Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

possible malware.


  • This topic is locked This topic is locked
10 replies to this topic

#1 likom_ubuntu

likom_ubuntu

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:07 PM

Posted 01 June 2009 - 02:45 PM

i did all the antivirus scans (kaspersky,norton,superantispyware,malwarebytes) and no result. my computer was dragging so i did run combofix :thumbup2: . As mentioned before i have already done the combofix scan. i wanted to be sure if or not i have been ridden from whatever it was. I can tell some good has happened coz computer feels snappy again. will provide the combofix log if asked for.

this is the DDS.txt as suggested


DDS (Ver_09-05-14.01) - NTFSx86
Run by Administrator at 1:18:13.17 on Tue 06/02/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.552 [GMT 5.75:45]

AV: avast! antivirus 4.8.1335 [VPS 090531-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Ad Muncher\AdMunch.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
svchost.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Documents and Settings\Administrator\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = local
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 9\SnagitBHO.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.21.0\gears.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Foxit Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} -
TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 9\SnagitIEAddin.dll
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
mRun: [Ad Muncher] "c:\program files\ad muncher\AdMunch.exe" /bt
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
IE: Block frame with Ad Muncher - http://www.admuncher.com/request_will_be_i...d=menu_ie_frame
IE: Block image with Ad Muncher - http://www.admuncher.com/request_will_be_i...d=menu_ie_image
IE: Block link with Ad Muncher - http://www.admuncher.com/request_will_be_i...id=menu_ie_link
IE: Don't filter page with Ad Muncher - http://www.admuncher.com/request_will_be_i...menu_ie_exclude
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Report page to the Ad Muncher developers - http://www.admuncher.com/request_will_be_i...=menu_ie_report
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.21.0\gears.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
TCP: {5737145F-5894-4306-84F3-6582C6C48D47} = 202.70.64.5,202.70.64.15
Notify: igfxcui - igfxsrvc.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\8zrcejh1.default\
FF - component: c:\documents and settings\administrator\application data\idm\idmmzcc3\components\idmmzcc.dll
FF - component: c:\program files\google\google gears\firefox\components\gears.dll
FF - plugin: c:\documents and settings\administrator\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\administrator\local settings\application data\google\update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.145.5\npGoogleOneClick8.dll

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-6-1 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-6-1 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-6-1 138680]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-6-1 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-6-1 352920]
R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2009-5-28 108032]
RUnknown phooks;phooks; [x]
S2 gupdate1c9e28cbfec4100;Google Update Service (gupdate1c9e28cbfec4100);c:\program files\google\update\GoogleUpdate.exe [2009-6-1 133104]

