb Available in Paging File | 67.24% Paging File free
Paging file location(s): C:\pagefile.sys 300 754;
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52.36 Gb Total Space | 4.06 Gb Free Space | 7.75% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: BRITNEY
Current User Name: Jolleys
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On
File Age = 30 Days
 
[Processes - Safe List]
avgcsrvx.exe -> %ProgramFiles%\AVG\AVG8\avgcsrvx.exe -> [2009/01/30 17:28:13 | 00,687,896 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgemc.exe -> %ProgramFiles%\AVG\AVG8\avgemc.exe -> [2009/01/30 17:27:52 | 00,903,960 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgnsx.exe -> %ProgramFiles%\AVG\AVG8\avgnsx.exe -> [2009/01/30 17:28:11 | 00,592,128 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgrsx.exe -> %ProgramFiles%\AVG\AVG8\avgrsx.exe -> [2009/01/30 17:28:14 | 00,484,120 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgwdsvc.exe -> %ProgramFiles%\AVG\AVG8\avgwdsvc.exe -> [2009/01/30 17:28:01 | 00,298,264 | ---- | M] (AVG Technologies CZ, s.r.o.)
bcmwltry.exe -> %SystemRoot%\system32\BCMWLTRY.EXE -> [2006/11/01 20:48:10 | 01,253,376 | ---- | M] (Dell Inc.)
ctsvccda.exe -> %SystemRoot%\system32\CTSVCCDA.EXE -> [1999/12/12 10:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd)
dlg.exe -> %ProgramFiles%\Digital Line Detect\DLG.exe -> [2003/10/29 01:06:00 | 00,024,576 | ---- | M] (BVRP Software)
dmxlauncher.exe -> %ProgramFiles%\Dell\Media Experience\DMXLauncher.exe -> [2005/01/26 23:02:00 | 00,086,016 | ---- | M] ()
dvdlauncher.exe -> %ProgramFiles%\CyberLink\PowerDVD\DVDLauncher.exe -> [2005/02/23 14:19:56 | 00,053,248 | ---- | M] (CyberLink Corp.)
googleupdaterservice.exe -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2008/10/20 17:30:55 | 00,168,432 | ---- | M] (Google)
hkcmd.exe -> %SystemRoot%\system32\hkcmd.exe -> [2005/10/14 14:46:34 | 00,077,824 | ---- | M] (Intel Corporation)
igfxpers.exe -> %SystemRoot%\system32\igfxpers.exe -> [2005/10/14 14:50:30 | 00,114,688 | ---- | M] (Intel Corporation)
igfxsrvc.exe -> %SystemRoot%\system32\igfxsrvc.exe -> [2005/10/14 14:46:24 | 00,159,744 | ---- | M] (Intel Corporation)
issch.exe -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe -> [2004/07/27 14:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation)
jqs.exe -> %ProgramFiles%\Java\jre6\bin\jqs.exe -> [2008/12/15 12:33:04 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.)
jusched.exe -> %ProgramFiles%\Java\jre6\bin\jusched.exe -> [2008/12/15 12:33:05 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.)
lexbces.exe -> %SystemRoot%\system32\LEXBCES.EXE -> [2003/08/18 09:37:10 | 00,303,104 | ---- | M] (Lexmark International, Inc.)
lexpps.exe -> %SystemRoot%\system32\LEXPPS.EXE -> [2003/08/18 09:32:56 | 00,174,592 | ---- | M] (Lexmark International, Inc.)
mdnsresponder.exe -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> [2006/02/28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.)
nicconfigsvc.exe -> %ProgramFiles%\Dell\NicConfigSvc\NicConfigSvc.exe -> [2005/03/03 21:29:02 | 00,356,352 | ---- | M] (Dell Inc.)
otscanit2.exe -> %UserProfile%\Desktop\OTScanIt2\OTScanIt2.exe -> [2009/01/26 12:13:22 | 00,485,376 | ---- | M] (OldTimer Tools)
pronomgr.exe -> %ProgramFiles%\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe -> [2004/12/09 11:58:46 | 00,086,016 | ---- | M] (Intel(R) Corporation)
quickset.exe -> %ProgramFiles%\Dell\QuickSet\quickset.exe -> [2005/03/04 09:26:08 | 00,606,208 | ---- | M] ()
syntpenh.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> [2004/05/13 22:35:50 | 00,536,576 | ---- | M] (Synaptics, Inc.)
syntplpr.exe -> %ProgramFiles%\Synaptics\SynTP\SynTPLpr.exe -> [2004/05/13 08:23:56 | 00,098,304 | ---- | M] (Synaptics, Inc.)
taskmgr.exe -> %SystemRoot%\system32\taskmgr.exe -> [2008/04/13 17:12:37 | 00,135,680 | ---- | M] (Microsoft Corporation)
tfswctrl.exe -> %SystemRoot%\system32\dla\tfswctrl.exe -> [2004/12/05 23:05:00 | 00,127,035 | ---- | M] (Sonic Solutions)
wltray.exe -> %SystemRoot%\system32\WLTRAY.EXE -> [2006/11/01 20:48:12 | 01,392,640 | ---- | M] (Dell Inc.)
wltrysvc.exe -> %SystemRoot%\system32\WLTRYSVC.EXE -> [2006/11/01 20:48:12 | 00,020,480 | ---- | M] ()
wmiprvse.exe -> %SystemRoot%\system32\wbem\wmiprvse.exe -> [2008/04/13 17:12:40 | 00,218,112 | ---- | M] (Microsoft Corporation)
wscntfy.exe -> %SystemRoot%\system32\wscntfy.exe -> [2008/04/13 17:12:41 | 00,013,824 | ---- | M] (Microsoft Corporation)
 
[Win32 Services - Safe List]
(aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2007/10/24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation)
(avg8emc) AVG Free8 E-mail Scanner [Win32_Own | Auto | Running] -> %ProgramFiles%\AVG\AVG8\avgemc.exe -> [2009/01/30 17:27:52 | 00,903,960 | ---- | M] (AVG Technologies CZ, s.r.o.)
(avg8wd) AVG Free8 WatchDog [Win32_Own | Auto | Running] -> %ProgramFiles%\AVG\AVG8\avgwdsvc.exe -> [2009/01/30 17:28:01 | 00,298,264 | ---- | M] (AVG Technologies CZ, s.r.o.)
(Bonjour Service) ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## [Win32_Own | Auto | Running] -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> [2006/02/28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.)
(clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2007/10/24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation)
(Creative Service for CDROM Access) Creative Service for CDROM Access [Win32_Own | Auto | Running] -> %SystemRoot%\system32\CTSVCCDA.EXE -> [1999/12/12 10:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd)
(DSBrokerService) DSBrokerService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\DellSupport\brkrsvc.exe -> [2007/03/07 14:47:46 | 00,076,848 | ---- | M] ()
(FLEXnet Licensing Service) FLEXnet Licensing Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> [2007/11/19 14:33:51 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.)
(gusvc) Google Updater Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2008/10/20 17:30:55 | 00,168,432 | ---- | M] (Google)
(helpsvc) Help and Support [Win32_Shared | Auto | Running] -> %SystemRoot%\pchealth\helpctr\binaries\pchsvc.dll -> [2008/04/13 17:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation)
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation)
(JavaQuickStarterService) Java Quick Starter [Win32_Own | Auto | Running] -> %ProgramFiles%\Java\jre6\bin\jqs.exe -> [2008/12/15 12:33:04 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.)
(LexBceS) LexBce Server [Win32_Own | Auto | Running] -> %SystemRoot%\system32\LEXBCES.EXE -> [2003/08/18 09:37:10 | 00,303,104 | ---- | M] (Lexmark International, Inc.)
(NetSvc) Intel NCS NetService [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Intel\PROSetWired\NCS\Sync\NetSvc.exe -> [2003/12/17 11:59:48 | 00,143,360 | ---- | M] (Intel(R) Corporation)
(NICCONFIGSVC) NICCONFIGSVC [Win32_Own | Auto | Running] -> %ProgramFiles%\Dell\NicConfigSvc\NicConfigSvc.exe -> [2005/03/03 21:29:02 | 00,356,352 | ---- | M] (Dell Inc.)
(ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2003/07/28 11:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation)
(wltrysvc) Dell Wireless WLAN Tray Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\WLTRYSVC.EXE -> [2006/11/01 20:48:12 | 00,020,480 | ---- | M] ()
(WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation)
(WudfSvc) Windows Driver Foundation - User-mode Driver Framework [Win32_Shared | Auto | Running] -> %SystemRoot%\system32\WudfSvc.dll -> [2008/01/19 00:37:14 | 00,055,296 | ---- | M] (Microsoft Corporation)
 
[Driver Services - Safe List]
(AliIde) AliIde [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\aliide.sys -> [2001/08/17 11:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.)
(amdagp) AMD AGP Bus Filter Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\amdagp.sys -> [2008/04/13 11:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.)
(APPDRV) APPDRV [Kernel | System | Running] -> %SystemRoot%\system32\drivers\APPDRV.SYS -> [2004/08/18 12:53:54 | 00,016,128 | ---- | M] (Dell Inc)
(asc) asc [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\asc.sys -> [2001/08/17 11:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.)
(asc3550) asc3550 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\asc3550.sys -> [2001/08/17 11:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.)
(AvgLdx86) AVG Free AVI Loader Driver x86 [Kernel | System | Running] -> %SystemRoot%\system32\drivers\avgldx86.sys -> [2009/01/30 17:28:14 | 00,325,128 | ---- | M] (AVG Technologies CZ, s.r.o.)
(AvgMfx86) AVG Free On-access Scanner Minifilter Driver x86 [File_System | System | Running] -> %SystemRoot%\system32\drivers\avgmfx86.sys -> [2009/01/30 17:28:14 | 00,027,656 | ---- | M] (AVG Technologies CZ, s.r.o.)
(AvgTdiX) AVG Free8 Network Redirector [Kernel | System | Running] -> %SystemRoot%\system32\drivers\avgtdix.sys -> [2009/01/30 17:28:11 | 00,107,272 | ---- | M] (AVG Technologies CZ, s.r.o.)
(BCM43XX) Dell Wireless WLAN Card Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\BCMWL5.SYS -> [2006/10/12 23:28:42 | 00,604,928 | ---- | M] (Broadcom Corporation)
(CEUSBAUD) DigiTech USB MIDI Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ceusbaud.sys -> [2003/11/01 13:19:38 | 00,017,920 | ---- | M] (CEntrance, Inc.)
(CmdIde) CmdIde [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\cmdide.sys -> [2001/08/17 11:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.)
(dac2w2k) dac2w2k [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dac2w2k.sys -> [2001/08/17 11:52:16 | 00,179,584 | ---- | M] (Mylex Corporation)
(drvmcdb) drvmcdb [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\drvmcdb.sys -> [2004/12/01 01:22:00 | 00,087,488 | ---- | M] (Sonic Solutions)
(drvnddm) drvnddm [File_System | Auto | Running] -> %SystemRoot%\system32\drivers\drvnddm.sys -> [2004/11/23 00:56:00 | 00,040,480 | ---- | M] (Sonic Solutions)
(DSproct) DSproct [Kernel | On_Demand | Stopped] -> %ProgramFiles%\DellSupport\GTAction\triggers\DSproct.sys -> [2006/10/05 15:07:28 | 00,004,736 | ---- | M] (Gteko Ltd.)
(dsunidrv) DellSupport UniDriver [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\dsunidrv.sys -> [2007/02/25 11:10:48 | 00,005,376 | --S- | M] (Gteko Ltd.)
(E100B) Intel(R) PRO Network Connection Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\e100b325.sys -> [2005/06/13 12:58:04 | 00,162,816 | ---- | M] (Intel Corporation)
(gmer) gmer [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\gmer.sys -> [2009/02/12 19:51:58 | 00,085,969 | ---- | M] (GMER)
(HSFHWICH) HSFHWICH [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSFHWICH.sys -> [2005/05/03 15:08:50 | 00,208,384 | ---- | M] (Conexant Systems, Inc.)
(HSF_DP) HSF_DP [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\HSF_DP.sys -> [2004/06/17 18:55:04 | 01,041,536 | ---- | M] (Conexant Systems, Inc.)
(HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_DPV.SYS -> [2005/05/03 15:09:28 | 01,033,728 | ---- | M] (Conexant Systems, Inc.)
(ialm) ialm [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ialmnt5.sys -> [2005/10/14 15:15:18 | 01,302,812 | ---- | M] (Intel Corporation)
(mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\mdmxsdk.sys -> [2004/03/17 12:04:14 | 00,013,059 | ---- | M] (Conexant)
(mraid35x) mraid35x [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\mraid35x.sys -> [2001/08/17 11:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.)
(nv) nv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\nv4_mini.sys -> [2004/08/03 20:29:56 | 01,897,408 | ---- | M] (NVIDIA Corporation)
(omci) OMCI WDM Device Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\omci.sys -> [2004/02/13 14:46:00 | 00,017,153 | ---- | M] (Dell Inc)
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> [2004/08/04 03:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pxhelp20.sys -> [2005/01/26 00:03:00 | 00,020,576 | ---- | M] (Sonic Solutions)
(ql1080) ql1080 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql1080.sys -> [2001/08/17 11:52:20 | 00,040,320 | ---- | M] (QLogic Corporation)
(ql12160) ql12160 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql12160.sys -> [2001/08/17 11:52:20 | 00,045,312 | ---- | M] (QLogic Corporation)
(ql1280) ql1280 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql1280.sys -> [2001/08/17 11:52:18 | 00,049,024 | ---- | M] (QLogic Corporation)
(SABProcEnum) SABProcEnum [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\sabprocenum.sys -> [2005/03/21 11:00:24 | 00,004,096 | ---- | M] (SuperAdBlocker.com)
(SASDIFSV) SASDIFSV [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\sasdifsv.sys -> [2008/09/03 13:07:14 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
(SASENUM) SASENUM [Kernel | On_Demand | Stopped] -> %ProgramFiles%\SUPERAntiSpyware\SASENUM.SYS -> [2008/09/03 13:07:16 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
(SASKUTIL) SASKUTIL [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASKUTIL.SYS -> [2008/09/03 13:07:12 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
(SCDEmu) SCDEmu [Kernel | System | Running] -> %SystemRoot%\system32\drivers\scdemu.sys -> [2008/11/02 01:44:10 | 00,056,572 | ---- | M] (PowerISO Computing, Inc.)
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> [2007/11/13 03:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(SilverLink) Texas Instruments SilverLink (USB GraphLink) Cable [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SilvrLnk.sys -> [2004/01/28 14:03:26 | 00,021,456 | ---- | M] (Texas Instruments Incorporated)
(sisagp) SIS AGP Bus Filter [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sisagp.sys -> [2008/04/13 11:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation)
(Sparrow) Sparrow [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sparrow.sys -> [2001/08/17 12:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.)
(sscdbhk5) sscdbhk5 [File_System | System | Running] -> %SystemRoot%\system32\drivers\sscdbhk5.sys -> [2004/07/14 09:29:04 | 00,005,627 | ---- | M] (Sonic Solutions)
(ssrtln) ssrtln [File_System | System | Running] -> %SystemRoot%\system32\drivers\ssrtln.sys -> [2004/07/14 09:28:50 | 00,023,545 | ---- | M] (Sonic Solutions)
(STAC97) SigmaTel C-Major Audio [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\STAC97.sys -> [2005/03/10 20:56:06 | 00,273,168 | ---- | M] (SigmaTel, Inc.)
(symc810) symc810 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\symc810.sys -> [2001/08/17 12:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.)
(symc8xx) symc8xx [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\symc8xx.sys -> [2001/08/17 12:07:36 | 00,032,640 | ---- | M] (LSI Logic)
(sym_hi) sym_hi [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sym_hi.sys -> [2001/08/17 12:07:40 | 00,028,384 | ---- | M] (LSI Logic)
(sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sym_u3.sys -> [2001/08/17 12:07:42 | 00,030,688 | ---- | M] (LSI Logic)
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\SynTP.sys -> [2004/05/13 08:19:22 | 00,182,688 | ---- | M] (Synaptics, Inc.)
(tfsnboio) tfsnboio [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsnboio.sys -> [2004/12/05 23:05:00 | 00,025,883 | ---- | M] (Sonic Solutions)
(tfsncofs) tfsncofs [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsncofs.sys -> [2004/12/05 23:05:00 | 00,034,843 | ---- | M] (Sonic Solutions)
(tfsndrct) tfsndrct [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsndrct.sys -> [2004/12/05 23:05:00 | 00,004,123 | ---- | M] (Sonic Solutions)
(tfsndres) tfsndres [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsndres.sys -> [2004/12/05 23:05:00 | 00,002,239 | ---- | M] (Sonic Solutions)
(tfsnifs) tfsnifs [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsnifs.sys -> [2004/12/05 23:05:00 | 00,086,586 | ---- | M] (Sonic Solutions)
(tfsnopio) tfsnopio [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsnopio.sys -> [2004/12/05 23:05:00 | 00,015,227 | ---- | M] (Sonic Solutions)
(tfsnpool) tfsnpool [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsnpool.sys -> [2004/12/05 23:05:00 | 00,006,363 | ---- | M] (Sonic Solutions)
(tfsnudf) tfsnudf [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsnudf.sys -> [2004/12/05 23:05:00 | 00,098,714 | ---- | M] (Sonic Solutions)
(tfsnudfa) tfsnudfa [File_System | Auto | Running] -> %SystemRoot%\system32\dla\tfsnudfa.sys -> [2004/12/05 23:05:00 | 00,100,603 | ---- | M] (Sonic Solutions)
(ultra) ultra [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ultra.sys -> [2001/08/17 11:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.)
(usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbaudio.sys -> [2008/04/13 11:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation)
(Wdf01000) Kernel Mode Driver Frameworks service [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\wdf01000.sys -> [2008/03/27 16:27:46 | 00,503,008 | ---- | M] (Microsoft Corporation)
(winachsf) winachsf [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_CNXT.sys -> [2005/05/03 15:08:44 | 00,705,408 | ---- | M] (Conexant Systems, Inc.)
(WinUSB) WinUSB [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\winusb.sys -> [2006/11/02 07:00:08 | 00,039,368 | ---- | M] (Microsoft Corporation)
 
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" ->  -> 
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> 
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> 
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> 
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> 
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 -> 
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
HKEY_CURRENT_USER\: Main\\"Default_Page_URL" -> http://www.dell4me.com/myway -> 
HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> 
HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.altavista.com/ -> 
HKEY_CURRENT_USER\: URLSearchHooks\\"{4D25F926-B9FE-4682-BF72-8AB8210D6D75}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> 
HKEY_USERS\.DEFAULT\: Main\\"Default_Page_URL" -> http://www.dell4me.com/myway -> 
HKEY_USERS\.DEFAULT\: Main\\"First Home Page" -> http://www.dell4me.com/myway -> 
HKEY_USERS\.DEFAULT\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_USERS\.DEFAULT\: Main\\"Start Page" -> http://www.dell4me.com/myway -> 
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> 
HKEY_USERS\S-1-5-18\: Main\\"Default_Page_URL" -> http://www.dell4me.com/myway -> 
HKEY_USERS\S-1-5-18\: Main\\"First Home Page" -> http://www.dell4me.com/myway -> 
HKEY_USERS\S-1-5-18\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_USERS\S-1-5-18\: Main\\"Start Page" -> http://www.dell4me.com/myway -> 
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-2165201365-620848561-3186278047-1008\] > -> -> 
HKEY_USERS\S-1-5-21-2165201365-620848561-3186278047-1008\: Main\\"Default_Page_URL" -> http://www.dell4me.com/myway -> 
HKEY_USERS\S-1-5-21-2165201365-620848561-3186278047-1008\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> 
HKEY_USERS\S-1-5-21-2165201365-620848561-3186278047-1008\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_USERS\S-1-5-21-2165201365-620848561-3186278047-1008\: Main\\"Start Page" -> http://www.altavista.com/ -> 
HKEY_USERS\S-1-5-21-2165201365-620848561-3186278047-1008\: URLSearchHooks\\"{4D25F926-B9FE-4682-BF72-8AB8210D6D75}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
HKEY_USERS\S-1-5-21-2165201365-620848561-3186278047-1008\: "ProxyEnable" -> 0 -> 
< HOSTS File > (291996 bytes and 10100 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 
First 25 entries...
127.0.0.1	   localhost
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	www.1001namen.com
127.0.0.1	1001namen.com
127.0.0.1	www.100888290cs.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	www.10sek.com
127.0.0.1	10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{1CF769EF-7B5E-4A76-9FFB-F2D74CB5E564} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{1E79CCE2-F70B-4E0C-B56B-5E3BF158E8F1} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{358F6941-A6B7-4FCC-9948-8032B5BBBBA1} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> %ProgramFiles%\AVG\AVG8\avgssie.dll [AVG Safe Search] -> [2009/01/30 17:28:07 | 01,078,552 | ---- | M] (AVG Technologies CZ, s.r.o.)
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> [2008/09/15 13:25:44 | 01,562,960 | RHS- | M] (Safer Networking Limited)
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> %SystemRoot%\system32\dla\tfswshx.dll [DriveLetterAccess] -> [2004/12/05 23:05:00 | 00,118,842 | ---- | M] (Sonic Solutions)
{7016B321-B597-33E6-8E5D-D45EF13BFD6F} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre6\bin\ssv.dll [Java(tm) Plug-In SSV Helper] -> [2008/12/15 12:33:07 | 00,320,920 | ---- | M] (Sun Microsystems, Inc.)
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> %CommonProgramFiles%\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2008/11/18 13:47:06 | 00,408,952 | ---- | M] (Microsoft Corporation)
{A057A204-BACC-4D26-9990-79A187E2698E} [HKLM] -> %ProgramFiles%\AVG\AVG8\avgtoolbar.dll [AVG Security Toolbar] -> [2009/01/30 17:28:10 | 01,968,920 | ---- | M] ([[[COMPANYNAME]]]----------------------------)
{ADEFE9B7-FEF0-464A-9D84-843E1FB5EA28} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> %ProgramFiles%\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [Google Toolbar Notifier BHO] -> [2008/10/20 17:31:07 | 00,652,784 | ---- | M] (Google Inc.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> %ProgramFiles%\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2008/12/15 12:33:03 | 00,034,816 | ---- | M] (Sun Microsystems, Inc.)
{E199CC4F-570E-401C-ADE0-05D2F59D71FA} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} [HKLM] -> %ProgramFiles%\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [JQSIEStartDetectorImpl Class] -> [2008/12/15 12:33:08 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.)
{ECA461A0-4981-4FD7-A303-35142719883E} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"{A057A204-BACC-4D26-9990-79A187E2698E}" [HKLM] -> %ProgramFiles%\AVG\AVG8\avgtoolbar.dll [AVG Security Toolbar] -> [2009/01/30 17:28:10 | 01,968,920 | ---- | M] ([[[COMPANYNAME]]]----------------------------)
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\"{A057A204-BACC-4D26-9990-79A187E2698E}" [HKLM] -> %ProgramFiles%\AVG\AVG8\avgtoolbar.dll [AVG Security Toolbar] -> [2009/01/30 17:28:10 | 01,968,920 | ---- | M] ([[[COMPANYNAME]]]----------------------------)
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2165201365-620848561-3186278047-1008\] > -> HKEY_USERS\S-1-5-21-2165201365-620848561-3186278047-1008\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\"{A057A204-BACC-4D26-9990-79A187E2698E}" [HKLM] -> %ProgramFiles%\AVG\AVG8\avgtoolbar.dll [AVG Security Toolbar] -> [2009/01/30 17:28:10 | 01,968,920 | ---- | M] ([[[COMPANYNAME]]]----------------------------)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"AVG8_TRAY" -> %ProgramFiles%\AVG\AVG8\avgtray.exe [C:\PROGRA~1\AVG\AVG8\avgtray.exe] -> [2009/01/30 17:27:47 | 01,601,304 | ---- | M] (AVG Technologies CZ, s.r.o.)
"Broadcom Wireless Manager UI" -> %SystemRoot%\system32\WLTRAY.EXE [C:\WINDOWS\system32\WLTRAY.exe] -> [2006/11/01 20:48:12 | 01,392,640 | ---- | M] (Dell Inc.)
"Dell QuickSet" -> %ProgramFiles%\Dell\QuickSet\quickset.exe [C:\Program Files\Dell\QuickSet\quickset.exe] -> [2005/03/04 09:26:08 | 00,606,208 | ---- | M] ()
"Dell Wireless Manager UI" -> %SystemRoot%\system32\WLTRAY.EXE [C:\WINDOWS\system32\WLTRAY] -> [2006/11/01 20:48:12 | 01,392,640 | ---- | M] (Dell Inc.)
"dla" -> %SystemRoot%\system32\dla\tfswctrl.exe [C:\WINDOWS\system32\dla\tfswctrl.exe] -> [2004/12/05 23:05:00 | 00,127,035 | ---- | M] (Sonic Solutions)
"DMXLauncher" -> %ProgramFiles%\Dell\Media Experience\DMXLauncher.exe [C:\Program Files\Dell\Media Experience\DMXLauncher.exe] -> [2005/01/26 23:02:00 | 00,086,016 | ---- | M] ()
"DVDLauncher" -> %ProgramFiles%\CyberLink\PowerDVD\DVDLauncher.exe ["C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"] -> [2005/02/23 14:19:56 | 00,053,248 | ---- | M] (CyberLink Corp.)
"igfxhkcmd" -> %SystemRoot%\system32\hkcmd.exe [C:\WINDOWS\system32\hkcmd.exe] -> [2005/10/14 14:46:34 | 00,077,824 | ---- | M] (Intel Corporation)
"igfxpers" -> %SystemRoot%\system32\igfxpers.exe [C:\WINDOWS\system32\igfxpers.exe] -> [2005/10/14 14:50:30 | 00,114,688 | ---- | M] (Intel Corporation)
"igfxtray" -> %SystemRoot%\system32\igfxtray.exe [C:\WINDOWS\system32\igfxtray.exe] -> [2005/10/14 14:49:46 | 00,094,208 | ---- | M] (Intel Corporation)
"ISUSPM Startup" -> %CommonProgramFiles%\InstallShield\UpdateService\ISUSPM.exe [C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup] -> [2004/07/27 14:50:42 | 00,221,184 | ---- | M] (InstallShield Software Corporation)
"ISUSScheduler" -> %CommonProgramFiles%\InstallShield\UpdateService\issch.exe ["C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start] -> [2004/07/27 14:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation)
"Lexmark X1100 Series" -> %ProgramFiles%\Lexmark X1100 Series\lxbkbmgr.exe ["C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"] -> [2003/08/19 09:43:48 | 00,057,344 | ---- | M] (Lexmark International, Inc.)
"PRONoMgrWired" -> %ProgramFiles%\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe [C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe] -> [2004/12/09 11:58:46 | 00,086,016 | ---- | M] (Intel(R) Corporation)
"QuickTime Task" -> %ProgramFiles%\QuickTime\qttask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> [2005/07/20 11:46:03 | 00,098,304 | ---- | M] (Apple Computer, Inc.)
"SunJavaUpdateSched" -> %ProgramFiles%\Java\jre6\bin\jusched.exe ["C:\Program Files\Java\jre6\bin\jusched.exe"] -> [2008/12/15 12:33:05 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.)
"SynTPEnh" -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] -> [2004/05/13 22:35:50 | 00,536,576 | ---- | M] (Synaptics, Inc.)
"SynTPLpr" -> %ProgramFiles%\Synaptics\SynTP\SynTPLpr.exe [C:\Program Files\Synaptics\SynTP\SynTPLpr.exe] -> [2004/05/13 08:23:56 | 00,098,304 | ---- | M] (Synaptics, Inc.)
"TkBellExe" -> %CommonProgramFiles%\Real\Update_OB\realsched.exe ["C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot] -> [2007/09/21 11:10:42 | 00,185,632 | ---- | M] (RealNetworks, Inc.)
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"CTSyncU.exe" -> %ProgramFiles%\Creative\Sync Manager Unicode\CTSyncU.exe ["C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"] -> [2006/09/28 19:09:14 | 00,700,416 | ---- | M] ()
"DellSupport" ->  ["C:\Program Files\DellSupport\DSAgnt.exe" /startup] -> File not found
"FreeRAM XP" -> %ProgramFiles%\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe ["C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win] -> [2006/03/22 23:13:46 | 01,591,808 | ---- | M] (YourWare Solutions (TM))
"SpybotSD TeaTimer" -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe [C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe] -> [2008/09/16 11:16:08 | 01,833,296 | RHS- | M] (Safer Networking Limited)
< Run [HKEY_USERS\S-1-5-21-2165201365-620848561-3186278047-1008\] > -> HKEY_USERS\S-1-5-21-2165201365-620848561-3186278047-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"CTSyncU.exe" -> %ProgramFiles%\Creative\Sync Manager Unicode\CTSyncU.exe ["C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"] -> [2006/09/28 19:09:14 | 00,700,416 | ---- | M] ()
"DellSupport" ->  ["C:\Program Files\DellSupport\DSAgnt.exe" /startup] -> File not found
"FreeRAM XP" -> %ProgramFiles%\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe ["C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win] -> [2006/03/22 23:13:46 | 01,591,808 | ---- | M] (YourWare Solutions (TM))
"SpybotSD TeaTimer" -> %ProgramFiles%\Spybot - Search & Destroy\TeaTimer.exe [C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe] -> [2008/09/16 11:16:08 | 01,833,296 | RHS- | M] (Safer Networking Limited)
< Administrator Startup Folder > -> C:\Documents and Settings\Administrator\Start Menu\Programs\Startup -> 
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 
%AllUsersProfile%\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> [2004/12/14 03:44:06 | 00,029,696 | ---- | M] (Adobe Systems Incorporated)
%AllUsersProfile%\Start Menu\Programs\Startup\Digital Line Detect.lnk -> %ProgramFiles%\Digital Line Detect\DLG.exe -> [2003/10/29 01:06:00 | 00,024,576 | ---- | M] (BVRP Software)
< Britney Ann Startup Folder > -> C:\Documents and Settings\Britney Ann\Start Menu\Programs\Startup -> 
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> 
< Jolleys Startup Folder > -> C:\Documents and Settings\Jolleys\Start Menu\Programs\Startup -> 
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"AllowLegacyWebView" ->  [1] -> File not found
\\"AllowUnhashedWebView" ->  [1] -> File not found
\\"NoCDBurning" ->  [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" ->  [0] -> File not found
\\"legalnoticecaption" ->  [] -> File not found
\\"legalnoticetext" ->  [] -> File not found
\\"shutdownwithoutlogon" ->  [1] -> File not found
\\"undockwithoutlogon" ->  [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2165201365-620848561-3186278047-1008] > -> HKEY_USERS\S-1-5-21-2165201365-620848561-3186278047-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-21-2165201365-620848561-3186278047-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [145] -> File not found
< Internet Explorer Menu Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\ -> 
E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000] -> [2008/10/13 11:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation)
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\ -> 
E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000] -> [2008/10/13 11:29:28 | 10,351,944 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Button: Research] -> [2007/04/19 13:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Menu: Spybot - Search & Destroy Configuration] -> [2008/09/15 13:25:44 | 01,562,960 | RHS- | M] (Safer Networking Limited)
{e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 11:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/13 17:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/13 17:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] ->  [Reg Error: Value  does not exist or could not be read.] -> File not found
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 17:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] ->  [Reg Error: Value  does not exist or could not be read.] -> File not found
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 17:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5253 domain(s) found. -> 
48 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5253 domain(s) found. -> 
48 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5253 domain(s) found. -> 
48 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-2165201365-620848561-3186278047-1008\] > -> HKEY_USERS\S-1-5-21-2165201365-620848561-3186278047-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-21-2165201365-620848561-3186278047-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2165201365-620848561-3186278047-1008\] > -> HKEY_USERS\S-1-5-21-2165201365-620848561-3186278047-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-21-2165201365-620848561-3186278047-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{406B5949-7190-4245-91A9-30A17DE16AD0} [HKLM] -> http://photos.walmart.com/WalmartActivia.cab [Snapfish Activia] -> 
{4F1E5B1A-2A80-42CA-8532-2D05CB959537} [HKLM] -> http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab [MSN Photo Upload Tool] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] -> 
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab [Reg Error: Key does not exist or could not be opened.] -> 
{B1E2B96C-12FE-45E2-BEF1-44A219113CDD} [HKLM] -> http://www.superadblocker.com/activex/sabspx.cab [SABScanProcesses Class] -> 
{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab [Java Plug-in 1.4.2_03] -> 
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab [Java Plug-in 1.6.0_03] -> 
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab [Java Plug-in 1.6.0_05] -> 
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab [Java Plug-in 1.6.0_07] -> 
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] -> 
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{EBACCB4A-B96D-4A1B-B7E4-3C1BA193C783} ->	(Intel(R) PRO/100 VE Network Connection) -> 
{FBFE8FFD-A980-4FD7-9866-4177C42DB4A7} ->	(Dell Wireless 1370 WLAN Mini-PCI Card) -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
!SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.dll -> [2008/07/23 15:28:18 | 00,352,256 | ---- | M] (SUPERAntiSpyware.com)
avgrsstarter -> %SystemRoot%\system32\avgrsstx.dll -> [2009/01/30 17:28:15 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.)
cbXNFvVN ->  -> File not found
igfxcui -> %SystemRoot%\system32\igfxdev.dll -> [2005/10/14 14:45:38 | 00,135,168 | ---- | M] (Intel Corporation)
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> 
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" [HKLM] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> [2008/05/13 09:13:36 | 00,077,824 | ---- | M] (SuperAdBlocker.com)
"{ADEFE9B7-FEF0-464A-9D84-843E1FB5EA28}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [] -> File not found
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> 
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 11:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 17:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
"C:\Program Files\America Online 9.0\waol.exe" -> C:\Program Files\America Online 9.0\waol.exe [C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0] -> File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL] -> File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL] -> File not found
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 11:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 17:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
"C:\Program Files\America Online 9.0\waol.exe" -> C:\Program Files\America Online 9.0\waol.exe [C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0] -> File not found
"C:\Program Files\AVG\AVG8\avgemc.exe" -> C:\Program Files\AVG\AVG8\avgemc.exe [C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe] -> [2009/01/30 17:27:52 | 00,903,960 | ---- | M] (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgupd.exe" -> C:\Program Files\AVG\AVG8\avgupd.exe [C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe] -> [2009/01/30 17:18:41 | 01,032,984 | ---- | M] (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Bonjour\mDNSResponder.exe" -> C:\Program Files\Bonjour\mDNSResponder.exe [C:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour] -> [2006/02/28 12:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.)
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL] -> File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL] -> File not found
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe" -> C:\Program Files\Grisoft\AVG7\avgamsvr.exe [C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe] -> File not found
"C:\Program Files\Grisoft\AVG7\avgcc.exe" -> C:\Program Files\Grisoft\AVG7\avgcc.exe [C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe] -> File not found
"C:\Program Files\Grisoft\AVG7\avginet.exe" -> C:\Program Files\Grisoft\AVG7\avginet.exe [C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe] -> File not found
"C:\Program Files\LimeWire\LimeWire.exe" -> C:\Program Files\LimeWire\LimeWire.exe [C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire] -> [2008/09/18 12:01:52 | 00,147,456 | ---- | M] (Lime Wire, LLC)
"C:\Program Files\Messenger\msmsgs.exe" -> C:\Program Files\Messenger\msmsgs.exe [C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger] -> [2008/04/13 17:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
"C:\Program Files\NovaLogic\Delta Force Land Warrior\Dflw.exe" -> C:\Program Files\NovaLogic\Delta Force Land Warrior\Dflw.exe [C:\Program Files\NovaLogic\Delta Force Land Warrior\Dflw.exe:*:Enabled:Dflw] -> File not found
"C:\Program Files\NovaLogic\Delta Force Land Warrior\Update.exe" -> C:\Program Files\NovaLogic\Delta Force Land Warrior\Update.exe [C:\Program Files\NovaLogic\Delta Force Land Warrior\Update.exe:*:Enabled:Update] -> File not found
"C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe" -> C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe [C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice] -> [2008/04/13 17:12:21 | 00,769,024 | ---- | M] (Microsoft Corporation)
"C:\WINDOWS\system32\LEXPPS.EXE" -> C:\WINDOWS\system32\LEXPPS.EXE [C:\WINDOWS\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE] -> [2003/08/18 09:32:56 | 00,174,592 | ---- | M] (Lexmark International, Inc.)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
"AlternateShell" -> cmd.exe -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> CD-ROM Driver -> 
"ImagePath" -> %SystemRoot%\system32\drivers\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2008/05/02 03:49:39 | 00,062,976 | ---- | M] (Microsoft Corporation)
< Drives with AutoRun files > ->  -> 
C:\AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [2004/08/10 11:04:08 | 00,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
 