=============== Created Last 30 ================

2009-06-02 00:55 <DIR> --d----- c:\program files\Microsoft Bootvis
2009-06-02 00:33 <DIR> a-dshr-- C:\cmdcons
2009-06-02 00:30 <DIR> --d----- c:\program files\FreeFixer
2009-06-02 00:25 161,792 a------- c:\windows\SWREG.exe
2009-06-02 00:25 154,624 a------- c:\windows\PEV.exe
2009-06-02 00:25 98,816 a------- c:\windows\sed.exe
2009-06-01 22:21 <DIR> --d----- c:\docume~1\admini~1\applic~1\WinPatrol
2009-06-01 22:21 <DIR> --d----- c:\program files\BillP Studios
2009-06-01 20:38 1,970,176 a------- c:\windows\system32\d3dx9.dll
2009-06-01 20:38 679,936 a------- c:\windows\system32\D3DX81ab.dll
2009-06-01 20:38 <DIR> --d----- c:\program files\Cheat Engine
2009-06-01 12:56 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Kaspersky Lab Setup Files
2009-06-01 11:56 <DIR> --d----- c:\docume~1\admini~1\applic~1\Malwarebytes
2009-06-01 11:56 40,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-01 11:56 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-06-01 11:56 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-06-01 11:56 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-06-01 11:15 301,568 a------- c:\windows\system32\catohtxt.dll
2009-06-01 11:11 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-06-01 11:10 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-05-31 23:08 116,224 ac------ c:\windows\system32\dllcache\xrxwiadr.dll
2009-05-31 23:08 23,040 ac------ c:\windows\system32\dllcache\xrxwbtmp.dll
2009-05-31 23:08 18,944 ac------ c:\windows\system32\dllcache\xrxscnui.dll
2009-05-31 23:08 27,648 ac------ c:\windows\system32\dllcache\xrxftplt.exe
2009-05-31 23:08 4,608 ac------ c:\windows\system32\dllcache\xrxflnch.exe
2009-05-31 23:07 99,865 ac------ c:\windows\system32\dllcache\xlog.exe
2009-05-31 23:07 16,970 ac------ c:\windows\system32\dllcache\xem336n5.sys
2009-05-31 23:07 19,455 ac------ c:\windows\system32\dllcache\wvchntxx.sys
2009-05-31 23:07 12,063 ac------ c:\windows\system32\dllcache\wsiintxx.sys
2009-05-31 23:07 8,192 ac------ c:\windows\system32\dllcache\wshirda.dll
2009-05-31 23:07 8,832 ac------ c:\windows\system32\dllcache\wmiacpi.sys
2009-05-31 23:07 154,624 ac------ c:\windows\system32\dllcache\wlluc48.sys
2009-05-31 23:07 34,890 ac------ c:\windows\system32\dllcache\wlandrv2.sys
2009-05-31 23:07 771,581 ac------ c:\windows\system32\dllcache\winacisa.sys
2009-05-31 23:05 19,528 ac------ c:\windows\system32\dllcache\w840nd.sys
2009-05-31 23:05 64,605 ac------ c:\windows\system32\dllcache\vvoice.sys
2009-05-31 23:05 397,502 ac------ c:\windows\system32\dllcache\vpctcom.sys
2009-05-31 23:05 604,253 ac------ c:\windows\system32\dllcache\vmodem.sys
2009-05-31 23:05 249,402 ac------ c:\windows\system32\dllcache\vinwm.sys
2009-05-31 23:05 24,576 ac------ c:\windows\system32\dllcache\viairda.sys
2009-05-31 23:05 5,376 ac------ c:\windows\system32\dllcache\viaide.sys
2009-05-31 23:05 42,240 ac------ c:\windows\system32\dllcache\viaagp.sys
2009-05-31 23:05 11,325 ac------ c:\windows\system32\dllcache\vchnt5.dll
2009-05-31 23:05 687,999 ac------ c:\windows\system32\dllcache\usrwdxjs.sys
2009-05-31 23:05 765,884 ac------ c:\windows\system32\dllcache\usrti.sys
2009-05-31 23:03 69,632 ac------ c:\windows\system32\dllcache\umaxu12.dll
2009-05-31 23:03 50,688 ac------ c:\windows\system32\dllcache\umaxscan.dll
2009-05-31 23:03 22,912 ac------ c:\windows\system32\dllcache\umaxpcls.sys
2009-05-31 23:03 50,176 ac------ c:\windows\system32\dllcache\umaxp60.dll
2009-05-31 23:03 47,616 ac------ c:\windows\system32\dllcache\umaxcam.dll
2009-05-31 23:03 211,968 ac------ c:\windows\system32\dllcache\um54scan.dll
2009-05-31 23:03 216,064 ac------ c:\windows\system32\dllcache\um34scan.dll
2009-05-31 23:03 36,736 ac------ c:\windows\system32\dllcache\ultra.sys
2009-05-31 23:03 44,672 ac------ c:\windows\system32\dllcache\uagp35.sys