 
[Files/Folders - Created Within 30 Days]
1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
Docs and settings.html -> %UserProfile%\Desktop\Docs and settings.html -> [2009/02/13 19:37:43 | 00,005,048 | ---- | C] ()
_OTScanIt -> %SystemDrive%\_OTScanIt -> [2009/02/13 12:48:00 | 00,000,000 | ---D | C]
gmer.ini -> %SystemRoot%\gmer.ini -> [2009/02/12 19:52:01 | 00,000,250 | ---- | C] ()
gmer.dll -> %SystemRoot%\gmer.dll -> [2009/02/12 19:51:58 | 00,884,736 | ---- | C] ()
gmer.exe -> %SystemRoot%\gmer.exe -> [2009/02/12 19:51:58 | 00,811,008 | ---- | C] ()
gmer.sys -> %SystemRoot%\System32\drivers\gmer.sys -> [2009/02/12 19:51:58 | 00,085,969 | ---- | C] (GMER)
gmer_uninstall.cmd -> %SystemRoot%\gmer_uninstall.cmd -> [2009/02/12 19:51:58 | 00,000,080 | ---- | C] ()
gmer -> %UserProfile%\Desktop\gmer -> [2009/02/12 19:50:31 | 00,000,000 | ---D | C]
gmer.zip -> %UserProfile%\Desktop\gmer.zip -> [2009/02/12 19:49:00 | 00,747,873 | ---- | C] ()
OTScanIt2 -> %UserProfile%\Desktop\OTScanIt2 -> [2009/02/12 19:30:35 | 00,000,000 | ---D | C]
OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2009/02/12 19:29:08 | 00,656,714 | ---- | C] ()
Computer functions like it has a virus but antivirus cant find one..url -> %UserProfile%\Desktop\Computer functions like it has a virus but antivirus cant find one..url -> [2009/02/12 19:23:48 | 00,006,460 | ---- | C] ()
AdobeUM -> %AppData%\AdobeUM -> [2009/02/11 18:33:59 | 00,000,000 | ---D | C]
Adobe -> %UserProfile%\Local Settings\Application Data\Adobe -> [2009/02/11 18:32:49 | 00,000,000 | ---D | C]
xrxwiadr.dll -> %SystemRoot%\System32\dllcache\xrxwiadr.dll -> [2009/02/11 17:59:30 | 00,116,224 | ---- | C] (Xerox)
xrxwbtmp.dll -> %SystemRoot%\System32\dllcache\xrxwbtmp.dll -> [2009/02/11 17:59:25 | 00,023,040 | ---- | C] (Xerox Corporation)
xrxscnui.dll -> %SystemRoot%\System32\dllcache\xrxscnui.dll -> [2009/02/11 17:59:24 | 00,018,944 | ---- | C] ()
xrxftplt.exe -> %SystemRoot%\System32\dllcache\xrxftplt.exe -> [2009/02/11 17:59:19 | 00,027,648 | ---- | C] ()
xrxflnch.exe -> %SystemRoot%\System32\dllcache\xrxflnch.exe -> [2009/02/11 17:59:14 | 00,004,608 | ---- | C] (Microsoft Corporation)
xlog.exe -> %SystemRoot%\System32\dllcache\xlog.exe -> [2009/02/11 17:59:07 | 00,099,865 | ---- | C] (Eicon Technology)
xjis.nls -> %SystemRoot%\System32\dllcache\xjis.nls -> [2009/02/11 17:59:07 | 00,028,288 | ---- | C] ()
xem336n5.sys -> %SystemRoot%\System32\dllcache\xem336n5.sys -> [2009/02/11 17:59:01 | 00,016,970 | ---- | C] (US Robotics MCD (Megahertz))
wstcodec.sys -> %SystemRoot%\System32\dllcache\wstcodec.sys -> [2009/02/11 17:58:54 | 00,019,200 | ---- | C] (Microsoft Corporation)
wshirda.dll -> %SystemRoot%\System32\dllcache\wshirda.dll -> [2009/02/11 17:58:50 | 00,008,192 | ---- | C] (Microsoft Corporation)
wmiacpi.sys -> %SystemRoot%\System32\dllcache\wmiacpi.sys -> [2009/02/11 17:58:19 | 00,008,832 | ---- | C] (Microsoft Corporation)
wlluc48.sys -> %SystemRoot%\System32\dllcache\wlluc48.sys -> [2009/02/11 17:58:10 | 00,154,624 | ---- | C] (Lucent Technologies)
wlandrv2.sys -> %SystemRoot%\System32\dllcache\wlandrv2.sys -> [2009/02/11 17:58:06 | 00,034,890 | ---- | C] (Raytheon Corp.)
winacisa.sys -> %SystemRoot%\System32\dllcache\winacisa.sys -> [2009/02/11 17:57:56 | 00,771,581 | ---- | C] (Rockwell)
wiamsmud.dll -> %SystemRoot%\System32\dllcache\wiamsmud.dll -> [2009/02/11 17:57:49 | 00,053,760 | ---- | C] (Microsoft Corporation)
weitekp9.dll -> %SystemRoot%\System32\dllcache\weitekp9.dll -> [2009/02/11 17:57:48 | 00,041,600 | ---- | C] (Microsoft Corporation)
weitekp9.sys -> %SystemRoot%\System32\dllcache\weitekp9.sys -> [2009/02/11 17:57:48 | 00,031,232 | ---- | C] (Microsoft Corporation)
wceusbsh.sys -> %SystemRoot%\System32\dllcache\wceusbsh.sys -> [2009/02/11 17:57:40 | 00,031,744 | ---- | C] (Microsoft Corporation)
wbfirdma.sys -> %SystemRoot%\System32\dllcache\wbfirdma.sys -> [2009/02/11 17:57:35 | 00,035,871 | ---- | C] (Winbond Electronics Corp.)
w940nd.sys -> %SystemRoot%\System32\dllcache\w940nd.sys -> [2009/02/11 17:57:18 | 00,016,925 | ---- | C] (Winbond Electronics Corporation)
w926nd.sys -> %SystemRoot%\System32\dllcache\w926nd.sys -> [2009/02/11 17:57:14 | 00,019,016 | ---- | C] (Winbond Electronics Corporation)
w840nd.sys -> %SystemRoot%\System32\dllcache\w840nd.sys -> [2009/02/11 17:57:10 | 00,019,528 | ---- | C] (Winbond Electronics Corporation)
w32.dll -> %SystemRoot%\System32\dllcache\w32.dll -> [2009/02/11 17:57:09 | 00,048,256 | ---- | C] (Microsoft Corporation)
vvoice.sys -> %SystemRoot%\System32\dllcache\vvoice.sys -> [2009/02/11 17:57:05 | 00,064,605 | ---- | C] (PCtel, Inc.)
vpctcom.sys -> %SystemRoot%\System32\dllcache\vpctcom.sys -> [2009/02/11 17:57:00 | 00,397,502 | ---- | C] (PCtel, Inc.)
vmodem.sys -> %SystemRoot%\System32\dllcache\vmodem.sys -> [2009/02/11 17:56:54 | 00,604,253 | ---- | C] (PCTEL, INC.)
vinwm.sys -> %SystemRoot%\System32\dllcache\vinwm.sys -> [2009/02/11 17:56:48 | 00,249,402 | ---- | C] (Xircom)
vfwwdm32.dll -> %SystemRoot%\System32\dllcache\vfwwdm32.dll -> [2009/02/11 17:56:41 | 00,053,760 | ---- | C] (Microsoft Corporation)
usrwdxjs.sys -> %SystemRoot%\System32\dllcache\usrwdxjs.sys -> [2009/02/11 17:56:35 | 00,687,999 | ---- | C] (U.S. Robotics Corporation)
usrti.sys -> %SystemRoot%\System32\dllcache\usrti.sys -> [2009/02/11 17:56:30 | 00,765,884 | ---- | C] (U.S. Robotics, Inc.)
usrpda.sys -> %SystemRoot%\System32\dllcache\usrpda.sys -> [2009/02/11 17:56:25 | 00,113,762 | ---- | C] (U.S. Robotics Corporation)
usroslba.sys -> %SystemRoot%\System32\dllcache\usroslba.sys -> [2009/02/11 17:56:20 | 00,007,556 | ---- | C] (U.S. Robotics Corporation)
usr1807a.sys -> %SystemRoot%\System32\dllcache\usr1807a.sys -> [2009/02/11 17:56:15 | 00,224,802 | ---- | C] (U.S. Robotics Corporation)
usr1806v.sys -> %SystemRoot%\System32\dllcache\usr1806v.sys -> [2009/02/11 17:56:10 | 00,794,399 | ---- | C] (U.S. Robotics, Inc.)
usr1806.sys -> %SystemRoot%\System32\dllcache\usr1806.sys -> [2009/02/11 17:56:06 | 00,793,598 | ---- | C] (U.S. Robotics, Inc.)
usr1801.sys -> %SystemRoot%\System32\dllcache\usr1801.sys -> [2009/02/11 17:56:01 | 00,794,654 | ---- | C] (U.S. Robotics, Inc.)
usbser.sys -> %SystemRoot%\System32\dllcache\usbser.sys -> [2009/02/11 17:55:58 | 00,026,112 | ---- | C] (Microsoft Corporation)
usbohci.sys -> %SystemRoot%\System32\dllcache\usbohci.sys -> [2009/02/11 17:55:57 | 00,017,152 | ---- | C] (Microsoft Corporation)
usb101et.sys -> %SystemRoot%\System32\dllcache\usb101et.sys -> [2009/02/11 17:55:54 | 00,032,384 | ---- | C] (KLSI USA, Inc.)
umaxud32.dll -> %SystemRoot%\System32\dllcache\umaxud32.dll -> [2009/02/11 17:55:47 | 00,094,720 | ---- | C] (Microsoft Corporation)
umaxu40.dll -> %SystemRoot%\System32\dllcache\umaxu40.dll -> [2009/02/11 17:55:43 | 00,028,160 | ---- | C] (Microsoft Corporation)
umaxu22.dll -> %SystemRoot%\System32\dllcache\umaxu22.dll -> [2009/02/11 17:55:38 | 00,026,624 | ---- | C] (Microsoft Corporation)
umaxu12.dll -> %SystemRoot%\System32\dllcache\umaxu12.dll -> [2009/02/11 17:55:34 | 00,069,632 | ---- | C] (Microsoft Corporation)
umaxscan.dll -> %SystemRoot%\System32\dllcache\umaxscan.dll -> [2009/02/11 17:55:30 | 00,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.)
umaxpcls.sys -> %SystemRoot%\System32\dllcache\umaxpcls.sys -> [2009/02/11 17:55:25 | 00,022,912 | ---- | C] (Microsoft Corporation)
umaxp60.dll -> %SystemRoot%\System32\dllcache\umaxp60.dll -> [2009/02/11 17:55:21 | 00,050,176 | ---- | C] (Microsoft Corporation)
umaxcam.dll -> %SystemRoot%\System32\dllcache\umaxcam.dll -> [2009/02/11 17:55:17 | 00,047,616 | ---- | C] (Microsoft Corporation)
um54scan.dll -> %SystemRoot%\System32\dllcache\um54scan.dll -> [2009/02/11 17:55:12 | 00,211,968 | ---- | C] (UMAX Data Systems Inc.)
um34scan.dll -> %SystemRoot%\System32\dllcache\um34scan.dll -> [2009/02/11 17:55:07 | 00,216,064 | ---- | C] (UMAX Data Systems Inc.)
tsprof.exe -> %SystemRoot%\System32\dllcache\tsprof.exe -> [2009/02/11 17:55:01 | 00,014,336 | ---- | C] (Microsoft Corporation)
tridxpm.sys -> %SystemRoot%\System32\dllcache\tridxpm.sys -> [2009/02/11 17:54:55 | 00,166,784 | ---- | C] (Trident Microsystems Inc.)
tridxp.dll -> %SystemRoot%\System32\dllcache\tridxp.dll -> [2009/02/11 17:54:51 | 00,525,568 | ---- | C] (Trident Microsystems Inc.)
tridkbm.sys -> %SystemRoot%\System32\dllcache\tridkbm.sys -> [2009/02/11 17:54:46 | 00,159,232 | ---- | C] (Trident Microsystems Inc.)
tridkb.dll -> %SystemRoot%\System32\dllcache\tridkb.dll -> [2009/02/11 17:54:42 | 00,440,576 | ---- | C] (Trident Microsystems Inc.)
trid3dm.sys -> %SystemRoot%\System32\dllcache\trid3dm.sys -> [2009/02/11 17:54:38 | 00,222,336 | ---- | C] (Trident Microsystems Inc.)
trid3d.dll -> %SystemRoot%\System32\dllcache\trid3d.dll -> [2009/02/11 17:54:33 | 00,315,520 | ---- | C] (Trident Microsystems Inc.)
tosdvd03.sys -> %SystemRoot%\System32\dllcache\tosdvd03.sys -> [2009/02/11 17:54:13 | 00,230,912 | ---- | C] (Toshiba Corporation)
tosdvd02.sys -> %SystemRoot%\System32\dllcache\tosdvd02.sys -> [2009/02/11 17:54:09 | 00,241,664 | ---- | C] (Toshiba Corporation)
tjisdn.sys -> %SystemRoot%\System32\dllcache\tjisdn.sys -> [2009/02/11 17:54:00 | 00,123,995 | ---- | C] (Tiger Jet Network)
thawbrkr.dll -> %SystemRoot%\System32\dllcache\thawbrkr.dll -> [2009/02/11 17:53:58 | 00,185,344 | ---- | C] (Microsoft Corporation)
tgiulnt5.sys -> %SystemRoot%\System32\dllcache\tgiulnt5.sys -> [2009/02/11 17:53:54 | 00,138,528 | ---- | C] (Trident Microsystems Inc.)
tgiul50.dll -> %SystemRoot%\System32\dllcache\tgiul50.dll -> [2009/02/11 17:53:50 | 00,081,408 | ---- | C] (Trident Microsystems Inc.)
tffsport.sys -> %SystemRoot%\System32\dllcache\tffsport.sys -> [2009/02/11 17:53:48 | 00,149,376 | ---- | C] (M-Systems)
tdspx.sys -> %SystemRoot%\System32\dllcache\tdspx.sys -> [2009/02/11 17:53:47 | 00,019,464 | ---- | C] (Microsoft Corporation)
tdkcd31.sys -> %SystemRoot%\System32\dllcache\tdkcd31.sys -> [2009/02/11 17:53:43 | 00,017,129 | ---- | C] (TDK Corporation)
tdk100b.sys -> %SystemRoot%\System32\dllcache\tdk100b.sys -> [2009/02/11 17:53:39 | 00,037,961 | ---- | C] (TDK Corporation)
tdipx.sys -> %SystemRoot%\System32\dllcache\tdipx.sys -> [2009/02/11 17:53:39 | 00,021,896 | ---- | C] (Microsoft Corporation)
tdasync.sys -> %SystemRoot%\System32\dllcache\tdasync.sys -> [2009/02/11 17:53:38 | 00,013,192 | ---- | C] (Microsoft Corporation)
tbatm155.sys -> %SystemRoot%\System32\dllcache\tbatm155.sys -> [2009/02/11 17:53:32 | 00,030,464 | ---- | C] (Toshiba Corporation)
tandqic.sys -> %SystemRoot%\System32\dllcache\tandqic.sys -> [2009/02/11 17:53:23 | 00,007,040 | ---- | C] (Microsoft Corporation)
t2r4mini.sys -> %SystemRoot%\System32\dllcache\t2r4mini.sys -> [2009/02/11 17:53:19 | 00,036,640 | ---- | C] (Number Nine Visual Technology Corp.)
t2r4disp.dll -> %SystemRoot%\System32\dllcache\t2r4disp.dll -> [2009/02/11 17:53:15 | 00,172,768 | ---- | C] (Number Nine Visual Technology)
sxports.dll -> %SystemRoot%\System32\dllcache\sxports.dll -> [2009/02/11 17:53:07 | 00,094,293 | ---- | C] (Perle Systems Ltd. )
sx.sys -> %SystemRoot%\System32\dllcache\sx.sys -> [2009/02/11 17:53:03 | 00,103,936 | ---- | C] (Perle Systems Ltd. )
swusbflt.sys -> %SystemRoot%\System32\dllcache\swusbflt.sys -> [2009/02/11 17:52:59 | 00,003,968 | ---- | C] (Microsoft Corporation)
swpidflt.dll -> %SystemRoot%\System32\dllcache\swpidflt.dll -> [2009/02/11 17:52:55 | 00,010,240 | ---- | C] (Microsoft Corporation)
swpdflt2.dll -> %SystemRoot%\System32\dllcache\swpdflt2.dll -> [2009/02/11 17:52:51 | 00,010,240 | ---- | C] (Microsoft Corporation)
sw_wheel.dll -> %SystemRoot%\System32\dllcache\sw_wheel.dll -> [2009/02/11 17:52:47 | 00,053,760 | ---- | C] (Microsoft Corporation)
sw_effct.dll -> %SystemRoot%\System32\dllcache\sw_effct.dll -> [2009/02/11 17:52:43 | 00,041,472 | ---- | C] (Microsoft Corporation)
streamip.sys -> %SystemRoot%\System32\dllcache\streamip.sys -> [2009/02/11 17:52:42 | 00,015,232 | ---- | C] (Microsoft Corporation)
stlnprop.dll -> %SystemRoot%\System32\dllcache\stlnprop.dll -> [2009/02/11 17:52:36 | 00,155,648 | ---- | C] (Stallion Technologies)
stlncoin.dll -> %SystemRoot%\System32\dllcache\stlncoin.dll -> [2009/02/11 17:52:32 | 00,053,248 | ---- | C] (Stallion Technologies)
stlnata.sys -> %SystemRoot%\System32\dllcache\stlnata.sys -> [2009/02/11 17:52:28 | 00,285,760 | ---- | C] (Stallion Technologies)
stcusb.sys -> %SystemRoot%\System32\dllcache\stcusb.sys -> [2009/02/11 17:52:23 | 00,016,896 | ---- | C] (SCM Microsystems, Inc.)
srwlnd5.sys -> %SystemRoot%\System32\dllcache\srwlnd5.sys -> [2009/02/11 17:52:17 | 00,048,736 | ---- | C] (3Com)
srusbusd.dll -> %SystemRoot%\System32\dllcache\srusbusd.dll -> [2009/02/11 17:52:12 | 00,101,376 | ---- | C] (Microsoft Corporation)
srusd.dll -> %SystemRoot%\System32\dllcache\srusd.dll -> [2009/02/11 17:52:12 | 00,099,328 | ---- | C] (Microsoft Corporation)
spxupchk.dll -> %SystemRoot%\System32\dllcache\spxupchk.dll -> [2009/02/11 17:52:06 | 00,024,660 | ---- | C] (Perle Systems Ltd.)
speed.sys -> %SystemRoot%\System32\dllcache\speed.sys -> [2009/02/11 17:52:00 | 00,061,824 | ---- | C] (Perle Systems Ltd.)
spdports.dll -> %SystemRoot%\System32\dllcache\spdports.dll -> [2009/02/11 17:51:56 | 00,106,584 | ---- | C] (Perle Systems Ltd.)
sonymc.sys -> %SystemRoot%\System32\dllcache\sonymc.sys -> [2009/02/11 17:51:35 | 00,009,600 | ---- | C] (Microsoft Corporation)
softkey.dll -> %SystemRoot%\System32\dllcache\softkey.dll -> [2009/02/11 17:51:34 | 00,143,422 | ---- | C] (Microsoft Corporation)
sonyait.sys -> %SystemRoot%\System32\dllcache\sonyait.sys -> [2009/02/11 17:51:34 | 00,007,552 | ---- | C] (Microsoft Corporation)
snyaitmc.sys -> %SystemRoot%\System32\dllcache\snyaitmc.sys -> [2009/02/11 17:51:30 | 00,007,040 | ---- | C] (Microsoft Corporation)
EXCH_snprfdll.dll -> %SystemRoot%\System32\dllcache\EXCH_snprfdll.dll -> [2009/02/11 17:51:29 | 00,007,168 | ---- | C] (Microsoft Corporation)
snmpstup.dll -> %SystemRoot%\System32\dllcache\snmpstup.dll -> [2009/02/11 17:51:28 | 00,010,240 | ---- | C] (Microsoft Corporation)
EXCH_smtpctrs.dll -> %SystemRoot%\System32\dllcache\EXCH_smtpctrs.dll -> [2009/02/11 17:51:25 | 00,012,288 | ---- | C] (Microsoft Corporation)
smimsgif.dll -> %SystemRoot%\System32\dllcache\smimsgif.dll -> [2009/02/11 17:51:25 | 00,005,632 | ---- | C] (Microsoft Corporation)
smiminib.sys -> %SystemRoot%\System32\dllcache\smiminib.sys -> [2009/02/11 17:51:21 | 00,058,368 | ---- | C] (Silicon Motion Inc.)
smierrsm.dll -> %SystemRoot%\System32\dllcache\smierrsm.dll -> [2009/02/11 17:51:20 | 00,015,872 | ---- | C] (Microsoft Corporation)
smierrsy.dll -> %SystemRoot%\System32\dllcache\smierrsy.dll -> [2009/02/11 17:51:20 | 00,005,632 | ---- | C] (Microsoft Corporation)
smidispb.dll -> %SystemRoot%\System32\dllcache\smidispb.dll -> [2009/02/11 17:51:16 | 00,147,200 | ---- | C] (Silicon Motion Inc.)
smcpwr2n.sys -> %SystemRoot%\System32\dllcache\smcpwr2n.sys -> [2009/02/11 17:51:12 | 00,025,034 | ---- | C] (SMC Networks, Inc.)
smcirda.sys -> %SystemRoot%\System32\dllcache\smcirda.sys -> [2009/02/11 17:51:08 | 00,035,913 | ---- | C] (SMC)
smc8000n.sys -> %SystemRoot%\System32\dllcache\smc8000n.sys -> [2009/02/11 17:51:04 | 00,024,576 | ---- | C] (SMC Networks, Inc.)
smbhc.sys -> %SystemRoot%\System32\dllcache\smbhc.sys -> [2009/02/11 17:51:00 | 00,006,784 | ---- | C] (Microsoft Corporation)
smbclass.sys -> %SystemRoot%\System32\dllcache\smbclass.sys -> [2009/02/11 17:50:58 | 00,006,912 | ---- | C] (Microsoft Corporation)
smb6w.dll -> %SystemRoot%\System32\dllcache\smb6w.dll -> [2009/02/11 17:50:57 | 00,031,744 | ---- | C] (Microsoft Corporation)
smbbatt.sys -> %SystemRoot%\System32\dllcache\smbbatt.sys -> [2009/02/11 17:50:57 | 00,016,000 | ---- | C] (Microsoft Corporation)
smb3w.dll -> %SystemRoot%\System32\dllcache\smb3w.dll -> [2009/02/11 17:50:53 | 00,045,568 | ---- | C] (Microsoft Corporation)
smb0w.dll -> %SystemRoot%\System32\dllcache\smb0w.dll -> [2009/02/11 17:50:49 | 00,033,792 | ---- | C] (Microsoft Corporation)
sma3w.dll -> %SystemRoot%\System32\dllcache\sma3w.dll -> [2009/02/11 17:50:49 | 00,031,744 | ---- | C] (Microsoft Corporation)
sma0w.dll -> %SystemRoot%\System32\dllcache\sma0w.dll -> [2009/02/11 17:50:45 | 00,028,672 | ---- | C] (Microsoft Corporation)
sm9aw.dll -> %SystemRoot%\System32\dllcache\sm9aw.dll -> [2009/02/11 17:50:44 | 00,038,912 | ---- | C] (Microsoft Corporation)
sm93w.dll -> %SystemRoot%\System32\dllcache\sm93w.dll -> [2009/02/11 17:50:44 | 00,026,624 | ---- | C] (Microsoft Corporation)
sm92w.dll -> %SystemRoot%\System32\dllcache\sm92w.dll -> [2009/02/11 17:50:44 | 00,026,624 | ---- | C] (Microsoft Corporation)
sm91w.dll -> %SystemRoot%\System32\dllcache\sm91w.dll -> [2009/02/11 17:50:40 | 00,028,160 | ---- | C] (Microsoft Corporation)
sm90w.dll -> %SystemRoot%\System32\dllcache\sm90w.dll -> [2009/02/11 17:50:40 | 00,026,112 | ---- | C] (Microsoft Corporation)
sm8dw.dll -> %SystemRoot%\System32\dllcache\sm8dw.dll -> [2009/02/11 17:50:40 | 00,026,112 | ---- | C] (Microsoft Corporation)
sm8cw.dll -> %SystemRoot%\System32\dllcache\sm8cw.dll -> [2009/02/11 17:50:39 | 00,029,184 | ---- | C] (Microsoft Corporation)
sm8aw.dll -> %SystemRoot%\System32\dllcache\sm8aw.dll -> [2009/02/11 17:50:39 | 00,026,112 | ---- | C] (Microsoft Corporation)
sm89w.dll -> %SystemRoot%\System32\dllcache\sm89w.dll -> [2009/02/11 17:50:39 | 00,026,112 | ---- | C] (Microsoft Corporation)
sm87w.dll -> %SystemRoot%\System32\dllcache\sm87w.dll -> [2009/02/11 17:50:38 | 00,030,208 | ---- | C] (Microsoft Corporation)
sm81w.dll -> %SystemRoot%\System32\dllcache\sm81w.dll -> [2009/02/11 17:50:38 | 00,030,208 | ---- | C] (Microsoft Corporation)
sm59w.dll -> %SystemRoot%\System32\dllcache\sm59w.dll -> [2009/02/11 17:50:38 | 00,025,088 | ---- | C] (Microsoft Corporation)
slip.sys -> %SystemRoot%\System32\dllcache\slip.sys -> [2009/02/11 17:50:36 | 00,011,136 | ---- | C] (Microsoft Corporation)
sla30nd5.sys -> %SystemRoot%\System32\dllcache\sla30nd5.sys -> [2009/02/11 17:50:34 | 00,063,547 | ---- | C] (Symbol Technologies)
skfpwin.sys -> %SystemRoot%\System32\dllcache\skfpwin.sys -> [2009/02/11 17:50:30 | 00,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.)
sk98xwin.sys -> %SystemRoot%\System32\dllcache\sk98xwin.sys -> [2009/02/11 17:50:26 | 00,094,698 | ---- | C] (SysKonnect GmbH.)
sisnic.sys -> %SystemRoot%\System32\dllcache\sisnic.sys -> [2009/02/11 17:50:17 | 00,032,768 | ---- | C] (SiS Corporation)
simptcp.dll -> %SystemRoot%\System32\dllcache\simptcp.dll -> [2009/02/11 17:49:53 | 00,018,944 | ---- | C] (Microsoft Corporation)
sgsmusb.sys -> %SystemRoot%\System32\dllcache\sgsmusb.sys -> [2009/02/11 17:49:45 | 00,161,568 | ---- | C] (Micro Systemation)
sgsmld.sys -> %SystemRoot%\System32\dllcache\sgsmld.sys -> [2009/02/11 17:49:41 | 00,018,400 | ---- | C] (Micro Systemation)
sgiulnt5.sys -> %SystemRoot%\System32\dllcache\sgiulnt5.sys -> [2009/02/11 17:49:37 | 00,098,080 | ---- | C] (Trident Microsystems Inc.)
sgiul50.dll -> %SystemRoot%\System32\dllcache\sgiul50.dll -> [2009/02/11 17:49:33 | 00,386,560 | ---- | C] (Trident Microsystems Inc.)
serscan.sys -> %SystemRoot%\System32\dllcache\serscan.sys -> [2009/02/11 17:49:22 | 00,006,784 | ---- | C] (Microsoft Corporation)
EXCH_seos.dll -> %SystemRoot%\System32\dllcache\EXCH_seos.dll -> [2009/02/11 17:49:18 | 00,026,112 | ---- | C] (Microsoft Corporation)
sermouse.sys -> %SystemRoot%\System32\dllcache\sermouse.sys -> [2009/02/11 17:49:18 | 00,017,664 | ---- | C] (Microsoft Corporation)
seaddsmc.sys -> %SystemRoot%\System32\dllcache\seaddsmc.sys -> [2009/02/11 17:49:13 | 00,006,912 | ---- | C] (Microsoft Corporation)
scsiscan.sys -> %SystemRoot%\System32\dllcache\scsiscan.sys -> [2009/02/11 17:49:11 | 00,011,520 | ---- | C] (Microsoft Corporation)
EXCH_scripto.dll -> %SystemRoot%\System32\dllcache\EXCH_scripto.dll -> [2009/02/11 17:49:07 | 00,057,856 | ---- | C] (Microsoft Corporation)
scsiprnt.sys -> %SystemRoot%\System32\dllcache\scsiprnt.sys -> [2009/02/11 17:49:07 | 00,011,648 | ---- | C] (Microsoft Corporation)
scr111.sys -> %SystemRoot%\System32\dllcache\scr111.sys -> [2009/02/11 17:49:03 | 00,017,280 | ---- | C] (SCM Microsystems)
scmstcs.sys -> %SystemRoot%\System32\dllcache\scmstcs.sys -> [2009/02/11 17:48:59 | 00,016,640 | ---- | C] (Microsoft Corporation)
sccmusbm.sys -> %SystemRoot%\System32\dllcache\sccmusbm.sys -> [2009/02/11 17:48:55 | 00,023,936 | ---- | C] (OMNIKEY AG)
sccmn50m.sys -> %SystemRoot%\System32\dllcache\sccmn50m.sys -> [2009/02/11 17:48:50 | 00,023,936 | ---- | C] (OMNIKEY AG)
sbp2port.sys -> %SystemRoot%\System32\dllcache\sbp2port.sys -> [2009/02/11 17:48:48 | 00,043,904 | ---- | C] (Microsoft Corporation)
s3sav4m.sys -> %SystemRoot%\System32\dllcache\s3sav4m.sys -> [2009/02/11 17:48:31 | 00,077,824 | ---- | C] (S3 Incorporated)
s3sav4.dll -> %SystemRoot%\System32\dllcache\s3sav4.dll -> [2009/02/11 17:48:28 | 00,198,400 | ---- | C] (S3 Incorporated)
s3sav3dm.sys -> %SystemRoot%\System32\dllcache\s3sav3dm.sys -> [2009/02/11 17:48:24 | 00,061,504 | ---- | C] (S3 Incorporated)
s3sav3d.dll -> %SystemRoot%\System32\dllcache\s3sav3d.dll -> [2009/02/11 17:48:20 | 00,179,264 | ---- | C] (S3 Incorporated)
s3mvirge.dll -> %SystemRoot%\System32\dllcache\s3mvirge.dll -> [2009/02/11 17:48:16 | 00,210,496 | ---- | C] (S3 Incorporated)
s3mtrio.dll -> %SystemRoot%\System32\dllcache\s3mtrio.dll -> [2009/02/11 17:48:12 | 00,062,496 | ---- | C] (S3 Incorporated)
s3mt3d.sys -> %SystemRoot%\System32\dllcache\s3mt3d.sys -> [2009/02/11 17:48:09 | 00,041,216 | ---- | C] (S3 Incorporated)
s3mt3d.dll -> %SystemRoot%\System32\dllcache\s3mt3d.dll -> [2009/02/11 17:48:05 | 00,182,272 | ---- | C] (S3 Incorporated)
s3m.sys -> %SystemRoot%\System32\dllcache\s3m.sys -> [2009/02/11 17:48:01 | 00,166,720 | ---- | C] (S3 Incorporated)
s3legacy.sys -> %SystemRoot%\System32\dllcache\s3legacy.sys -> [2009/02/11 17:47:57 | 00,065,664 | ---- | C] (Microsoft Corporation)
rwia450.dll -> %SystemRoot%\System32\dllcache\rwia450.dll -> [2009/02/11 17:47:53 | 00,082,432 | ---- | C] (Ricoh Co., Ltd.)
rwia430.dll -> %SystemRoot%\System32\dllcache\rwia430.dll -> [2009/02/11 17:47:50 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.)
rwia330.dll -> %SystemRoot%\System32\dllcache\rwia330.dll -> [2009/02/11 17:47:49 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.)
rwia001.dll -> %SystemRoot%\System32\dllcache\rwia001.dll -> [2009/02/11 17:47:49 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.)
rw450ext.dll -> %SystemRoot%\System32\dllcache\rw450ext.dll -> [2009/02/11 17:47:48 | 00,029,696 | ---- | C] (Ricoh Co., Ltd.)
rw430ext.dll -> %SystemRoot%\System32\dllcache\rw430ext.dll -> [2009/02/11 17:47:47 | 00,027,648 | ---- | C] (Ricoh Co., Ltd.)
rtl8139.sys -> %SystemRoot%\System32\dllcache\rtl8139.sys -> [2009/02/11 17:47:44 | 00,020,992 | ---- | C] (Realtek Semiconductor Corporation)
rtl8029.sys -> %SystemRoot%\System32\dllcache\rtl8029.sys -> [2009/02/11 17:47:40 | 00,019,017 | ---- | C] (Realtek Semiconductor Corporation)
rsmgrstr.dll -> %SystemRoot%\System32\dllcache\rsmgrstr.dll -> [2009/02/11 17:47:31 | 00,009,216 | ---- | C] (Brother Industries, Ltd.)
rocket.sys -> %SystemRoot%\System32\dllcache\rocket.sys -> [2009/02/11 17:47:24 | 00,079,104 | ---- | C] (Comtrol Corporation)
rlnet5.sys -> %SystemRoot%\System32\dllcache\rlnet5.sys -> [2009/02/11 17:47:19 | 00,037,563 | ---- | C] (RadioLAN)
reslog32.dll -> %SystemRoot%\System32\dllcache\reslog32.dll -> [2009/02/11 17:47:15 | 00,086,097 | ---- | C] (Xircom)
EXCH_regtrace.exe -> %SystemRoot%\System32\dllcache\EXCH_regtrace.exe -> [2009/02/11 17:47:13 | 00,023,040 | ---- | C] (Microsoft Corporation)
register.exe -> %SystemRoot%\System32\dllcache\register.exe -> [2009/02/11 17:47:13 | 00,014,848 | ---- | C] (Microsoft Corporation)
rasirda.sys -> %SystemRoot%\System32\dllcache\rasirda.sys -> [2009/02/11 17:47:04 | 00,019,584 | ---- | C] (Microsoft Corporation)
r2mdmkxx.sys -> %SystemRoot%\System32\dllcache\r2mdmkxx.sys -> [2009/02/11 17:46:59 | 00,714,762 | ---- | C] (Xircom, Inc.)
r2mdkxga.sys -> %SystemRoot%\System32\dllcache\r2mdkxga.sys -> [2009/02/11 17:46:55 | 00,899,146 | ---- | C] (Xircom, Inc.)
qvusd.dll -> %SystemRoot%\System32\dllcache\qvusd.dll -> [2009/02/11 17:46:51 | 00,041,472 | ---- | C] (Microsoft Corporation)
qv2kux.sys -> %SystemRoot%\System32\dllcache\qv2kux.sys -> [2009/02/11 17:46:47 | 00,003,328 | ---- | C] (Microsoft Corporation)
quser.exe -> %SystemRoot%\System32\dllcache\quser.exe -> [2009/02/11 17:46:46 | 00,016,384 | ---- | C] (Microsoft Corporation)
query.exe -> %SystemRoot%\System32\dllcache\query.exe -> [2009/02/11 17:46:45 | 00,009,728 | ---- | C] (Microsoft Corporation)
qic157.sys -> %SystemRoot%\System32\dllcache\qic157.sys -> [2009/02/11 17:46:41 | 00,006,016 | ---- | C] (Microsoft Corporation)
ptserlv.sys -> %SystemRoot%\System32\dllcache\ptserlv.sys -> [2009/02/11 17:46:34 | 00,130,942 | ---- | C] (PCTEL, INC.)
ptserlp.sys -> %SystemRoot%\System32\dllcache\ptserlp.sys -> [2009/02/11 17:46:27 | 00,112,574 | ---- | C] (PCTEL, INC.)
ptserli.sys -> %SystemRoot%\System32\dllcache\ptserli.sys -> [2009/02/11 17:46:22 | 00,128,286 | ---- | C] (PCTEL, INC.)
ptpusd.dll -> %SystemRoot%\System32\dllcache\ptpusd.dll -> [2009/02/11 17:46:20 | 00,159,232 | ---- | C] (Microsoft Corporation)
ptpusb.dll -> %SystemRoot%\System32\dllcache\ptpusb.dll -> [2009/02/11 17:46:16 | 00,005,632 | ---- | C] (Microsoft Corporation)
psisrndr.ax -> %SystemRoot%\System32\dllcache\psisrndr.ax -> [2009/02/11 17:46:14 | 00,033,280 | ---- | C] ()
psisload.dll -> %SystemRoot%\System32\dllcache\psisload.dll -> [2009/02/11 17:46:10 | 00,035,328 | ---- | C] (Microsoft Corporation)
psisdecd.dll -> %SystemRoot%\System32\dllcache\psisdecd.dll -> [2009/02/11 17:46:09 | 00,363,520 | ---- | C] ()
pscr.sys -> %SystemRoot%\System32\dllcache\pscr.sys -> [2009/02/11 17:46:05 | 00,016,128 | ---- | C] (SCM Microsystems, Inc.)
prcp.nls -> %SystemRoot%\System32\dllcache\prcp.nls -> [2009/02/11 17:46:03 | 00,083,748 | ---- | C] ()
prc.nls -> %SystemRoot%\System32\dllcache\prc.nls -> [2009/02/11 17:46:03 | 00,083,748 | ---- | C] ()
ppa3.sys -> %SystemRoot%\System32\dllcache\ppa3.sys -> [2009/02/11 17:46:02 | 00,017,664 | ---- | C] (Microsoft Corporation)
ppa.sys -> %SystemRoot%\System32\dllcache\ppa.sys -> [2009/02/11 17:45:58 | 00,017,792 | ---- | C] (Microsoft Corporation)
powerfil.sys -> %SystemRoot%\System32\dllcache\powerfil.sys -> [2009/02/11 17:45:57 | 00,008,832 | ---- | C] (Microsoft Corporation)
pmxviceo.dll -> %SystemRoot%\System32\dllcache\pmxviceo.dll -> [2009/02/11 17:45:52 | 00,131,584 | ---- | C] (Microsoft Corporation)
pnrmc.sys -> %SystemRoot%\System32\dllcache\pnrmc.sys -> [2009/02/11 17:45:52 | 00,007,168 | ---- | C] (Microsoft Corporation)
pmxmcro.dll -> %SystemRoot%\System32\dllcache\pmxmcro.dll -> [2009/02/11 17:45:51 | 00,011,264 | ---- | C] (Microsoft Corporation)
pmxgl.dll -> %SystemRoot%\System32\dllcache\pmxgl.dll -> [2009/02/11 17:45:51 | 00,006,144 | ---- | C] (Microsoft Corporation)
phvfwext.dll -> %SystemRoot%\System32\dllcache\phvfwext.dll -> [2009/02/11 17:45:43 | 00,121,344 | ---- | C] (Microsoft Corporation)
philtune.sys -> %SystemRoot%\System32\dllcache\philtune.sys -> [2009/02/11 17:45:39 | 00,019,840 | ---- | C] (Microsoft Corporation)
phildec.sys -> %SystemRoot%\System32\dllcache\phildec.sys -> [2009/02/11 17:45:35 | 00,092,416 | ---- | C] (Microsoft Corporation)
philcam2.sys -> %SystemRoot%\System32\dllcache\philcam2.sys -> [2009/02/11 17:45:31 | 00,173,696 | ---- | C] (Microsoft Corporation)
philcam1.sys -> %SystemRoot%\System32\dllcache\philcam1.sys -> [2009/02/11 17:45:27 | 00,075,776 | ---- | C] (Microsoft Corporation)
philcam1.dll -> %SystemRoot%\System32\dllcache\philcam1.dll -> [2009/02/11 17:45:23 | 00,016,384 | ---- | C] (Microsoft Corporation)
phdsext.ax -> %SystemRoot%\System32\dllcache\phdsext.ax -> [2009/02/11 17:45:19 | 00,105,984 | ---- | C] (Microsoft Corporation)
perm3dd.dll -> %SystemRoot%\System32\dllcache\perm3dd.dll -> [2009/02/11 17:45:18 | 00,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.)
perm3.sys -> %SystemRoot%\System32\dllcache\perm3.sys -> [2009/02/11 17:45:16 | 00,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.)
perm2dll.dll -> %SystemRoot%\System32\dllcache\perm2dll.dll -> [2009/02/11 17:45:15 | 00,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.)
perm2.sys -> %SystemRoot%\System32\dllcache\perm2.sys -> [2009/02/11 17:45:13 | 00,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.)
pcx500.sys -> %SystemRoot%\System32\dllcache\pcx500.sys -> [2009/02/11 17:45:08 | 00,169,984 | ---- | C] (Cisco Systems)
pctspk.exe -> %SystemRoot%\System32\dllcache\pctspk.exe -> [2009/02/11 17:45:04 | 00,086,016 | ---- | C] (PCtel, Inc.)
pcntpci5.sys -> %SystemRoot%\System32\dllcache\pcntpci5.sys -> [2009/02/11 17:44:59 | 00,035,328 | ---- | C] (AMD Inc.)
pcntn5m.sys -> %SystemRoot%\System32\dllcache\pcntn5m.sys -> [2009/02/11 17:44:55 | 00,029,769 | ---- | C] (AMD Inc.)
pcntn5hl.sys -> %SystemRoot%\System32\dllcache\pcntn5hl.sys -> [2009/02/11 17:44:51 | 00,030,282 | ---- | C] (AMD Inc.)
pcmlm56.sys -> %SystemRoot%\System32\dllcache\pcmlm56.sys -> [2009/02/11 17:44:47 | 00,026,153 | ---- | C] (Linksys)
pca200e.sys -> %SystemRoot%\System32\dllcache\pca200e.sys -> [2009/02/11 17:44:46 | 00,029,502 | ---- | C] (Marconi Communications, Inc.)
pc100nds.sys -> %SystemRoot%\System32\dllcache\pc100nds.sys -> [2009/02/11 17:44:42 | 00,030,495 | ---- | C] (Linksys)
padrs411.dll -> %SystemRoot%\System32\dllcache\padrs411.dll -> [2009/02/11 17:44:40 | 00,036,927 | ---- | C] (Microsoft Corporation)
padrs412.dll -> %SystemRoot%\System32\dllcache\padrs412.dll -> [2009/02/11 17:44:40 | 00,014,336 | ---- | C] (Microsoft Corporation)
ovui2rc.dll -> %SystemRoot%\System32\dllcache\ovui2rc.dll -> [2009/02/11 17:44:34 | 00,041,984 | ---- | C] (Microsoft Corporation)
ovui2.dll -> %SystemRoot%\System32\dllcache\ovui2.dll -> [2009/02/11 17:44:30 | 00,044,544 | ---- | C] (Microsoft Corporation)
ovsound2.sys -> %SystemRoot%\System32\dllcache\ovsound2.sys -> [2009/02/11 17:44:27 | 00,025,216 | ---- | C] (Microsoft Corporation)
ovcoms.exe -> %SystemRoot%\System32\dllcache\ovcoms.exe -> [2009/02/11 17:44:23 | 00,039,424 | ---- | C] (Microsoft Corporation)
ovcomc.dll -> %SystemRoot%\System32\dllcache\ovcomc.dll -> [2009/02/11 17:44:19 | 00,020,480 | ---- | C] (Microsoft Corporation)
ovcodek2.sys -> %SystemRoot%\System32\dllcache\ovcodek2.sys -> [2009/02/11 17:44:16 | 00,351,616 | ---- | C] (Microsoft Corporation)
ovcodec2.dll -> %SystemRoot%\System32\dllcache\ovcodec2.dll -> [2009/02/11 17:44:12 | 00,116,736 | ---- | C] (Microsoft Corporation)
ovce.sys -> %SystemRoot%\System32\dllcache\ovce.sys -> [2009/02/11 17:44:08 | 00,031,872 | ---- | C] (Microsoft Corporation)
ovcd.sys -> %SystemRoot%\System32\dllcache\ovcd.sys -> [2009/02/11 17:44:04 | 00,028,032 | ---- | C] (Microsoft Corporation)
ovcam2.sys -> %SystemRoot%\System32\dllcache\ovcam2.sys -> [2009/02/11 17:44:01 | 00,048,000 | ---- | C] (Microsoft Corporation)
ovca.sys -> %SystemRoot%\System32\dllcache\ovca.sys -> [2009/02/11 17:43:57 | 00,025,088 | ---- | C] (Microsoft Corporation)
otcsercb.sys -> %SystemRoot%\System32\dllcache\otcsercb.sys -> [2009/02/11 17:43:53 | 00,054,186 | ---- | C] (Ositech Communications, Inc.)
otceth5.sys -> %SystemRoot%\System32\dllcache\otceth5.sys -> [2009/02/11 17:43:50 | 00,043,689 | ---- | C] (Ositech Communications, Inc.)
otc06x5.sys -> %SystemRoot%\System32\dllcache\otc06x5.sys -> [2009/02/11 17:43:46 | 00,027,209 | ---- | C] (Ositech Communications, Inc.)
opl3sax.sys -> %SystemRoot%\System32\dllcache\opl3sax.sys -> [2009/02/11 17:43:41 | 00,054,528 | ---- | C] (Yamaha Corp.)
ohci1394.sys -> %SystemRoot%\System32\dllcache\ohci1394.sys -> [2009/02/11 17:43:36 | 00,061,696 | ---- | C] (Microsoft Corporation)
ntgrip.sys -> %SystemRoot%\System32\dllcache\ntgrip.sys -> [2009/02/11 17:43:14 | 00,051,552 | ---- | C] (Kensington Technology Group)
EXCH_ntfsdrv.dll -> %SystemRoot%\System32\dllcache\EXCH_ntfsdrv.dll -> [2009/02/11 17:43:13 | 00,038,912 | ---- | C] (Microsoft Corporation)
ntapm.sys -> %SystemRoot%\System32\dllcache\ntapm.sys -> [2009/02/11 17:43:09 | 00,009,344 | ---- | C] (Microsoft Corporation)
nsmmc.sys -> %SystemRoot%\System32\dllcache\nsmmc.sys -> [2009/02/11 17:43:06 | 00,007,552 | ---- | C] (Microsoft Corporation)
nm6wdm.sys -> %SystemRoot%\System32\dllcache\nm6wdm.sys -> [2009/02/11 17:42:59 | 00,087,040 | ---- | C] (NeoMagic Corporation)
nm5a2wdm.sys -> %SystemRoot%\System32\dllcache\nm5a2wdm.sys -> [2009/02/11 17:42:55 | 00,126,080 | ---- | C] (NeoMagic Corporation)
ngrpci.sys -> %SystemRoot%\System32\dllcache\ngrpci.sys -> [2009/02/11 17:42:50 | 00,032,840 | ---- | C] (NETGEAR Corporation.)
netwlan5.sys -> %SystemRoot%\System32\dllcache\netwlan5.sys -> [2009/02/11 17:42:49 | 00,132,695 | ---- | C] (802.11b)
netflx3.sys -> %SystemRoot%\System32\dllcache\netflx3.sys -> [2009/02/11 17:42:43 | 00,065,278 | ---- | C] (Compaq Computer Corporation)
neo20xx.sys -> %SystemRoot%\System32\dllcache\neo20xx.sys -> [2009/02/11 17:42:38 | 00,039,264 | ---- | C] (NeoMagic Corporation)
neo20xx.dll -> %SystemRoot%\System32\dllcache\neo20xx.dll -> [2009/02/11 17:42:34 | 00,060,480 | ---- | C] (NeoMagic Corporation)
ne2000.sys -> %SystemRoot%\System32\dllcache\ne2000.sys -> [2009/02/11 17:42:31 | 00,015,872 | ---- | C] (Microsoft Corporation)
ndisip.sys -> %SystemRoot%\System32\dllcache\ndisip.sys -> [2009/02/11 17:42:29 | 00,010,880 | ---- | C] (Microsoft Corporation)
nabtsfec.sys -> %SystemRoot%\System32\dllcache\nabtsfec.sys -> [2009/02/11 17:42:27 | 00,085,248 | ---- | C] (Microsoft Corporation)
n9i3disp.dll -> %SystemRoot%\System32\dllcache\n9i3disp.dll -> [2009/02/11 17:42:23 | 00,091,488 | ---- | C] (Number Nine Visual Technology Corp.)
n9i3d.sys -> %SystemRoot%\System32\dllcache\n9i3d.sys -> [2009/02/11 17:42:19 | 00,027,936 | ---- | C] (Number Nine Visual Technology Corp.)
n9i128v2.sys -> %SystemRoot%\System32\dllcache\n9i128v2.sys -> [2009/02/11 17:42:16 | 00,033,088 | ---- | C] (Number Nine Visual Technology Corp.)
n9i128v2.dll -> %SystemRoot%\System32\dllcache\n9i128v2.dll -> [2009/02/11 17:42:12 | 00,059,104 | ---- | C] (Number Nine Visual Technology Corp.)
n9i128.sys -> %SystemRoot%\System32\dllcache\n9i128.sys -> [2009/02/11 17:42:09 | 00,013,664 | ---- | C] (Number Nine Visual Technology Corp.)
n9i128.dll -> %SystemRoot%\System32\dllcache\n9i128.dll -> [2009/02/11 17:42:05 | 00,035,392 | ---- | C] (Number Nine Visual Technology Corp.)
n100325.sys -> %SystemRoot%\System32\dllcache\n100325.sys -> [2009/02/11 17:42:02 | 00,128,000 | ---- | C] (Compaq Computer Corporation)
n1000nt5.sys -> %SystemRoot%\System32\dllcache\n1000nt5.sys -> [2009/02/11 17:41:58 | 00,052,255 | ---- | C] (Compaq Computer Corporation)
mxport.sys -> %SystemRoot%\System32\dllcache\mxport.sys -> [2009/02/11 17:41:55 | 00,075,520 | ---- | C] (Moxa Technologies Co., Ltd.)
mxport.dll -> %SystemRoot%\System32\dllcache\mxport.dll -> [2009/02/11 17:41:51 | 00,007,168 | ---- | C] (Moxa Technologies Co., Ltd)
mxnic.sys -> %SystemRoot%\System32\dllcache\mxnic.sys -> [2009/02/11 17:41:47 | 00,019,968 | ---- | C] (Macronix International Co., Ltd.											   )
mxicfg.dll -> %SystemRoot%\System32\dllcache\mxicfg.dll -> [2009/02/11 17:41:44 | 00,019,968 | ---- | C] (Moxa Technologies Co., Ltd)
multibox.dll -> %SystemRoot%\System32\dllcache\multibox.dll -> [2009/02/11 17:41:40 | 00,229,439 | ---- | C] (Microsoft Corporation)
mxcard.sys -> %SystemRoot%\System32\dllcache\mxcard.sys -> [2009/02/11 17:41:40 | 00,021,888 | ---- | C] (Moxa Technologies Co., Ltd.)
mtxvideo.sys -> %SystemRoot%\System32\dllcache\mtxvideo.sys -> [2009/02/11 17:41:36 | 00,103,296 | ---- | C] (Matrox Graphics Inc)
mstee.sys -> %SystemRoot%\System32\dllcache\mstee.sys -> [2009/02/11 17:41:25 | 00,005,504 | ---- | C] (Microsoft Corporation)
mstape.sys -> %SystemRoot%\System32\dllcache\mstape.sys -> [2009/02/11 17:41:24 | 00,049,024 | ---- | C] (Microsoft Corporation)
msriffwv.sys -> %SystemRoot%\System32\dllcache\msriffwv.sys -> [2009/02/11 17:41:18 | 00,012,416 | ---- | C] (Microsoft Corporation)
msmpu401.sys -> %SystemRoot%\System32\dllcache\msmpu401.sys -> [2009/02/11 17:41:09 | 00,002,944 | ---- | C] (Microsoft Corporation)
msir3jp.lex -> %SystemRoot%\System32\dllcache\msir3jp.lex -> [2009/02/11 17:41:06 | 01,875,968 | ---- | C] (Microsoft Corporation)
msircomm.sys -> %SystemRoot%\System32\dllcache\msircomm.sys -> [2009/02/11 17:41:06 | 00,022,016 | ---- | C] (Microsoft Corporation)
msir3jp.dll -> %SystemRoot%\System32\dllcache\msir3jp.dll -> [2009/02/11 17:41:05 | 00,098,304 | ---- | C] (Microsoft Corporation)
msgame.sys -> %SystemRoot%\System32\dllcache\msgame.sys -> [2009/02/11 17:40:55 | 00,035,200 | ---- | C] (Microsoft Corporation)
msfsio.sys -> %SystemRoot%\System32\dllcache\msfsio.sys -> [2009/02/11 17:40:51 | 00,006,016 | ---- | C] (Microsoft Corporation)
msdvbnp.ax -> %SystemRoot%\System32\dllcache\msdvbnp.ax -> [2009/02/11 17:40:50 | 00,056,832 | ---- | C] ()
msdv.sys -> %SystemRoot%\System32\dllcache\msdv.sys -> [2009/02/11 17:40:49 | 00,051,200 | ---- | C] (Microsoft Corporation)
mpe.sys -> %SystemRoot%\System32\dllcache\mpe.sys -> [2009/02/11 17:40:42 | 00,015,232 | ---- | C] (Microsoft Corporation)
modemcsa.sys -> %SystemRoot%\System32\dllcache\modemcsa.sys -> [2009/02/11 17:40:36 | 00,016,128 | ---- | C] (Microsoft Corporation)
miniqic.sys -> %SystemRoot%\System32\dllcache\miniqic.sys -> [2009/02/11 17:40:27 | 00,006,528 | ---- | C] (Microsoft Corporation)
migisol.exe -> %SystemRoot%\System32\dllcache\migisol.exe -> [2009/02/11 17:40:24 | 00,034,304 | ---- | C] (Microsoft Corporation)
mga.sys -> %SystemRoot%\System32\dllcache\mga.sys -> [2009/02/11 17:40:16 | 00,092,416 | ---- | C] (Microsoft Corporation)
mga.dll -> %SystemRoot%\System32\dllcache\mga.dll -> [2009/02/11 17:40:16 | 00,092,032 | ---- | C] (Microsoft Corporation)
memgrp.dll -> %SystemRoot%\System32\dllcache\memgrp.dll -> [2009/02/11 17:40:11 | 00,047,616 | ---- | C] (Microsoft Corporation)
memcard.sys -> %SystemRoot%\System32\dllcache\memcard.sys -> [2009/02/11 17:40:08 | 00,008,320 | ---- | C] (Microsoft Corporation)
mdgndis5.sys -> %SystemRoot%\System32\dllcache\mdgndis5.sys -> [2009/02/11 17:40:04 | 00,164,586 | ---- | C] (Madge Networks Ltd)
mammoth.sys -> %SystemRoot%\System32\dllcache\mammoth.sys -> [2009/02/11 17:39:58 | 00,007,424 | ---- | C] (Microsoft Corporation)
EXCH_mailmsg.dll -> %SystemRoot%\System32\dllcache\EXCH_mailmsg.dll -> [2009/02/11 17:39:57 | 00,065,536 | ---- | C] (Microsoft Corporation)
m3092dc.dll -> %SystemRoot%\System32\dllcache\m3092dc.dll -> [2009/02/11 17:39:50 | 00,058,880 | ---- | C] (Microsoft Corporation)
m3091dc.dll -> %SystemRoot%\System32\dllcache\m3091dc.dll -> [2009/02/11 17:39:47 | 00,058,368 | ---- | C] (Microsoft Corporation)
ltsmt.sys -> %SystemRoot%\System32\dllcache\ltsmt.sys -> [2009/02/11 17:39:39 | 00,797,500 | ---- | C] (LT)
ltsm.sys -> %SystemRoot%\System32\dllcache\ltsm.sys -> [2009/02/11 17:39:36 | 00,802,683 | ---- | C] (Lucent Technologies)
ltotape.sys -> %SystemRoot%\System32\dllcache\ltotape.sys -> [2009/02/11 17:39:35 | 00,007,040 | ---- | C] (Microsoft Corporation)
ltmdmntt.sys -> %SystemRoot%\System32\dllcache\ltmdmntt.sys -> [2009/02/11 17:39:34 | 00,420,992 | ---- | C] (LT)
ltmdmntl.sys -> %SystemRoot%\System32\dllcache\ltmdmntl.sys -> [2009/02/11 17:39:31 | 00,576,746 | ---- | C] (LT)
ltmdmnt.sys -> %SystemRoot%\System32\dllcache\ltmdmnt.sys -> [2009/02/11 17:39:30 | 00,606,684 | ---- | C] (LT)
ltck000c.sys -> %SystemRoot%\System32\dllcache\ltck000c.sys -> [2009/02/11 17:39:27 | 00,727,786 | ---- | C] (Xircom, Inc.)
loop.sys -> %SystemRoot%\System32\dllcache\loop.sys -> [2009/02/11 17:39:23 | 00,004,992 | ---- | C] (Microsoft Corporation)
lne100tx.sys -> %SystemRoot%\System32\dllcache\lne100tx.sys -> [2009/02/11 17:39:17 | 00,070,730 | ---- | C] (Linksys Group, Inc.)
lne100.sys -> %SystemRoot%\System32\dllcache\lne100.sys -> [2009/02/11 17:39:14 | 00,020,573 | ---- | C] (The Linksts Group )
lmndis3.sys -> %SystemRoot%\System32\dllcache\lmndis3.sys -> [2009/02/11 17:39:11 | 00,025,065 | ---- | C] (D-Link)
lit220p.sys -> %SystemRoot%\System32\dllcache\lit220p.sys -> [2009/02/11 17:39:07 | 00,015,744 | ---- | C] (Litronic Industries)
lbrtfdc.sys -> %SystemRoot%\System32\dllcache\lbrtfdc.sys -> [2009/02/11 17:39:06 | 00,034,688 | ---- | C] (Toshiba Corp.)
lanepic5.sys -> %SystemRoot%\System32\dllcache\lanepic5.sys -> [2009/02/11 17:39:02 | 00,026,442 | ---- | C] (SMSC)
ksxbar.ax -> %SystemRoot%\System32\dllcache\ksxbar.ax -> [2009/02/11 17:38:59 | 00,043,008 | ---- | C] (Microsoft Corporation)
ktc111.sys -> %SystemRoot%\System32\dllcache\ktc111.sys -> [2009/02/11 17:38:59 | 00,019,016 | ---- | C] (Kingston Technology Company															 )
kswdmcap.ax -> %SystemRoot%\System32\dllcache\kswdmcap.ax -> [2009/02/11 17:38:58 | 00,091,136 | ---- | C] (Microsoft Corporation)
kstvtune.ax -> %SystemRoot%\System32\dllcache\kstvtune.ax -> [2009/02/11 17:38:57 | 00,061,952 | ---- | C] (Microsoft Corporation)
ksc.nls -> %SystemRoot%\System32\dllcache\ksc.nls -> [2009/02/11 17:38:57 | 00,047,066 | ---- | C] ()
korwbrkr.lex -> %SystemRoot%\System32\dllcache\korwbrkr.lex -> [2009/02/11 17:38:53 | 01,158,818 | ---- | C] ()
korwbrkr.dll -> %SystemRoot%\System32\dllcache\korwbrkr.dll -> [2009/02/11 17:38:53 | 00,070,656 | ---- | C] (Microsoft Corporation)
kousd.dll -> %SystemRoot%\System32\dllcache\kousd.dll -> [2009/02/11 17:38:53 | 00,037,376 | ---- | C] (Microsoft Corporation)
kdsusd.dll -> %SystemRoot%\System32\dllcache\kdsusd.dll -> [2009/02/11 17:38:51 | 00,253,952 | ---- | C] (Microsoft Corporation)
kdsui.dll -> %SystemRoot%\System32\dllcache\kdsui.dll -> [2009/02/11 17:38:50 | 00,048,640 | ---- | C] (Microsoft Corporation)
kbdusa.dll -> %SystemRoot%\System32\dllcache\kbdusa.dll -> [2009/02/11 17:38:48 | 00,005,632 | ---- | C] (Microsoft Corporation)
kbdnecat.dll -> %SystemRoot%\System32\dllcache\kbdnecat.dll -> [2009/02/11 17:38:43 | 00,009,216 | ---- | C] (Microsoft Corporation)
kbdnecnt.dll -> %SystemRoot%\System32\dllcache\kbdnecnt.dll -> [2009/02/11 17:38:43 | 00,007,680 | ---- | C] (Microsoft Corporation)
kbdnec95.dll -> %SystemRoot%\System32\dllcache\kbdnec95.dll -> [2009/02/11 17:38:43 | 00,007,168 | ---- | C] (Microsoft Corporation)
kbdkor.dll -> %SystemRoot%\System32\dllcache\kbdkor.dll -> [2009/02/11 17:38:37 | 00,008,192 | ---- | C] (Microsoft Corporation)
kbdjpn.dll -> %SystemRoot%\System32\dllcache\kbdjpn.dll -> [2009/02/11 17:38:34 | 00,008,704 | ---- | C] (Microsoft Corporation)
kbdhid.sys -> %SystemRoot%\System32\dllcache\kbdhid.sys -> [2009/02/11 17:38:30 | 00,014,592 | ---- | C] (Microsoft Corporation)
kbd106.dll -> %SystemRoot%\System32\dllcache\kbd106.dll -> [2009/02/11 17:38:20 | 00,006,144 | ---- | C] (Microsoft Corporation)
kbd103.dll -> %SystemRoot%\System32\dllcache\kbd103.dll -> [2009/02/11 17:38:17 | 00,005,632 | ---- | C] (Microsoft Corporation)
kbd101c.dll -> %SystemRoot%\System32\dllcache\kbd101c.dll -> [2009/02/11 17:38:14 | 00,006,144 | ---- | C] (Microsoft Corporation)
kbd101b.dll -> %SystemRoot%\System32\dllcache\kbd101b.dll -> [2009/02/11 17:38:11 | 00,006,144 | ---- | C] (Microsoft Corporation)
jupiw.dll -> %SystemRoot%\System32\dllcache\jupiw.dll -> [2009/02/11 17:38:10 | 00,018,432 | ---- | C] (Microsoft Corporation)
kbd101a.dll -> %SystemRoot%\System32\dllcache\kbd101a.dll -> [2009/02/11 17:38:10 | 00,006,144 | ---- | C] (Microsoft Corporation)
irsir.sys -> %SystemRoot%\System32\dllcache\irsir.sys -> [2009/02/11 17:38:02 | 00,018,688 | ---- | C] (Microsoft Corporation)
irmon.dll -> %SystemRoot%\System32\dllcache\irmon.dll -> [2009/02/11 17:38:01 | 00,028,160 | ---- | C] (Microsoft Corporation)
irftp.exe -> %SystemRoot%\System32\dllcache\irftp.exe -> [2009/02/11 17:37:58 | 00,151,552 | ---- | C] (Microsoft Corporation)
irmk7.sys -> %SystemRoot%\System32\dllcache\irmk7.sys -> [2009/02/11 17:37:58 | 00,023,552 | ---- | C] (MKNet Corporation)
irda.sys -> %SystemRoot%\System32\dllcache\irda.sys -> [2009/02/11 17:37:57 | 00,088,192 | ---- | C] (Microsoft Corporation)
ipsink.ax -> %SystemRoot%\System32\dllcache\ipsink.ax -> [2009/02/11 17:37:54 | 00,016,384 | ---- | C] (Microsoft Corporation)
ip5515.sys -> %SystemRoot%\System32\dllcache\ip5515.sys -> [2009/02/11 17:37:49 | 00,045,632 | ---- | C] (Interphase (R) Corporation a Windows (R) 2000 DDK Driver Provider)
io8ports.dll -> %SystemRoot%\System32\dllcache\io8ports.dll -> [2009/02/11 17:37:46 | 00,090,200 | ---- | C] (Perle Systems Ltd. )
io8.sys -> %SystemRoot%\System32\dllcache\io8.sys -> [2009/02/11 17:37:43 | 00,038,784 | ---- | C] (Perle Systems Ltd. )
inport.sys -> %SystemRoot%\System32\dllcache\inport.sys -> [2009/02/11 17:37:39 | 00,013,056 | ---- | C] (Microsoft Corporation)
imskdic.dll -> %SystemRoot%\System32\dllcache\imskdic.dll -> [2009/02/11 17:37:35 | 00,471,102 | ---- | C] (Microsoft Corporation)
imkrinst.exe -> %SystemRoot%\System32\dllcache\imkrinst.exe -> [2009/02/11 17:37:33 | 00,059,904 | ---- | C] (Microsoft Corporation)
imjpuex.exe -> %SystemRoot%\System32\dllcache\imjpuex.exe -> [2009/02/11 17:37:32 | 00,045,109 | ---- | C] (Microsoft Corporation)
imjpdadm.exe -> %SystemRoot%\System32\dllcache\imjpdadm.exe -> [2009/02/11 17:37:29 | 00,057,398 | ---- | C] (Microsoft Corporation)
imepadsv.exe -> %SystemRoot%\System32\dllcache\imepadsv.exe -> [2009/02/11 17:37:27 | 00,311,359 | ---- | C] (Microsoft Corporation)
imepadsm.dll -> %SystemRoot%\System32\dllcache\imepadsm.dll -> [2009/02/11 17:37:26 | 00,102,463 | ---- | C] (Microsoft Corporation)
imekrmig.exe -> %SystemRoot%\System32\dllcache\imekrmig.exe -> [2009/02/11 17:37:26 | 00,044,032 | ---- | C] (Microsoft Corporation)
imekr.lex -> %SystemRoot%\System32\dllcache\imekr.lex -> [2009/02/11 17:37:25 | 00,134,339 | ---- | C] ()
iconf32.dll -> %SystemRoot%\System32\dllcache\iconf32.dll -> [2009/02/11 17:37:13 | 00,372,824 | ---- | C] (Xircom)
icam5usb.sys -> %SystemRoot%\System32\dllcache\icam5usb.sys -> [2009/02/11 17:37:10 | 00,100,992 | ---- | C] (Microsoft Corporation)
icam5ext.dll -> %SystemRoot%\System32\dllcache\icam5ext.dll -> [2009/02/11 17:37:07 | 00,020,480 | ---- | C] (Microsoft Corporation)
icam5com.dll -> %SystemRoot%\System32\dllcache\icam5com.dll -> [2009/02/11 17:37:04 | 00,045,056 | ---- | C] (Microsoft Corporation)
icam4usb.sys -> %SystemRoot%\System32\dllcache\icam4usb.sys -> [2009/02/11 17:37:01 | 00,154,496 | ---- | C] (Microsoft Corporation)
icam4ext.dll -> %SystemRoot%\System32\dllcache\icam4ext.dll -> [2009/02/11 17:36:58 | 00,061,952 | ---- | C] (Microsoft Corporation)
icam4com.dll -> %SystemRoot%\System32\dllcache\icam4com.dll -> [2009/02/11 17:36:55 | 00,091,136 | ---- | C] (Microsoft Corporation)
icam3ext.dll -> %SystemRoot%\System32\dllcache\icam3ext.dll -> [2009/02/11 17:36:52 | 00,026,624 | ---- | C] (Microsoft Corporation)
icam3.sys -> %SystemRoot%\System32\dllcache\icam3.sys -> [2009/02/11 17:36:49 | 00,141,056 | ---- | C] (Microsoft Corporation)
ibmvcap.sys -> %SystemRoot%\System32\dllcache\ibmvcap.sys -> [2009/02/11 17:36:46 | 00,038,528 | ---- | C] (Microsoft Corporation)
hwxkor.dll -> %SystemRoot%\System32\dllcache\hwxkor.dll -> [2009/02/11 17:36:21 | 10,129,408 | ---- | C] (Microsoft Corporation)
hwxcht.dll -> %SystemRoot%\System32\dllcache\hwxcht.dll -> [2009/02/11 17:36:18 | 10,096,640 | ---- | C] (Microsoft Corporation)
hr1w.dll -> %SystemRoot%\System32\dllcache\hr1w.dll -> [2009/02/11 17:35:34 | 00,019,456 | ---- | C] (Microsoft Corporation)
hpt4qic.sys -> %SystemRoot%\System32\dllcache\hpt4qic.sys -> [2009/02/11 17:35:31 | 00,005,760 | ---- | C] (Microsoft Corporation)
hpsjmcro.dll -> %SystemRoot%\System32\dllcache\hpsjmcro.dll -> [2009/02/11 17:35:29 | 00,013,312 | ---- | C] (Microsoft Corporation)
hpojwia.dll -> %SystemRoot%\System32\dllcache\hpojwia.dll -> [2009/02/11 17:35:26 | 00,324,608 | ---- | C] (Microsoft Corporation)
hpgtmcro.dll -> %SystemRoot%\System32\dllcache\hpgtmcro.dll -> [2009/02/11 17:35:23 | 00,032,768 | ---- | C] (Microsoft Corporation)
hpgt53tk.dll -> %SystemRoot%\System32\dllcache\hpgt53tk.dll -> [2009/02/11 17:35:20 | 00,068,608 | ---- | C] (Avisioin)
hpgt53.dll -> %SystemRoot%\System32\dllcache\hpgt53.dll -> [2009/02/11 17:35:17 | 00,165,888 | ---- | C] ()
hpgt42tk.dll -> %SystemRoot%\System32\dllcache\hpgt42tk.dll -> [2009/02/11 17:35:14 | 00,031,232 | ---- | C] (Microsoft Corporation)
hpgt42.dll -> %SystemRoot%\System32\dllcache\hpgt42.dll -> [2009/02/11 17:35:11 | 00,093,696 | ---- | C] ()
hpgt34tk.dll -> %SystemRoot%\System32\dllcache\hpgt34tk.dll -> [2009/02/11 17:35:08 | 00,126,976 | ---- | C] (Hewlett Packard)
hpgt34.dll -> %SystemRoot%\System32\dllcache\hpgt34.dll -> [2009/02/11 17:35:06 | 00,101,376 | ---- | C] ()
hpgt33tk.dll -> %SystemRoot%\System32\dllcache\hpgt33tk.dll -> [2009/02/11 17:35:03 | 00,048,128 | ---- | C] (Microsoft Corporation)
hpgt33.dll -> %SystemRoot%\System32\dllcache\hpgt33.dll -> [2009/02/11 17:35:00 | 00,089,088 | ---- | C] ()
hpgt21tk.dll -> %SystemRoot%\System32\dllcache\hpgt21tk.dll -> [2009/02/11 17:34:57 | 00,123,392 | ---- | C] (Microsoft Corporation)
hpgt21.dll -> %SystemRoot%\System32\dllcache\hpgt21.dll -> [2009/02/11 17:34:54 | 00,083,968 | ---- | C] ()
hpdigwia.dll -> %SystemRoot%\System32\dllcache\hpdigwia.dll -> [2009/02/11 17:34:51 | 00,119,296 | ---- | C] (Microsoft Corporation)
hidserv.dll -> %SystemRoot%\System32\dllcache\hidserv.dll -> [2009/02/11 17:34:46 | 00,021,504 | ---- | C] (Microsoft Corporation)
hidswvd.sys -> %SystemRoot%\System32\dllcache\hidswvd.sys -> [2009/02/11 17:34:46 | 00,002,688 | ---- | C] (Microsoft Corporation)
hidgame.sys -> %SystemRoot%\System32\dllcache\hidgame.sys -> [2009/02/11 17:34:43 | 00,008,576 | ---- | C] (Microsoft Corporation)
hidbatt.sys -> %SystemRoot%\System32\dllcache\hidbatt.sys -> [2009/02/11 17:34:42 | 00,020,352 | ---- | C] (Microsoft Corporation)
hanja.lex -> %SystemRoot%\System32\dllcache\hanja.lex -> [2009/02/11 17:34:37 | 00,108,827 | ---- | C] ()
hanjadic.dll -> %SystemRoot%\System32\dllcache\hanjadic.dll -> [2009/02/11 17:34:37 | 00,036,864 | ---- | C] (Microsoft Corporation)
grserial.sys -> %SystemRoot%\System32\dllcache\grserial.sys -> [2009/02/11 17:34:35 | 00,028,288 | ---- | C] (Gemplus)
grclass.sys -> %SystemRoot%\System32\dllcache\grclass.sys -> [2009/02/11 17:34:33 | 00,082,304 | ---- | C] (Gemplus)
gpr400.sys -> %SystemRoot%\System32\dllcache\gpr400.sys -> [2009/02/11 17:34:30 | 00,017,408 | ---- | C] (Gemplus)
gckernel.sys -> %SystemRoot%\System32\dllcache\gckernel.sys -> [2009/02/11 17:34:27 | 00,059,136 | ---- | C] (Microsoft Corporation)
gameenum.sys -> %SystemRoot%\System32\dllcache\gameenum.sys -> [2009/02/11 17:34:27 | 00,010,624 | ---- | C] (Microsoft Corporation)
fxusbase.sys -> %SystemRoot%\System32\dllcache\fxusbase.sys -> [2009/02/11 17:34:14 | 00,454,912 | ---- | C] (AVM GmbH)
fuusd.dll -> %SystemRoot%\System32\dllcache\fuusd.dll -> [2009/02/11 17:34:07 | 00,092,160 | ---- | C] (Microsoft Corporation)
fusbbase.sys -> %SystemRoot%\System32\dllcache\fusbbase.sys -> [2009/02/11 17:34:05 | 00,455,296 | ---- | C] (AVM GmbH)
fus2base.sys -> %SystemRoot%\System32\dllcache\fus2base.sys -> [2009/02/11 17:34:02 | 00,455,680 | ---- | C] (AVM GmbH)
ftlx041e.dll -> %SystemRoot%\System32\dllcache\ftlx041e.dll -> [2009/02/11 17:34:01 | 00,006,144 | ---- | C] (Microsoft Corporation)
fpnpbase.sys -> %SystemRoot%\System32\dllcache\fpnpbase.sys -> [2009/02/11 17:33:57 | 00,442,240 | ---- | C] (AVM GmbH)
fpcmbase.sys -> %SystemRoot%\System32\dllcache\fpcmbase.sys -> [2009/02/11 17:33:54 | 00,441,728 | ---- | C] (AVM GmbH)
fpcibase.sys -> %SystemRoot%\System32\dllcache\fpcibase.sys -> [2009/02/11 17:33:52 | 00,444,416 | ---- | C] (AVM GmbH)
forehe.sys -> %SystemRoot%\System32\dllcache\forehe.sys -> [2009/02/11 17:33:50 | 00,034,173 | ---- | C] (Marconi Communications, Inc.)
fnfilter.dll -> %SystemRoot%\System32\dllcache\fnfilter.dll -> [2009/02/11 17:33:46 | 00,071,680 | ---- | C] (Microsoft Corporation)
flattemp.exe -> %SystemRoot%\System32\dllcache\flattemp.exe -> [2009/02/11 17:33:45 | 00,014,848 | ---- | C] (Microsoft Corporation)
EXCH_fcachdll.dll -> %SystemRoot%\System32\dllcache\EXCH_fcachdll.dll -> [2009/02/11 17:33:33 | 00,043,520 | ---- | C] (Microsoft Corporation)
fa410nd5.sys -> %SystemRoot%\System32\dllcache\fa410nd5.sys -> [2009/02/11 17:33:30 | 00,024,618 | ---- | C] (NETGEAR)
f3ab18xj.sys -> %SystemRoot%\System32\dllcache\f3ab18xj.sys -> [2009/02/11 17:33:25 | 00,011,850 | ---- | C] (FUJITSU LIMITED)
f3ab18xi.sys -> %SystemRoot%\System32\dllcache\f3ab18xi.sys -> [2009/02/11 17:33:23 | 00,012,362 | ---- | C] (FUJITSU LIMITED)
exabyte2.sys -> %SystemRoot%\System32\dllcache\exabyte2.sys -> [2009/02/11 17:33:19 | 00,007,040 | ---- | C] (Microsoft Corporation)
et4000.sys -> %SystemRoot%\System32\dllcache\et4000.sys -> [2009/02/11 17:33:15 | 00,025,856 | ---- | C] (Microsoft Corporation)
esunid.dll -> %SystemRoot%\System32\dllcache\esunid.dll -> [2009/02/11 17:33:14 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.)
esunib.dll -> %SystemRoot%\System32\dllcache\esunib.dll -> [2009/02/11 17:33:12 | 00,045,568 | ---- | C] (SEIKO EPSON CORP.)
esuni.dll -> %SystemRoot%\System32\dllcache\esuni.dll -> [2009/02/11 17:33:10 | 00,045,568 | ---- | C] (SEIKO EPSON CORP.)
esuimgd.dll -> %SystemRoot%\System32\dllcache\esuimgd.dll -> [2009/02/11 17:33:09 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.)
esuimg.dll -> %SystemRoot%\System32\dllcache\esuimg.dll -> [2009/02/11 17:33:07 | 00,034,816 | ---- | C] (SEIKO EPSON CORP.)
esucmd.dll -> %SystemRoot%\System32\dllcache\esucmd.dll -> [2009/02/11 17:33:07 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.)
esucm.dll -> %SystemRoot%\System32\dllcache\esucm.dll -> [2009/02/11 17:33:05 | 00,043,008 | ---- | C] (SEIKO EPSON CORP.)
es1969.sys -> %SystemRoot%\System32\dllcache\es1969.sys -> [2009/02/11 17:32:50 | 00,072,192 | ---- | C] (ESS Technology Inc.)
epstw2k.sys -> %SystemRoot%\System32\dllcache\epstw2k.sys -> [2009/02/11 17:32:33 | 00,114,944 | ---- | C] (Microsoft Corporation)
epcfw2k.sys -> %SystemRoot%\System32\dllcache\epcfw2k.sys -> [2009/02/11 17:32:29 | 00,144,896 | ---- | C] (Microsoft Corporation)
enum1394.sys -> %SystemRoot%\System32\dllcache\enum1394.sys -> [2009/02/11 17:32:27 | 00,006,400 | ---- | C] (Microsoft Corporation)
elmsmc.sys -> %SystemRoot%\System32\dllcache\elmsmc.sys -> [2009/02/11 17:32:16 | 00,007,296 | ---- | C] (Microsoft Corporation)
edb500.dll -> %SystemRoot%\System32\dllcache\edb500.dll -> [2009/02/11 17:31:53 | 00,514,587 | ---- | C] (Microsoft Corporation)
dshowext.ax -> %SystemRoot%\System32\dllcache\dshowext.ax -> [2009/02/11 17:31:41 | 00,020,992 | ---- | C] (Microsoft Corporation)
ds1wdm.sys -> %SystemRoot%\System32\dllcache\ds1wdm.sys -> [2009/02/11 17:31:39 | 00,334,208 | ---- | C] (Yamaha Corp.)
dp83820.sys -> %SystemRoot%\System32\dllcache\dp83820.sys -> [2009/02/11 17:31:28 | 00,028,062 | ---- | C] (National Semiconductor Coproration)
dot4usb.sys -> %SystemRoot%\System32\dllcache\dot4usb.sys -> [2009/02/11 17:31:27 | 00,023,808 | ---- | C] (Microsoft Corporation)
dot4scan.sys -> %SystemRoot%\System32\dllcache\dot4scan.sys -> [2009/02/11 17:31:25 | 00,008,704 | ---- | C] (Microsoft Corporation)
dot4prt.sys -> %SystemRoot%\System32\dllcache\dot4prt.sys -> [2009/02/11 17:31:24 | 00,012,928 | ---- | C] (Microsoft Corporation)
dot4.sys -> %SystemRoot%\System32\dllcache\dot4.sys -> [2009/02/11 17:31:23 | 00,206,976 | ---- | C] (Microsoft Corporation)
dm9pci5.sys -> %SystemRoot%\System32\dllcache\dm9pci5.sys -> [2009/02/11 17:31:16 | 00,029,696 | ---- | C] (CNet Technology, Inc.													)
dlttape.sys -> %SystemRoot%\System32\dllcache\dlttape.sys -> [2009/02/11 17:31:15 | 00,008,320 | ---- | C] (Microsoft Corporation)
dlh5xnd5.sys -> %SystemRoot%\System32\dllcache\dlh5xnd5.sys -> [2009/02/11 17:31:13 | 00,026,698 | ---- | C] (D-Link Corporation)
diwan.sys -> %SystemRoot%\System32\dllcache\diwan.sys -> [2009/02/11 17:31:12 | 00,952,007 | ---- | C] (Eicon Technology)
divasu.dll -> %SystemRoot%\System32\dllcache\divasu.dll -> [2009/02/11 17:31:10 | 00,029,768 | ---- | C] ()
divaprop.dll -> %SystemRoot%\System32\dllcache\divaprop.dll -> [2009/02/11 17:31:09 | 00,037,962 | ---- | C] ()
divaci.dll -> %SystemRoot%\System32\dllcache\divaci.dll -> [2009/02/11 17:31:07 | 00,006,216 | ---- | C] ()
ditrace.exe -> %SystemRoot%\System32\dllcache\ditrace.exe -> [2009/02/11 17:31:06 | 00,236,060 | ---- | C] (Eicon Technology)
disrvsu.dll -> %SystemRoot%\System32\dllcache\disrvsu.dll -> [2009/02/11 17:31:04 | 00,038,985 | ---- | C] (Eicon Technology)
disrvpp.dll -> %SystemRoot%\System32\dllcache\disrvpp.dll -> [2009/02/11 17:31:03 | 00,031,305 | ---- | C] (Eicon Technology)
disrvci.dll -> %SystemRoot%\System32\dllcache\disrvci.dll -> [2009/02/11 17:31:01 | 00,006,729 | ---- | C] (Eicon Technology)
dimaint.sys -> %SystemRoot%\System32\dllcache\dimaint.sys -> [2009/02/11 17:30:58 | 00,091,305 | ---- | C] (Eicon Technology)
dfe650d.sys -> %SystemRoot%\System32\dllcache\dfe650d.sys -> [2009/02/11 17:30:33 | 00,024,649 | ---- | C] (D-Link)
dfe650.sys -> %SystemRoot%\System32\dllcache\dfe650.sys -> [2009/02/11 17:30:32 | 00,024,648 | ---- | C] (D-Link)
defpa.sys -> %SystemRoot%\System32\dllcache\defpa.sys -> [2009/02/11 17:30:26 | 00,020,928 | ---- | C] (Digital Networks, LLC)
ddsmc.sys -> %SystemRoot%\System32\dllcache\ddsmc.sys -> [2009/02/11 17:30:25 | 00,007,424 | ---- | C] (Microsoft Corporation)
dc260usd.dll -> %SystemRoot%\System32\dllcache\dc260usd.dll -> [2009/02/11 17:30:22 | 00,110,592 | ---- | C] (Microsoft Corporation)
dc240usd.dll -> %SystemRoot%\System32\dllcache\dc240usd.dll -> [2009/02/11 17:30:21 | 00,086,016 | ---- | C] (Microsoft Corporation)
dc210usd.dll -> %SystemRoot%\System32\dllcache\dc210usd.dll -> [2009/02/11 17:30:18 | 00,080,896 | ---- | C] (Microsoft Corporation)
dc210_32.dll -> %SystemRoot%\System32\dllcache\dc210_32.dll -> [2009/02/11 17:30:17 | 00,025,600 | ---- | C] (Microsoft Corporation)
cyzports.dll -> %SystemRoot%\System32\dllcache\cyzports.dll -> [2009/02/11 17:30:09 | 00,027,648 | ---- | C] (Microsoft Corporation)
cyzport.sys -> %SystemRoot%\System32\dllcache\cyzport.sys -> [2009/02/11 17:30:08 | 00,049,792 | ---- | C] (Microsoft Corporation)
cyzcoins.dll -> %SystemRoot%\System32\dllcache\cyzcoins.dll -> [2009/02/11 17:30:07 | 00,027,136 | ---- | C] (Microsoft Corporation)
cyyports.dll -> %SystemRoot%\System32\dllcache\cyyports.dll -> [2009/02/11 17:30:05 | 00,027,648 | ---- | C] (Microsoft Corporation)
cyyport.sys -> %SystemRoot%\System32\dllcache\cyyport.sys -> [2009/02/11 17:30:04 | 00,050,176 | ---- | C] (Microsoft Corporation)
cyycoins.dll -> %SystemRoot%\System32\dllcache\cyycoins.dll -> [2009/02/11 17:30:02 | 00,028,672 | ---- | C] (Microsoft Corporation)
cyclom-y.sys -> %SystemRoot%\System32\dllcache\cyclom-y.sys -> [2009/02/11 17:30:01 | 00,014,848 | ---- | C] (Microsoft Corporation)
cyclad-z.sys -> %SystemRoot%\System32\dllcache\cyclad-z.sys -> [2009/02/11 17:30:00 | 00,017,152 | ---- | C] (Microsoft Corporation)
cwrwdm.sys -> %SystemRoot%\System32\dllcache\cwrwdm.sys -> [2009/02/11 17:29:59 | 00,048,640 | ---- | C] (Crystal Semiconductor Corp.)
cwcwdm.sys -> %SystemRoot%\System32\dllcache\cwcwdm.sys -> [2009/02/11 17:29:58 | 00,093,952 | ---- | C] (Crystal Semiconductor Corp.)
cwcspud.sys -> %SystemRoot%\System32\dllcache\cwcspud.sys -> [2009/02/11 17:29:57 | 00,111,872 | ---- | C] (Crystal Semiconductor Corp.)
cwcosnt5.sys -> %SystemRoot%\System32\dllcache\cwcosnt5.sys -> [2009/02/11 17:29:55 | 00,003,584 | ---- | C] (Crystal Semiconductor Corp.)
cwbwdm.sys -> %SystemRoot%\System32\dllcache\cwbwdm.sys -> [2009/02/11 17:29:54 | 00,072,832 | ---- | C] (Crystal Semiconductor Corp.)
cwbmidi.sys -> %SystemRoot%\System32\dllcache\cwbmidi.sys -> [2009/02/11 17:29:53 | 00,003,072 | ---- | C] (Crystal Semiconductor Corp.)
cwbase.sys -> %SystemRoot%\System32\dllcache\cwbase.sys -> [2009/02/11 17:29:51 | 00,003,072 | ---- | C] (Crystal Semiconductor Corp.)
ctmasetp.dll -> %SystemRoot%\System32\dllcache\ctmasetp.dll -> [2009/02/11 17:29:49 | 00,249,856 | ---- | C] (ComtrolŪ Corporation)
csamsp.dll -> %SystemRoot%\System32\dllcache\csamsp.dll -> [2009/02/11 17:29:43 | 00,175,104 | ---- | C] (Microsoft Corporation)
cpscan.dll -> %SystemRoot%\System32\dllcache\cpscan.dll -> [2009/02/11 17:29:39 | 00,216,064 | ---- | C] (COMPAQ Inc.)
cprofile.exe -> %SystemRoot%\System32\dllcache\cprofile.exe -> [2009/02/11 17:29:39 | 00,018,944 | ---- | C] (Microsoft Corporation)
cpqtrnd5.sys -> %SystemRoot%\System32\dllcache\cpqtrnd5.sys -> [2009/02/11 17:29:38 | 00,060,970 | ---- | C] (Compaq Computer Corp.)
cpqndis5.sys -> %SystemRoot%\System32\dllcache\cpqndis5.sys -> [2009/02/11 17:29:37 | 00,021,533 | ---- | C] (Compaq Computer Corporation)
cnusd.dll -> %SystemRoot%\System32\dllcache\cnusd.dll -> [2009/02/11 17:29:28 | 00,044,032 | ---- | C] (Microsoft Corporation)
cmbp0wdm.sys -> %SystemRoot%\System32\dllcache\cmbp0wdm.sys -> [2009/02/11 17:29:23 | 00,020,736 | ---- | C] (OMNIKEY AG)
cl546xm.sys -> %SystemRoot%\System32\dllcache\cl546xm.sys -> [2009/02/11 17:29:20 | 00,248,064 | ---- | C] (Microsoft Corporation)
cl546x.dll -> %SystemRoot%\System32\dllcache\cl546x.dll -> [2009/02/11 17:29:19 | 00,170,880 | ---- | C] (Microsoft Corporation)
cl5465.dll -> %SystemRoot%\System32\dllcache\cl5465.dll -> [2009/02/11 17:29:19 | 00,111,232 | ---- | C] (Microsoft Corporation)
cirrus.sys -> %SystemRoot%\System32\dllcache\cirrus.sys -> [2009/02/11 17:29:17 | 00,045,696 | ---- | C] (Microsoft Corporation)
cirrus.dll -> %SystemRoot%\System32\dllcache\cirrus.dll -> [2009/02/11 17:29:16 | 00,091,264 | ---- | C] (Microsoft Corporation)
cinemclc.sys -> %SystemRoot%\System32\dllcache\cinemclc.sys -> [2009/02/11 17:29:14 | 00,272,640 | ---- | C] (RAVISENT Technologies Inc.)
cicap.sys -> %SystemRoot%\System32\dllcache\cicap.sys -> [2009/02/11 17:29:12 | 00,980,034 | ---- | C] (Xircom)
chtbrkr.dll -> %SystemRoot%\System32\dllcache\chtbrkr.dll -> [2009/02/11 17:29:09 | 00,838,144 | ---- | C] (Microsoft Corporation)
chsbrkr.dll -> %SystemRoot%\System32\dllcache\chsbrkr.dll -> [2009/02/11 17:29:08 | 01,677,824 | ---- | C] (Microsoft Corporation)
chgusr.exe -> %SystemRoot%\System32\dllcache\chgusr.exe -> [2009/02/11 17:29:07 | 00,014,336 | ---- | C] (Microsoft Corporation)
chgport.exe -> %SystemRoot%\System32\dllcache\chgport.exe -> [2009/02/11 17:29:06 | 00,015,872 | ---- | C] (Microsoft Corporation)
chglogon.exe -> %SystemRoot%\System32\dllcache\chglogon.exe -> [2009/02/11 17:29:05 | 00,013,312 | ---- | C] (Microsoft Corporation)
changer.sys -> %SystemRoot%\System32\dllcache\changer.sys -> [2009/02/11 17:29:03 | 00,008,192 | ---- | C] (Microsoft Corporation)
change.exe -> %SystemRoot%\System32\dllcache\change.exe -> [2009/02/11 17:29:02 | 00,009,728 | ---- | C] (Microsoft Corporation)
cem56n5.sys -> %SystemRoot%\System32\dllcache\cem56n5.sys -> [2009/02/11 17:28:58 | 00,049,182 | ---- | C] (Xircom, Inc.)
cem33n5.sys -> %SystemRoot%\System32\dllcache\cem33n5.sys -> [2009/02/11 17:28:57 | 00,022,044 | ---- | C] (Xircom, Inc.)
cem28n5.sys -> %SystemRoot%\System32\dllcache\cem28n5.sys -> [2009/02/11 17:28:56 | 00,022,044 | ---- | C] (Xircom, Inc.)
ce3n5.sys -> %SystemRoot%\System32\dllcache\ce3n5.sys -> [2009/02/11 17:28:55 | 00,027,164 | ---- | C] (Xircom, Inc.)
ce2n5.sys -> %SystemRoot%\System32\dllcache\ce2n5.sys -> [2009/02/11 17:28:55 | 00,021,530 | ---- | C] (Xircom, Inc.)
ccdecode.sys -> %SystemRoot%\System32\dllcache\ccdecode.sys -> [2009/02/11 17:28:48 | 00,017,024 | ---- | C] (Microsoft Corporation)
cbmdmkxx.sys -> %SystemRoot%\System32\dllcache\cbmdmkxx.sys -> [2009/02/11 17:28:47 | 00,714,698 | ---- | C] (Xircom, Inc.)
cben5.sys -> %SystemRoot%\System32\dllcache\cben5.sys -> [2009/02/11 17:28:46 | 00,046,108 | ---- | C] (Xircom, Inc.)
cb325.sys -> %SystemRoot%\System32\dllcache\cb325.sys -> [2009/02/11 17:28:45 | 00,039,680 | ---- | C] (Silicom Ltd.)
cb102.sys -> %SystemRoot%\System32\dllcache\cb102.sys -> [2009/02/11 17:28:44 | 00,037,916 | ---- | C] (Fast Ethernet Controller Provider)
diapi2NT.dll -> %SystemRoot%\System32\dllcache\diapi2NT.dll -> [2009/02/11 17:28:40 | 00,032,256 | ---- | C] (Eicon Technology Corporation)
diapi2.sys -> %SystemRoot%\System32\dllcache\diapi2.sys -> [2009/02/11 17:28:38 | 00,164,923 | ---- | C] (Eicon Technology)
cap7146.sys -> %SystemRoot%\System32\dllcache\cap7146.sys -> [2009/02/11 17:28:37 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH)
camext30.dll -> %SystemRoot%\System32\dllcache\camext30.dll -> [2009/02/11 17:28:36 | 00,121,856 | ---- | C] (Microsoft Corporation)
camext30.ax -> %SystemRoot%\System32\dllcache\camext30.ax -> [2009/02/11 17:28:36 | 00,116,736 | ---- | C] (Microsoft Corporation)
camext20.dll -> %SystemRoot%\System32\dllcache\camext20.dll -> [2009/02/11 17:28:35 | 00,236,032 | ---- | C] (Microsoft Corporation)
camext20.ax -> %SystemRoot%\System32\dllcache\camext20.ax -> [2009/02/11 17:28:34 | 00,244,224 | ---- | C] (Microsoft Corporation)
camexo20.dll -> %SystemRoot%\System32\dllcache\camexo20.dll -> [2009/02/11 17:28:34 | 00,074,240 | ---- | C] (Microsoft Corporation)
camexo20.ax -> %SystemRoot%\System32\dllcache\camexo20.ax -> [2009/02/11 17:28:33 | 00,073,216 | ---- | C] (Microsoft Corporation)
camdrv30.sys -> %SystemRoot%\System32\dllcache\camdrv30.sys -> [2009/02/11 17:28:31 | 00,171,264 | ---- | C] (Microsoft Corporation)
camdrv21.sys -> %SystemRoot%\System32\dllcache\camdrv21.sys -> [2009/02/11 17:28:30 | 00,223,232 | ---- | C] (Microsoft Corporation)
camdro21.sys -> %SystemRoot%\System32\dllcache\camdro21.sys -> [2009/02/11 17:28:29 | 00,314,752 | ---- | C] (Microsoft Corporation)
c_iscii.dll -> %SystemRoot%\System32\dllcache\c_iscii.dll -> [2009/02/11 17:28:27 | 00,010,752 | ---- | C] (Microsoft Corporation)
c_is2022.dll -> %SystemRoot%\System32\dllcache\c_is2022.dll -> [2009/02/11 17:28:26 | 00,006,656 | ---- | C] (Microsoft Corporation)
c_870.nls -> %SystemRoot%\System32\dllcache\c_870.nls -> [2009/02/11 17:28:23 | 00,066,082 | ---- | C] ()
c_864.nls -> %SystemRoot%\System32\dllcache\c_864.nls -> [2009/02/11 17:28:22 | 00,066,594 | ---- | C] ()
c_862.nls -> %SystemRoot%\System32\dllcache\c_862.nls -> [2009/02/11 17:28:22 | 00,066,594 | ---- | C] ()
c_858.nls -> %SystemRoot%\System32\dllcache\c_858.nls -> [2009/02/11 17:28:21 | 00,066,594 | ---- | C] ()
c_720.nls -> %SystemRoot%\System32\dllcache\c_720.nls -> [2009/02/11 17:28:20 | 00,066,594 | ---- | C] ()
c_708.nls -> %SystemRoot%\System32\dllcache\c_708.nls -> [2009/02/11 17:28:20 | 00,066,082 | ---- | C] ()
c_28596.nls -> %SystemRoot%\System32\dllcache\c_28596.nls -> [2009/02/11 17:28:19 | 00,066,082 | ---- | C] ()
c_21027.nls -> %SystemRoot%\System32\dllcache\c_21027.nls -> [2009/02/11 17:28:18 | 00,066,082 | ---- | C] ()
c_21025.nls -> %SystemRoot%\System32\dllcache\c_21025.nls -> [2009/02/11 17:28:18 | 00,066,082 | ---- | C] ()
c_20932.nls -> %SystemRoot%\System32\dllcache\c_20932.nls -> [2009/02/11 17:28:17 | 00,180,770 | ---- | C] ()
c_20949.nls -> %SystemRoot%\System32\dllcache\c_20949.nls -> [2009/02/11 17:28:17 | 00,177,698 | ---- | C] ()
c_20936.nls -> %SystemRoot%\System32\dllcache\c_20936.nls -> [2009/02/11 17:28:17 | 00,173,602 | ---- | C] ()
c_20924.nls -> %SystemRoot%\System32\dllcache\c_20924.nls -> [2009/02/11 17:28:17 | 00,066,082 | ---- | C] ()
c_20880.nls -> %SystemRoot%\System32\dllcache\c_20880.nls -> [2009/02/11 17:28:16 | 00,066,082 | ---- | C] ()
c_20871.nls -> %SystemRoot%\System32\dllcache\c_20871.nls -> [2009/02/11 17:28:16 | 00,066,082 | ---- | C] ()
c_20838.nls -> %SystemRoot%\System32\dllcache\c_20838.nls -> [2009/02/11 17:28:16 | 00,066,082 | ---- | C] ()
c_20833.nls -> %SystemRoot%\System32\dllcache\c_20833.nls -> [2009/02/11 17:28:15 | 00,066,082 | ---- | C] ()
c_20424.nls -> %SystemRoot%\System32\dllcache\c_20424.nls -> [2009/02/11 17:28:15 | 00,066,082 | ---- | C] ()
c_20423.nls -> %SystemRoot%\System32\dllcache\c_20423.nls -> [2009/02/11 17:28:15 | 00,066,082 | ---- | C] ()
c_20420.nls -> %SystemRoot%\System32\dllcache\c_20420.nls -> [2009/02/11 17:28:15 | 00,066,082 | ---- | C] ()
c_20297.nls -> %SystemRoot%\System32\dllcache\c_20297.nls -> [2009/02/11 17:28:14 | 00,066,082 | ---- | C] ()
c_20290.nls -> %SystemRoot%\System32\dllcache\c_20290.nls -> [2009/02/11 17:28:14 | 00,066,082 | ---- | C] ()
c_20285.nls -> %SystemRoot%\System32\dllcache\c_20285.nls -> [2009/02/11 17:28:14 | 00,066,082 | ---- | C] ()
c_20284.nls -> %SystemRoot%\System32\dllcache\c_20284.nls -> [2009/02/11 17:28:14 | 00,066,082 | ---- | C] ()
c_20280.nls -> %SystemRoot%\System32\dllcache\c_20280.nls -> [2009/02/11 17:28:14 | 00,066,082 | ---- | C] ()
c_20278.nls -> %SystemRoot%\System32\dllcache\c_20278.nls -> [2009/02/11 17:28:13 | 00,066,082 | ---- | C] ()
c_20277.nls -> %SystemRoot%\System32\dllcache\c_20277.nls -> [2009/02/11 17:28:13 | 00,066,082 | ---- | C] ()
c_20273.nls -> %SystemRoot%\System32\dllcache\c_20273.nls -> [2009/02/11 17:28:13 | 00,066,082 | ---- | C] ()
c_20269.nls -> %SystemRoot%\System32\dllcache\c_20269.nls -> [2009/02/11 17:28:12 | 00,066,082 | ---- | C] ()
c_20108.nls -> %SystemRoot%\System32\dllcache\c_20108.nls -> [2009/02/11 17:28:12 | 00,066,082 | ---- | C] ()
c_20107.nls -> %SystemRoot%\System32\dllcache\c_20107.nls -> [2009/02/11 17:28:11 | 00,066,082 | ---- | C] ()
c_20106.nls -> %SystemRoot%\System32\dllcache\c_20106.nls -> [2009/02/11 17:28:11 | 00,066,082 | ---- | C] ()
c_20005.nls -> %SystemRoot%\System32\dllcache\c_20005.nls -> [2009/02/11 17:28:10 | 00,187,938 | ---- | C] ()
c_20105.nls -> %SystemRoot%\System32\dllcache\c_20105.nls -> [2009/02/11 17:28:10 | 00,066,082 | ---- | C] ()
c_20003.nls -> %SystemRoot%\System32\dllcache\c_20003.nls -> [2009/02/11 17:28:09 | 00,185,378 | ---- | C] ()
c_20004.nls -> %SystemRoot%\System32\dllcache\c_20004.nls -> [2009/02/11 17:28:09 | 00,180,258 | ---- | C] ()
c_20001.nls -> %SystemRoot%\System32\dllcache\c_20001.nls -> [2009/02/11 17:28:08 | 00,186,402 | ---- | C] ()
c_20000.nls -> %SystemRoot%\System32\dllcache\c_20000.nls -> [2009/02/11 17:28:08 | 00,180,258 | ---- | C] ()
c_20002.nls -> %SystemRoot%\System32\dllcache\c_20002.nls -> [2009/02/11 17:28:08 | 00,173,602 | ---- | C] ()
c_1361.nls -> %SystemRoot%\System32\dllcache\c_1361.nls -> [2009/02/11 17:28:07 | 00,189,986 | ---- | C] ()
c_1149.nls -> %SystemRoot%\System32\dllcache\c_1149.nls -> [2009/02/11 17:28:05 | 00,066,082 | ---- | C] ()
c_1148.nls -> %SystemRoot%\System32\dllcache\c_1148.nls -> [2009/02/11 17:28:05 | 00,066,082 | ---- | C] ()
c_1147.nls -> %SystemRoot%\System32\dllcache\c_1147.nls -> [2009/02/11 17:28:05 | 00,066,082 | ---- | C] ()
c_1146.nls -> %SystemRoot%\System32\dllcache\c_1146.nls -> [2009/02/11 17:28:05 | 00,066,082 | ---- | C] ()
c_1145.nls -> %SystemRoot%\System32\dllcache\c_1145.nls -> [2009/02/11 17:28:05 | 00,066,082 | ---- | C] ()
c_1144.nls -> %SystemRoot%\System32\dllcache\c_1144.nls -> [2009/02/11 17:28:04 | 00,066,082 | ---- | C] ()
c_1143.nls -> %SystemRoot%\System32\dllcache\c_1143.nls -> [2009/02/11 17:28:04 | 00,066,082 | ---- | C] ()
c_1142.nls -> %SystemRoot%\System32\dllcache\c_1142.nls -> [2009/02/11 17:28:04 | 00,066,082 | ---- | C] ()
c_1141.nls -> %SystemRoot%\System32\dllcache\c_1141.nls -> [2009/02/11 17:28:04 | 00,066,082 | ---- | C] ()
c_1140.nls -> %SystemRoot%\System32\dllcache\c_1140.nls -> [2009/02/11 17:28:03 | 00,066,082 | ---- | C] ()
c_1047.nls -> %SystemRoot%\System32\dllcache\c_1047.nls -> [2009/02/11 17:28:03 | 00,066,082 | ---- | C] ()
c_10021.nls -> %SystemRoot%\System32\dllcache\c_10021.nls -> [2009/02/11 17:28:03 | 00,066,082 | ---- | C] ()
c_10008.nls -> %SystemRoot%\System32\dllcache\c_10008.nls -> [2009/02/11 17:28:02 | 00,173,602 | ---- | C] ()
c_10005.nls -> %SystemRoot%\System32\dllcache\c_10005.nls -> [2009/02/11 17:28:02 | 00,066,082 | ---- | C] ()
c_10004.nls -> %SystemRoot%\System32\dllcache\c_10004.nls -> [2009/02/11 17:28:02 | 00,066,082 | ---- | C] ()
c_10002.nls -> %SystemRoot%\System32\dllcache\c_10002.nls -> [2009/02/11 17:28:01 | 00,195,618 | ---- | C] ()
c_10003.nls -> %SystemRoot%\System32\dllcache\c_10003.nls -> [2009/02/11 17:28:01 | 00,177,698 | ---- | C] ()
c_10001.nls -> %SystemRoot%\System32\dllcache\c_10001.nls -> [2009/02/11 17:28:01 | 00,162,850 | ---- | C] ()
bulltlp3.sys -> %SystemRoot%\System32\dllcache\bulltlp3.sys -> [2009/02/11 17:28:00 | 00,013,824 | ---- | C] (Microsoft Corporation)
brzwlan.sys -> %SystemRoot%\System32\dllcache\brzwlan.sys -> [2009/02/11 17:27:57 | 00,031,529 | ---- | C] (BreezeCOM)
brusbscn.sys -> %SystemRoot%\System32\dllcache\brusbscn.sys -> [2009/02/11 17:27:57 | 00,010,368 | ---- | C] (Brother Industries Ltd.)
brusbmdm.sys -> %SystemRoot%\System32\dllcache\brusbmdm.sys -> [2009/02/11 17:27:56 | 00,011,008 | ---- | C] (Brother Industries Ltd.)
brserwdm.sys -> %SystemRoot%\System32\dllcache\brserwdm.sys -> [2009/02/11 17:27:55 | 00,060,416 | ---- | C] (Brother Industries Ltd.)
brserif.dll -> %SystemRoot%\System32\dllcache\brserif.dll -> [2009/02/11 17:27:54 | 00,009,728 | ---- | C] (Brother Industries, Ltd.)
brscnrsm.dll -> %SystemRoot%\System32\dllcache\brscnrsm.dll -> [2009/02/11 17:27:54 | 00,005,120 | ---- | C] (Brother Industries,Ltd.)
brparwdm.sys -> %SystemRoot%\System32\dllcache\brparwdm.sys -> [2009/02/11 17:27:52 | 00,039,552 | ---- | C] (Brother Industries Ltd.)
brparimg.sys -> %SystemRoot%\System32\dllcache\brparimg.sys -> [2009/02/11 17:27:52 | 00,003,168 | ---- | C] (Brother Industries Ltd.)
brmfusb.dll -> %SystemRoot%\System32\dllcache\brmfusb.dll -> [2009/02/11 17:27:50 | 00,041,472 | ---- | C] (Brother Industries, Ltd.)
brmfrsmg.exe -> %SystemRoot%\System32\dllcache\brmfrsmg.exe -> [2009/02/11 17:27:49 | 00,032,256 | ---- | C] (Brother Industries, Ltd.)
brmflpt.dll -> %SystemRoot%\System32\dllcache\brmflpt.dll -> [2009/02/11 17:27:49 | 00,029,696 | ---- | C] (Brother Industries, Ltd.)
brmfcwia.dll -> %SystemRoot%\System32\dllcache\brmfcwia.dll -> [2009/02/11 17:27:48 | 00,081,408 | ---- | C] (Microsoft Corporation)
brmfbidi.dll -> %SystemRoot%\System32\dllcache\brmfbidi.dll -> [2009/02/11 17:27:47 | 00,015,360 | ---- | C] (Brother Industries, Ltd.)
brfiltup.sys -> %SystemRoot%\System32\dllcache\brfiltup.sys -> [2009/02/11 17:27:47 | 00,003,968 | ---- | C] (Brother Industries, Ltd.)
brfiltlo.sys -> %SystemRoot%\System32\dllcache\brfiltlo.sys -> [2009/02/11 17:27:46 | 00,012,160 | ---- | C] (Brother Industries, Ltd.)
brevif.dll -> %SystemRoot%\System32\dllcache\brevif.dll -> [2009/02/11 17:27:45 | 00,012,800 | ---- | C] (Brother Industries, Ltd.)
brfilt.sys -> %SystemRoot%\System32\dllcache\brfilt.sys -> [2009/02/11 17:27:45 | 00,002,944 | ---- | C] (Brother Industries Ltd.)
brcoinst.dll -> %SystemRoot%\System32\dllcache\brcoinst.dll -> [2009/02/11 17:27:44 | 00,009,728 | ---- | C] (Brother Industries Ltd.)
bopomofo.nls -> %SystemRoot%\System32\dllcache\bopomofo.nls -> [2009/02/11 17:27:43 | 00,082,172 | ---- | C] ()
brbidiif.dll -> %SystemRoot%\System32\dllcache\brbidiif.dll -> [2009/02/11 17:27:43 | 00,019,456 | ---- | C] (Brother Industries, Ltd.)
binlsvc.dll -> %SystemRoot%\System32\dllcache\binlsvc.dll -> [2009/02/11 17:27:40 | 00,102,400 | ---- | C] (Microsoft Corporation)
big5.nls -> %SystemRoot%\System32\dllcache\big5.nls -> [2009/02/11 17:27:40 | 00,066,728 | ---- | C] ()
bdaplgin.ax -> %SystemRoot%\System32\dllcache\bdaplgin.ax -> [2009/02/11 17:27:39 | 00,018,432 | ---- | C] (Microsoft Corporation)
bdasup.sys -> %SystemRoot%\System32\dllcache\bdasup.sys -> [2009/02/11 17:27:39 | 00,011,776 | ---- | C] (Microsoft Corporation)
bcmdm.sys -> %SystemRoot%\System32\dllcache\bcmdm.sys -> [2009/02/11 17:27:38 | 00,871,388 | ---- | C] (BCM)
banshee.sys -> %SystemRoot%\System32\dllcache\banshee.sys -> [2009/02/11 17:27:35 | 00,036,128 | ---- | C] (3Dfx Interactive, Inc.)
banshee.dll -> %SystemRoot%\System32\dllcache\banshee.dll -> [2009/02/11 17:27:34 | 00,342,336 | ---- | C] (3Dfx Interactive, Inc.)
b1cbase.sys -> %SystemRoot%\System32\dllcache\b1cbase.sys -> [2009/02/11 17:27:33 | 00,089,952 | ---- | C] (AVM GmbH)
aztw2320.sys -> %SystemRoot%\System32\dllcache\aztw2320.sys -> [2009/02/11 17:27:33 | 00,036,992 | ---- | C] (Aztech Systems Ltd)
avmwan.sys -> %SystemRoot%\System32\dllcache\avmwan.sys -> [2009/02/11 17:27:32 | 00,037,568 | ---- | C] (AVM GmbH)
avmenum.dll -> %SystemRoot%\System32\dllcache\avmenum.dll -> [2009/02/11 17:27:31 | 00,144,384 | ---- | C] (AVM GmbH)
avmcoxp.dll -> %SystemRoot%\System32\dllcache\avmcoxp.dll -> [2009/02/11 17:27:30 | 00,087,552 | ---- | C] (AVM GmbH)
avcstrm.sys -> %SystemRoot%\System32\dllcache\avcstrm.sys -> [2009/02/11 17:27:29 | 00,013,696 | ---- | C] (Microsoft Corporation)
avc.sys -> %SystemRoot%\System32\dllcache\avc.sys -> [2009/02/11 17:27:28 | 00,038,912 | ---- | C] (Microsoft Corporation)
avcaudio.sys -> %SystemRoot%\System32\dllcache\avcaudio.sys -> [2009/02/11 17:27:28 | 00,036,096 | ---- | C] (Microsoft Corporation)
atixbar.sys -> %SystemRoot%\System32\dllcache\atixbar.sys -> [2009/02/11 17:27:23 | 00,023,552 | ---- | C] ()
ativxbar.sys -> %SystemRoot%\System32\dllcache\ativxbar.sys -> [2009/02/11 17:27:22 | 00,026,624 | ---- | C] ()
ativttxx.sys -> %SystemRoot%\System32\dllcache\ativttxx.sys -> [2009/02/11 17:27:21 | 00,019,456 | ---- | C] ()
ativmdcd.sys -> %SystemRoot%\System32\dllcache\ativmdcd.sys -> [2009/02/11 17:27:21 | 00,009,472 | ---- | C] ()
atitvsnd.sys -> %SystemRoot%\System32\dllcache\atitvsnd.sys -> [2009/02/11 17:27:20 | 00,017,152 | ---- | C] ()
atitunep.sys -> %SystemRoot%\System32\dllcache\atitunep.sys -> [2009/02/11 17:27:20 | 00,017,152 | ---- | C] ()
atirtcap.sys -> %SystemRoot%\System32\dllcache\atirtcap.sys -> [2009/02/11 17:27:19 | 00,049,920 | ---- | C] ()
atirtsnd.sys -> %SystemRoot%\System32\dllcache\atirtsnd.sys -> [2009/02/11 17:27:19 | 00,026,880 | ---- | C] ()
atipcxxx.sys -> %SystemRoot%\System32\dllcache\atipcxxx.sys -> [2009/02/11 17:27:17 | 00,010,240 | ---- | C] ()
atievxx.exe -> %SystemRoot%\System32\dllcache\atievxx.exe -> [2009/02/11 17:27:13 | 00,037,376 | ---- | C] (Microsoft Corporation)
atibt829.sys -> %SystemRoot%\System32\dllcache\atibt829.sys -> [2009/02/11 17:27:11 | 00,046,464 | ---- | C] ()
ati.dll -> %SystemRoot%\System32\dllcache\ati.dll -> [2009/02/11 17:27:06 | 00,096,128 | ---- | C] (Microsoft Corporation)
ati.sys -> %SystemRoot%\System32\dllcache\ati.sys -> [2009/02/11 17:27:06 | 00,077,568 | ---- | C] (ATI Technologies, Inc.)
aspndis3.sys -> %SystemRoot%\System32\dllcache\aspndis3.sys -> [2009/02/11 17:27:05 | 00,097,354 | ---- | C] (Bay Networks, Inc.)
EXCH_aqadmin.dll -> %SystemRoot%\System32\dllcache\EXCH_aqadmin.dll -> [2009/02/11 17:27:02 | 00,045,056 | ---- | C] (Microsoft Corporation)
apmbatt.sys -> %SystemRoot%\System32\dllcache\apmbatt.sys -> [2009/02/11 17:27:01 | 00,006,272 | ---- | C] (Microsoft Corporation)
amb8002.sys -> %SystemRoot%\System32\dllcache\amb8002.sys -> [2009/02/11 17:26:59 | 00,016,969 | ---- | C] (AmbiCom, Inc.)
agcgauge.ax -> %SystemRoot%\System32\dllcache\agcgauge.ax -> [2009/02/11 17:26:44 | 00,024,576 | ---- | C] (Microsoft Corporation)
EXCH_adsiisex.dll -> %SystemRoot%\System32\dllcache\EXCH_adsiisex.dll -> [2009/02/11 17:26:40 | 00,005,632 | ---- | C] (Microsoft Corporation)
adptsf50.sys -> %SystemRoot%\System32\dllcache\adptsf50.sys -> [2009/02/11 17:26:39 | 00,046,112 | ---- | C] (Adaptec, Inc )
admjoy.sys -> %SystemRoot%\System32\dllcache\admjoy.sys -> [2009/02/11 17:26:38 | 00,010,880 | ---- | C] (Aureal, Inc.)
adm8830.sys -> %SystemRoot%\System32\dllcache\adm8830.sys -> [2009/02/11 17:26:37 | 00,747,392 | ---- | C] (Aureal, Inc.)
adm8820.sys -> %SystemRoot%\System32\dllcache\adm8820.sys -> [2009/02/11 17:26:37 | 00,553,984 | ---- | C] (Aureal, Inc.)
adm8810.sys -> %SystemRoot%\System32\dllcache\adm8810.sys -> [2009/02/11 17:26:36 | 00,584,448 | ---- | C] (Aureal, Inc.)
adm8511.sys -> %SystemRoot%\System32\dllcache\adm8511.sys -> [2009/02/11 17:26:36 | 00,020,160 | ---- | C] (ADMtek Incorporated)
adicvls.sys -> %SystemRoot%\System32\dllcache\adicvls.sys -> [2009/02/11 17:26:35 | 00,007,424 | ---- | C] (Microsoft Corporation)
acerscad.dll -> %SystemRoot%\System32\dllcache\acerscad.dll -> [2009/02/11 17:26:34 | 00,061,440 | ---- | C] (Color Flatbed Scanner)
ac97sis.sys -> %SystemRoot%\System32\dllcache\ac97sis.sys -> [2009/02/11 17:26:32 | 00,297,728 | ---- | C] (Silicon Integrated Systems Corp.)
a3dapi.dll -> %SystemRoot%\System32\dllcache\a3dapi.dll -> [2009/02/11 17:26:30 | 00,462,848 | ---- | C] (Aureal Inc.)
a3d.dll -> %SystemRoot%\System32\dllcache\a3d.dll -> [2009/02/11 17:26:30 | 00,098,304 | ---- | C] (Aureal Semiconductor)
61883.sys -> %SystemRoot%\System32\dllcache\61883.sys -> [2009/02/11 17:26:29 | 00,048,128 | ---- | C] (Microsoft Corporation)
8514a.dll -> %SystemRoot%\System32\dllcache\8514a.dll -> [2009/02/11 17:26:29 | 00,038,400 | ---- | C] (Microsoft Corporation)
4mmdat.sys -> %SystemRoot%\System32\dllcache\4mmdat.sys -> [2009/02/11 17:26:29 | 00,012,288 | ---- | C] (Microsoft Corporation)
3dfxvs.dll -> %SystemRoot%\System32\dllcache\3dfxvs.dll -> [2009/02/11 17:26:28 | 00,689,216 | ---- | C] (3dfx Interactive, Inc.)
3dfxvsm.sys -> %SystemRoot%\System32\dllcache\3dfxvsm.sys -> [2009/02/11 17:26:28 | 00,148,352 | ---- | C] (3dfx Interactive, Inc.)
3cwmcru.sys -> %SystemRoot%\System32\dllcache\3cwmcru.sys -> [2009/02/11 17:26:27 | 00,762,780 | ---- | C] (3Com, Inc.)
1394vdbg.sys -> %SystemRoot%\System32\dllcache\1394vdbg.sys -> [2009/02/11 17:26:27 | 00,011,264 | ---- | C] (Microsoft Corporation)
1394bus.sys -> %SystemRoot%\System32\dllcache\1394bus.sys -> [2009/02/11 17:26:26 | 00,053,376 | ---- | C] (Microsoft Corporation)
s3legacy.dll -> %SystemRoot%\System32\dllcache\s3legacy.dll -> [2009/02/11 17:25:40 | 00,066,048 | ---- | C] (Microsoft Corporation)
DynamicPhotoHDR4 -> %ProgramFiles%\DynamicPhotoHDR4 -> [2009/02/10 16:30:34 | 00,000,000 | ---D | C]
Malwarebytes -> %AppData%\Malwarebytes -> [2009/02/10 16:30:10 | 00,000,000 | ---D | C]
fo-401c.exe -> %UserProfile%\Desktop\fo-401c.exe -> [2009/02/10 16:29:17 | 11,887,974 | ---- | C] (Mediachance												 )
std20sasfx.exe -> %UserProfile%\Desktop\std20sasfx.exe -> [2009/02/03 16:29:30 | 33,200,640 | ---- | C] ()
dds.scr -> %UserProfile%\Desktop\dds.scr -> [2009/02/03 16:18:26 | 00,368,961 | ---- | C] ()
Windows Process Information.url -> %UserProfile%\Desktop\Windows Process Information.url -> [2009/02/03 16:07:43 | 00,000,199 | ---- | C] ()
Adobe Reader Speed Launch.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk -> [2009/02/03 15:51:31 | 00,001,757 | ---- | C] ()
Digital Line Detect.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Digital Line Detect.lnk -> [2009/02/03 15:51:31 | 00,000,493 | ---- | C] ()
GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2009/02/03 15:50:42 | 00,049,496 | ---- | C] ()
Uniblue -> %ProgramFiles%\Uniblue -> [2009/02/03 14:42:37 | 00,000,000 | ---D | C]
{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} -> %AllUsersProfile%\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} -> [2009/02/03 14:41:24 | 00,000,000 | -H-D | C]
Macromedia -> %AppData%\Macromedia -> [2009/02/03 14:19:44 | 00,000,000 | ---D | C]
Adobe -> %AppData%\Adobe -> [2009/02/03 14:12:30 | 00,000,000 | ---D | C]
AVGTOOLBAR -> %AppData%\AVGTOOLBAR -> [2009/02/03 10:21:43 | 00,000,000 | ---D | C]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2009/02/03 10:16:36 | 52,789,2480 | -HS- | C] ()
GTek -> %AppData%\GTek -> [2009/02/02 20:22:11 | 00,000,000 | -H-D | C]
Real -> %AppData%\Real -> [2009/02/02 20:22:07 | 00,000,000 | ---D | C]
Windows Media Player.lnk -> %UserProfile%\Desktop\Windows Media Player.lnk -> [2009/02/02 20:20:27 | 00,000,782 | ---- | C] ()
desktop.ini -> %AppData%\desktop.ini -> [2009/02/02 20:19:40 | 00,000,062 | -HS- | C] ()
IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [2009/02/02 20:19:36 | 03,237,986 | -H-- | C] ()
desktop.ini -> %UserProfile%\My Documents\desktop.ini -> [2009/02/02 20:19:31 | 00,000,078 | -HS- | C] ()
desktop.ini -> %UserProfile%\Start Menu\Programs\Startup\desktop.ini -> [2009/02/02 20:19:22 | 00,000,084 | -HS- | C] ()
Microsoft -> %AppData%\Microsoft -> [2009/02/02 20:19:22 | 00,000,000 | --SD | C]
Application Data -> %AppData% -> [2009/02/02 20:19:22 | 00,000,000 | RH-D | C]
Favorites -> %UserProfile%\Favorites -> [2009/02/02 20:19:22 | 00,000,000 | R--D | C]
Cookies -> %UserProfile%\Cookies -> [2009/02/02 20:19:22 | 00,000,000 | -HSD | C]
Symantec -> %AppData%\Symantec -> [2009/02/02 20:19:22 | 00,000,000 | ---D | C]
Sun -> %AppData%\Sun -> [2009/02/02 20:19:22 | 00,000,000 | ---D | C]
Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft -> [2009/02/02 20:19:22 | 00,000,000 | ---D | C]
Jasc Software Inc -> %AppData%\Jasc Software Inc -> [2009/02/02 20:19:22 | 00,000,000 | ---D | C]
Identities -> %AppData%\Identities -> [2009/02/02 20:19:22 | 00,000,000 | ---D | C]
Desktop -> %UserProfile%\Desktop -> [2009/02/02 20:19:22 | 00,000,000 | ---D | C]
BVRP Software -> %UserProfile%\Local Settings\Application Data\BVRP Software -> [2009/02/02 20:19:22 | 00,000,000 | ---D | C]
ApplicationHistory -> %UserProfile%\Local Settings\Application Data\ApplicationHistory -> [2009/02/02 20:19:22 | 00,000,000 | ---D | C]
{7148F0A6-6813-11D6-A77B-00B0D0142030} -> %UserProfile%\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030} -> [2009/02/02 20:19:22 | 00,000,000 | ---D | C]
NTUSER.DAT -> %UserProfile%\NTUSER.DAT -> [2009/02/02 20:19:21 | 01,310,720 | -H-- | C] ()
ntuser.ini -> %UserProfile%\ntuser.ini -> [2009/02/02 20:19:21 | 00,000,178 | -HS- | C] ()
SendTo -> %UserProfile%\SendTo -> [2009/02/02 20:19:21 | 00,000,000 | RH-D | C]
Recent -> %UserProfile%\Recent -> [2009/02/02 20:19:21 | 00,000,000 | RH-D | C]
Start Menu -> %UserProfile%\Start Menu -> [2009/02/02 20:19:21 | 00,000,000 | R--D | C]
My Pictures -> %UserProfile%\My Documents\My Pictures -> [2009/02/02 20:19:21 | 00,000,000 | R--D | C]
My Music -> %UserProfile%\My Documents\My Music -> [2009/02/02 20:19:21 | 00,000,000 | R--D | C]
My Documents -> %UserProfile%\My Documents -> [2009/02/02 20:19:21 | 00,000,000 | R--D | C]
Templates -> %UserProfile%\Templates -> [2009/02/02 20:19:21 | 00,000,000 | -H-D | C]
PrintHood -> %UserProfile%\PrintHood -> [2009/02/02 20:19:21 | 00,000,000 | -H-D | C]
NetHood -> %UserProfile%\NetHood -> [2009/02/02 20:19:21 | 00,000,000 | -H-D | C]
Local Settings -> %UserProfile%\Local Settings -> [2009/02/02 20:19:21 | 00,000,000 | -H-D | C]
CCWin -> %UserProfile%\My Documents\CCWin -> [2009/02/02 20:19:21 | 00,000,000 | ---D | C]
o4Patch.exe -> %SystemRoot%\System32\o4Patch.exe -> [2009/02/02 16:03:56 | 00,082,944 | ---- | C] (S!Ri.URZ)
IEDFix.C.exe -> %SystemRoot%\System32\IEDFix.C.exe -> [2009/02/02 16:03:56 | 00,082,944 | ---- | C] (S!Ri.URZ)
AntiXPVSTFix.exe -> %SystemRoot%\System32\AntiXPVSTFix.exe -> [2009/02/02 16:03:54 | 00,088,576 | ---- | C] (S!Ri.URZ)
404Fix.exe -> %SystemRoot%\System32\404Fix.exe -> [2009/02/02 16:03:53 | 00,082,432 | ---- | C] (S!Ri.URZ)
VACFix.exe -> %SystemRoot%\System32\VACFix.exe -> [2009/02/02 16:03:52 | 00,087,552 | ---- | C] (S!Ri.URZ)
IEDFix.exe -> %SystemRoot%\System32\IEDFix.exe -> [2009/02/02 16:03:50 | 00,082,944 | ---- | C] (S!Ri.URZ)
WS2Fix.exe -> %SystemRoot%\System32\WS2Fix.exe -> [2009/02/02 16:03:49 | 00,025,600 | ---- | C] ()
VCCLSID.exe -> %SystemRoot%\System32\VCCLSID.exe -> [2009/02/02 16:03:48 | 00,289,144 | ---- | C] (S!Ri)
swxcacls.exe -> %SystemRoot%\System32\swxcacls.exe -> [2009/02/02 16:03:46 | 00,079,360 | ---- | C] (SteelWerX)
SrchSTS.exe -> %SystemRoot%\System32\SrchSTS.exe -> [2009/02/02 16:03:45 | 00,288,417 | ---- | C] (S!Ri)
dumphive.exe -> %SystemRoot%\System32\dumphive.exe -> [2009/02/02 16:03:45 | 00,051,200 | ---- | C] ()
swsc.exe -> %SystemRoot%\System32\swsc.exe -> [2009/02/02 16:03:43 | 00,040,960 | ---- | C] ()
swreg.exe -> %SystemRoot%\System32\swreg.exe -> [2009/02/02 16:03:41 | 00,135,168 | ---- | C] (SteelWerX)
Process.exe -> %SystemRoot%\System32\Process.exe -> [2009/02/02 16:03:39 | 00,053,248 | ---- | C] (http://www.beyondlogic.org)
Microsoft -> %ProgramFiles%\Microsoft -> [2009/01/21 12:19:54 | 00,000,000 | ---D | C]
Windows Live SkyDrive -> %ProgramFiles%\Windows Live SkyDrive -> [2009/01/21 12:19:50 | 00,000,000 | ---D | C]
FreeRIP -> %AllUsersProfile%\Application Data\FreeRIP -> [2009/01/21 12:18:40 | 00,000,000 | ---D | C]
Free Audio Pack -> %ProgramFiles%\Free Audio Pack -> [2009/01/21 12:18:40 | 00,000,000 | ---D | C]
PolderbitS -> %ProgramFiles%\PolderbitS -> [2009/01/21 12:17:45 | 00,000,000 | ---D | C]
LastGood(2).Tmp -> %SystemRoot%\LastGood(2).Tmp -> [2009/01/21 12:15:49 | 00,000,000 | ---D | C]
Config.Msi -> %SystemDrive%\Config.Msi -> [2009/01/21 11:55:22 | 00,000,000 | ---D | C]
Windows Desktop Search -> %ProgramFiles%\Windows Desktop Search -> [2009/01/19 20:56:26 | 00,000,000 | ---D | C]
GroupPolicy -> %SystemRoot%\System32\GroupPolicy -> [2009/01/19 20:56:24 | 00,000,000 | ---D | C]
spmsg.dll -> %SystemRoot%\System32\spmsg.dll -> [2009/01/19 20:53:58 | 00,017,272 | ---- | C] (Microsoft Corporation)
Windows Media Connect 2 -> %ProgramFiles%\Windows Media Connect 2 -> [2009/01/19 20:53:03 | 00,000,000 | ---D | C]
BCMWLNPF.SYS -> %SystemRoot%\System32\drivers\BCMWLNPF.SYS -> [2009/01/19 20:46:45 | 00,033,664 | ---- | C] (CACE Technologies)
preflib.dll -> %SystemRoot%\System32\preflib.dll -> [2009/01/19 20:46:38 | 00,086,016 | ---- | C] ()
bcmwlpkt.dll -> %SystemRoot%\System32\bcmwlpkt.dll -> [2009/01/19 20:46:32 | 00,069,632 | ---- | C] (CACE Technologies)
WLBCGCBPRO731.DLL -> %SystemRoot%\System32\WLBCGCBPRO731.DLL -> [2009/01/19 20:46:22 | 02,129,920 | ---- | C] (BCGSoft Ltd)
bcm1xsup.dll -> %SystemRoot%\System32\bcm1xsup.dll -> [2009/01/19 20:46:22 | 00,757,760 | ---- | C] ()
microsoft -> %AllUsersProfile%\Documents\microsoft -> [2009/01/19 20:08:44 | 00,000,000 | ---D | C]
Windows Live -> %ProgramFiles%\Windows Live -> [2009/01/19 20:08:14 | 00,000,000 | ---D | C]
Windows Live -> %CommonProgramFiles%\Windows Live -> [2009/01/19 20:02:15 | 00,000,000 | ---D | C]
RCSigProc.dll -> %SystemRoot%\System32\RCSigProc.dll -> [2009/01/19 11:08:45 | 00,110,592 | ---- | C] (Nikon Corporation)
NEFcodec.dll -> %SystemRoot%\System32\NEFcodec.dll -> [2009/01/19 11:08:43 | 06,760,280 | ---- | C] (Nikon Inc.)
Strato7.dll -> %SystemRoot%\System32\Strato7.dll -> [2009/01/19 11:08:43 | 00,200,704 | ---- | C] (Nikon Corporation)
SpoonUninstall.exe -> %SystemRoot%\System32\SpoonUninstall.exe -> [2009/01/14 21:27:40 | 05,068,152 | ---- | C] ()
SpoonUninstall-dBpoweramp Music Converter.bmp -> %SystemRoot%\System32\SpoonUninstall-dBpoweramp Music Converter.bmp -> [2009/01/14 21:27:40 | 00,033,846 | ---- | C] ()
SpoonUninstall-dBpoweramp Music Converter.dat -> %SystemRoot%\System32\SpoonUninstall-dBpoweramp Music Converter.dat -> [2009/01/14 21:27:40 | 00,013,785 | ---- | C] ()
Illustrate -> %ProgramFiles%\Illustrate -> [2009/01/14 21:27:35 | 00,000,000 | ---D | C]
 
[Files/Folders - Modified Within 30 Days]
1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
sfdb.dat -> %UserProfile%\Local Settings\Temp\jkos-Jolleys\engine\bases\sfdb.dat -> [2009/02/13 19:51:49 | 00,141,344 | ---- | M] ()
User_Feed_Synchronization-{89281E45-B53B-41D6-903E-5CE3077C3FCD}.job -> %SystemRoot%\tasks\User_Feed_Synchronization-{89281E45-B53B-41D6-903E-5CE3077C3FCD}.job -> [2009/02/13 19:50:00 | 00,000,434 | -H-- | M] ()
Docs and settings.html -> %UserProfile%\Desktop\Docs and settings.html -> [2009/02/13 19:37:43 | 00,005,048 | ---- | M] ()
NTUSER.DAT -> %UserProfile%\NTUSER.DAT -> [2009/02/13 19:30:15 | 01,310,720 | -H-- | M] ()
kosglue-7.0.25.0.dll -> %UserProfile%\Local Settings\Temp\jkos-Jolleys\binaries\kosglue-7.0.25.0.dll -> [2009/02/13 19:17:43 | 00,729,152 | ---- | M] (Kaspersky Lab)
msvcr80.dll -> %UserProfile%\Local Settings\Temp\jkos-Jolleys\binaries\msvcr80.dll -> [2009/02/13 19:17:42 | 00,626,688 | ---- | M] (Microsoft Corporation)
msvcp80.dll -> %UserProfile%\Local Settings\Temp\jkos-Jolleys\binaries\msvcp80.dll -> [2009/02/13 19:17:42 | 00,548,864 | ---- | M] (Microsoft Corporation)
kave.dll -> %UserProfile%\Local Settings\Temp\jkos-Jolleys\binaries\kave.dll -> [2009/02/13 19:17:42 | 00,282,624 | ---- | M] (Kaspersky Lab.)
prLoader.dll -> %UserProfile%\Local Settings\Temp\jkos-Jolleys\binaries\prLoader.dll -> [2009/02/13 19:17:42 | 00,184,320 | ---- | M] (Kaspersky Lab)
ScanningProcess.exe -> %UserProfile%\Local Settings\Temp\jkos-Jolleys\binaries\ScanningProcess.exe -> [2009/02/13 19:17:42 | 00,139,264 | ---- | M] (Kaspersky Lab.)
prremote.dll -> %UserProfile%\Local Settings\Temp\jkos-Jolleys\binaries\prremote.dll -> [2009/02/13 19:17:42 | 00,090,112 | ---- | M] (Kaspersky Lab)
ikave.dll -> %UserProfile%\Local Settings\Temp\jkos-Jolleys\binaries\ikave.dll -> [2009/02/13 19:17:42 | 00,065,536 | ---- | M] ()
FSSync.dll -> %UserProfile%\Local Settings\Temp\jkos-Jolleys\binaries\FSSync.dll -> [2009/02/13 19:17:42 | 00,038,400 | ---- | M] (Kaspersky Lab)
msvcm80.dll -> %UserProfile%\Local Settings\Temp\jkos-Jolleys\binaries\msvcm80.dll -> [2009/02/13 19:17:41 | 00,479,232 | ---- | M] (Microsoft Corporation)
Computer functions like it has a virus but antivirus cant find one..url -> %UserProfile%\Desktop\Computer functions like it has a virus but antivirus cant find one..url -> [2009/02/13 16:31:52 | 00,006,460 | ---- | M] ()
rtdrvmon.exe -> %UserProfile%\Local Settings\Temp\rtdrvmon.exe -> [2009/02/13 12:51:29 | 00,040,960 | ---- | M] (Realtek)
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2009/02/13 12:50:22 | 00,002,206 | ---- | M] ()
Perflib_Perfdata_d0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_d0.dat -> [2009/02/13 12:49:51 | 00,016,384 | ---- | M] ()
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2009/02/13 12:49:46 | 00,000,006 | -H-- | M] ()
bootstat.dat -> %SystemRoot%\bootstat.dat -> [2009/02/13 12:49:30 | 00,002,048 | --S- | M] ()
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2009/02/13 12:49:24 | 52,789,2480 | -HS- | M] ()
ntuser.ini -> %UserProfile%\ntuser.ini -> [2009/02/13 12:48:25 | 00,000,178 | -HS- | M] ()
incavi.avm -> %SystemRoot%\System32\drivers\Avg\incavi.avm -> [2009/02/13 12:42:00 | 33,077,817 | ---- | M] ()
gmer.ini -> %SystemRoot%\gmer.ini -> [2009/02/12 19:52:01 | 00,000,250 | ---- | M] ()
gmer.dll -> %SystemRoot%\gmer.dll -> [2009/02/12 19:51:58 | 00,884,736 | ---- | M] ()
gmer.sys -> %SystemRoot%\System32\drivers\gmer.sys -> [2009/02/12 19:51:58 | 00,085,969 | ---- | M] (GMER)
gmer_uninstall.cmd -> %SystemRoot%\gmer_uninstall.cmd -> [2009/02/12 19:51:58 | 00,000,080 | ---- | M] ()
gmer.zip -> %UserProfile%\Desktop\gmer.zip -> [2009/02/12 19:49:11 | 00,747,873 | ---- | M] ()
OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2009/02/12 19:29:16 | 00,656,714 | ---- | M] ()
Windows Process Information.url -> %UserProfile%\Desktop\Windows Process Information.url -> [2009/02/11 17:04:08 | 00,000,199 | ---- | M] ()
microavi.avg -> %SystemRoot%\System32\drivers\Avg\microavi.avg -> [2009/02/11 17:00:42 | 00,102,133 | ---- | M] ()
imsins.BAK -> %SystemRoot%\imsins.BAK -> [2009/02/10 16:47:32 | 00,001,374 | ---- | M] ()
Dynamic-Photo HDR.lnk -> %AllUsersProfile%\Desktop\Dynamic-Photo HDR.lnk -> [2009/02/10 16:30:40 | 00,000,690 | ---- | M] ()
qmgr0.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2009/02/10 16:11:18 | 00,005,955 | ---- | M] ()
qmgr1.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2009/02/10 16:11:18 | 00,004,646 | ---- | M] ()
fo-401c.exe -> %UserProfile%\Desktop\fo-401c.exe -> [2009/02/10 15:13:16 | 11,887,974 | ---- | M] (Mediachance												 )
std20sasfx.exe -> %UserProfile%\Desktop\std20sasfx.exe -> [2009/02/03 16:29:32 | 33,200,640 | ---- | M] ()
MRT.exe -> %SystemRoot%\System32\MRT.exe -> [2009/02/03 16:21:12 | 21,244,864 | ---- | M] (Microsoft Corporation)
dds.scr -> %UserProfile%\Desktop\dds.scr -> [2009/02/03 16:18:53 | 00,368,961 | ---- | M] ()
win.ini -> %SystemRoot%\win.ini -> [2009/02/03 15:51:56 | 00,000,613 | ---- | M] ()
system.ini -> %SystemRoot%\system.ini -> [2009/02/03 15:51:56 | 00,000,227 | ---- | M] ()
boot.ini -> %SystemDrive%\boot.ini -> [2009/02/03 15:51:56 | 00,000,211 | RHS- | M] ()
GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2009/02/03 15:50:42 | 00,049,496 | ---- | M] ()
desktop.ini -> %UserProfile%\My Documents\desktop.ini -> [2009/02/02 20:20:34 | 00,000,078 | -HS- | M] ()
Windows Media Player.lnk -> %UserProfile%\Desktop\Windows Media Player.lnk -> [2009/02/02 20:20:27 | 00,000,782 | ---- | M] ()
avgrsstx.dll -> %SystemRoot%\System32\avgrsstx.dll -> [2009/01/30 17:28:15 | 00,010,520 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgldx86.sys -> %SystemRoot%\System32\drivers\avgldx86.sys -> [2009/01/30 17:28:14 | 00,325,128 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgmfx86.sys -> %SystemRoot%\System32\drivers\avgmfx86.sys -> [2009/01/30 17:28:14 | 00,027,656 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgtdix.sys -> %SystemRoot%\System32\drivers\avgtdix.sys -> [2009/01/30 17:28:11 | 00,107,272 | ---- | M] (AVG Technologies CZ, s.r.o.)
PKP_DLdw.DAT -> %AllUsersProfile%\Application Data\PKP_DLdw.DAT -> [2009/01/30 11:05:24 | 00,000,020 | -H-- | M] ()
hosts -> %SystemRoot%\System32\drivers\etc\hosts -> [2009/01/28 14:04:58 | 00,291,996 | R--- | M] ()
perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [2009/01/28 11:20:32 | 00,411,142 | ---- | M] ()
perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [2009/01/28 11:20:31 | 00,065,446 | ---- | M] ()
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2009/01/21 12:24:25 | 01,511,976 | ---- | M] ()
miniavi.avg -> %SystemRoot%\System32\drivers\Avg\miniavi.avg -> [2009/01/21 12:03:27 | 00,368,010 | ---- | M] ()
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2009/01/20 16:02:36 | 00,510,770 | ---- | M] ()
nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb -> [2009/01/19 21:25:13 | 00,023,392 | ---- | M] ()
amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb -> [2009/01/19 21:25:13 | 00,016,832 | ---- | M] ()
ViewNX.lnk -> %AllUsersProfile%\Desktop\ViewNX.lnk -> [2009/01/19 11:41:32 | 00,001,686 | ---- | M] ()
mshtml.dll -> %SystemRoot%\System32\mshtml.dll -> [2009/01/16 21:35:14 | 03,594,752 | ---- | M] (Microsoft Corporation)
mshtml.dll -> %SystemRoot%\System32\dllcache\mshtml.dll -> [2009/01/16 21:35:14 | 03,594,752 | ---- | M] (Microsoft Corporation)
SpoonUninstall-dBpoweramp Music Converter.dat -> %SystemRoot%\System32\SpoonUninstall-dBpoweramp Music Converter.dat -> [2009/01/14 21:27:40 | 00,013,785 | ---- | M] ()
SpoonUninstall-dBpoweramp Music Converter.bmp -> %SystemRoot%\System32\SpoonUninstall-dBpoweramp Music Converter.bmp -> [2009/01/14 21:27:20 | 00,033,846 | ---- | M] ()
SpoonUninstall.exe -> %SystemRoot%\System32\SpoonUninstall.exe -> [2009/01/14 21:27:19 | 05,068,152 | ---- | M] ()
opa11.dat -> %AllUsersProfile%\Application Data\Microsoft\OFFICE\DATA\opa11.dat -> [2005/09/24 16:17:40 | 00,008,558 | ---- | M] ()
 
[Alternate Data Streams]
@Alternate Data Stream - 1406 bytes -> %UserProfile%\Desktop\Computer functions like it has a virus but antivirus cant find one..url:favicon
@Alternate Data Stream - 1406 bytes -> %UserProfile%\Desktop\Windows Process Information.url:favicon
< End of report >

Attached Files


Edited by wicks_10, 13 February 2009 - 10:25 PM.


#7 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:14 AM

Posted 14 February 2009 - 10:04 AM

Hello.

Don't worry about it. Kaspersky takes really long sometimes.

Unless there are any issues at the moment, you're good to go.

Run Cleanup with OTScantIt
This will remove all the tools we used.
  • Double click the OTScanIt.exe icon in the OTScanIt folder on your desktop. If you are using Windows Vista, right click OTScanIt.exe and select Run as Administrator.
  • Click the CleanUp bottun.
  • Restart if prompted.
Set New System Restore Point
Now you should set a Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, tools cannot access it to delete these bad files, which sometimes can reinfect your system. Setting a new restore point after cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click System Restore.
  • Choose the radio button marked Create a Restore Point on the first screen then click Next. Give the Restore Point a name then click Create.
  • Then, click on Start > Run and type:
    cleanmgr
  • Click OK > More Options tab.
  • Click Clean Up in the System Restore section to remove all previous restore points except the newly created one.
Preventing Malware Infection in the Future
Please take some time to look at the following links, giving some advice and suggestions for preventing future infections: For general slowness problems that you may have, take a look at Slow Computer/browser? It May Not Be Malware. Read How to use the Startup Database to identify and disable uneeded processes and increase the amount of available resources.

Do you have any further questions or concerns?

With Regards,
The Panda

#8 wicks_10

wicks_10
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 14 February 2009 - 10:35 AM

Hello.

Thanks for your help again. The only question I have is what do I do with this stuff that kaspersky found listed below. Do I need to delete them or not worry about them? Other than that I think everything looks good. Thanks again.


C:\Documents and Settings\Britney Ann\Local Settings\Application Data\Microsoft\Windows Live Mail\Hotmail (wi d37\Inbox\1D5E1FF1-00000115.eml Suspicious: Trojan-Spy.HTML.Fraud.gen 1

C:\Documents and Settings\Britney Ann\Local Settings\Application Data\Microsoft\Windows Live Mail\Hotmail (wi d37\Inbox\214E342D-00000166.eml Suspicious: Trojan-Spy.HTML.Fraud.gen 1

C:\Documents and Settings\Britney Ann\Local Settings\Application Data\Microsoft\Windows Live Mail\Hotmail (wi d37\Inbox\25687613-0000013B.eml Suspicious: Trojan-Spy.HTML.Fraud.gen 1

C:\Documents and Settings\Britney Ann\Local Settings\Application Data\Microsoft\Windows Live Mail\Hotmail (wi d37\Inbox\2E396DA6-00000113.eml Suspicious: Trojan-Spy.HTML.Fraud.gen 1

C:\Documents and Settings\Britney Ann\Local Settings\Application Data\Microsoft\Windows Live Mail\Hotmail (wi d37\Inbox\2F0B58E6-0000013C.eml Suspicious: Trojan-Spy.HTML.Fraud.gen 1

C:\Documents and Settings\Britney Ann\Local Settings\Application Data\Microsoft\Windows Live Mail\Hotmail (wi d37\Inbox\387C579C-0000015C.eml Suspicious: Trojan-Spy.HTML.Fraud.gen 1

C:\Documents and Settings\Britney Ann\Local Settings\Application Data\Microsoft\Windows Live Mail\Hotmail (wi d37\Inbox\4D8F6117-0000018A.eml Suspicious: Trojan-Spy.HTML.Fraud.gen 1

C:\Documents and Settings\Britney Ann\Local Settings\Application Data\Microsoft\Windows Live Mail\Hotmail (wi d37\Inbox\6F9A7443-000001CD.eml Suspicious: Trojan-Spy.HTML.Fraud.gen 1

#9 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:14 AM

Posted 14 February 2009 - 10:52 AM

Hello.

Those are, as you can see, files embedded in saved emails. Usually, those are not a problem. Clearing out the Windows Live Mail email folders should take care of then.

With Regards,
The Panda

#10 wicks_10

wicks_10
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 14 February 2009 - 10:53 AM

Ok sounds good. Thanks for all your help.

#11 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:14 AM

Posted 15 February 2009 - 10:53 AM

.

Edited by PropagandaPanda, 15 February 2009 - 10:56 AM.


#12 wicks_10

wicks_10
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 18 February 2009 - 05:28 PM

Hello again.

Sorry but I have another question/problem. Before I had the problems that we worked through, my CPU fan would only kick fully on when the CPU was running close to 100%. Since we worked on it, it has never been better except for the fan. It turns on quite often now even when the CPU usage is very low. I have it in the same place it has always been and nothing seems to be blocking air flow. Is there anything that might have got changed that would cause it to turn on like it is doing now?

Thanks again for any help.

#13 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:14 AM

Posted 18 February 2009 - 05:50 PM

Hello.

I am not aware of any of the tools that we have used changing fan settings, or any hardware settings for that matter.

I would start a topic in the Windows XP Forum about that issue. There are certain software applications that can change the fan speed settings.

With Regards,
The Panda

#14 wicks_10

wicks_10
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:06:14 AM

Posted 18 February 2009 - 06:07 PM

Alright I'll try posting there and see what I can find out. Thanks again

#15 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:14 AM

Posted 20 February 2009 - 06:58 PM

Good luck there.

This topic is now closed.
If you are the topic starter and need this topic reopened, send me a message.

Everyone else, please begin a new topic.

With Regards,
The Panda




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users