2009-05-31 23:03 11,520 ac------ c:\windows\system32\dllcache\twotrack.sys
2009-05-31 23:03 166,784 ac------ c:\windows\system32\dllcache\tridxpm.sys
2009-05-31 23:02 525,568 ac------ c:\windows\system32\dllcache\tridxp.dll
2009-05-31 23:02 159,232 ac------ c:\windows\system32\dllcache\tridkbm.sys
2009-05-31 23:02 440,576 ac------ c:\windows\system32\dllcache\tridkb.dll
2009-05-31 23:02 222,336 ac------ c:\windows\system32\dllcache\trid3dm.sys
2009-05-31 23:02 315,520 ac------ c:\windows\system32\dllcache\trid3d.dll
2009-05-31 23:02 34,375 ac------ c:\windows\system32\dllcache\tpro4.sys
2009-05-31 23:02 42,496 ac------ c:\windows\system32\dllcache\tp4res.dll
2009-05-31 23:02 82,944 ac------ c:\windows\system32\dllcache\tp4mon.exe
2009-05-31 23:02 31,744 ac------ c:\windows\system32\dllcache\tp4.dll
2009-05-31 23:02 4,992 ac------ c:\windows\system32\dllcache\toside.sys
2009-05-31 23:02 230,912 ac------ c:\windows\system32\dllcache\tosdvd03.sys
2009-05-31 23:01 241,664 ac------ c:\windows\system32\dllcache\tosdvd02.sys
2009-05-31 23:01 28,232 ac------ c:\windows\system32\dllcache\tos4mo.sys
2009-05-31 23:01 123,995 ac------ c:\windows\system32\dllcache\tjisdn.sys
2009-05-31 23:01 138,528 ac------ c:\windows\system32\dllcache\tgiulnt5.sys
2009-05-31 23:01 81,408 ac------ c:\windows\system32\dllcache\tgiul50.dll
2009-05-31 23:01 149,376 ac------ c:\windows\system32\dllcache\tffsport.sys
2009-05-31 23:01 17,129 ac------ c:\windows\system32\dllcache\tdkcd31.sys
2009-05-31 23:01 37,961 ac------ c:\windows\system32\dllcache\tdk100b.sys
2009-05-31 23:01 30,464 ac------ c:\windows\system32\dllcache\tbatm155.sys
2009-05-31 23:01 7,040 ac------ c:\windows\system32\dllcache\tandqic.sys
2009-05-31 23:01 36,640 ac------ c:\windows\system32\dllcache\t2r4mini.sys
2009-05-31 23:00 172,768 ac------ c:\windows\system32\dllcache\t2r4disp.dll
2009-05-31 23:00 32,640 ac------ c:\windows\system32\dllcache\symc8xx.sys
2009-05-31 23:00 16,256 ac------ c:\windows\system32\dllcache\symc810.sys
2009-05-31 23:00 30,688 ac------ c:\windows\system32\dllcache\sym_u3.sys
2009-05-31 23:00 28,384 ac------ c:\windows\system32\dllcache\sym_hi.sys
2009-05-31 23:00 94,293 ac------ c:\windows\system32\dllcache\sxports.dll
2009-05-31 23:00 103,936 ac------ c:\windows\system32\dllcache\sx.sys
2009-05-31 23:00 3,968 ac------ c:\windows\system32\dllcache\swusbflt.sys
2009-05-31 23:00 10,240 ac------ c:\windows\system32\dllcache\swpidflt.dll
2009-05-31 23:00 10,240 ac------ c:\windows\system32\dllcache\swpdflt2.dll
2009-05-31 23:00 53,760 ac------ c:\windows\system32\dllcache\sw_wheel.dll
2009-05-31 22:59 41,472 ac------ c:\windows\system32\dllcache\sw_effct.dll
2009-05-31 22:59 155,648 ac------ c:\windows\system32\dllcache\stlnprop.dll
2009-05-31 22:59 53,248 ac------ c:\windows\system32\dllcache\stlncoin.dll
2009-05-31 22:59 285,760 ac------ c:\windows\system32\dllcache\stlnata.sys
2009-05-31 22:59 16,896 ac------ c:\windows\system32\dllcache\stcusb.sys
2009-05-31 22:59 48,736 ac------ c:\windows\system32\dllcache\srwlnd5.sys
2009-05-31 22:59 99,328 ac------ c:\windows\system32\dllcache\srusd.dll
2009-05-31 22:59 24,660 ac------ c:\windows\system32\dllcache\spxupchk.dll
2009-05-31 22:59 61,824 ac------ c:\windows\system32\dllcache\speed.sys
2009-05-31 22:59 106,584 ac------ c:\windows\system32\dllcache\spdports.dll
2009-05-31 22:58 19,072 ac------ c:\windows\system32\dllcache\sparrow.sys
2009-05-31 22:58 7,552 ac------ c:\windows\system32\dllcache\sonypvu1.sys
2009-05-31 22:58 37,040 ac------ c:\windows\system32\dllcache\sonypi.sys
2009-05-31 22:58 114,688 ac------ c:\windows\system32\dllcache\sonypi.dll
2009-05-31 22:58 20,752 ac------ c:\windows\system32\dllcache\sonync.sys
2009-05-31 22:58 9,600 ac------ c:\windows\system32\dllcache\sonymc.sys
2009-05-31 22:58 7,552 ac------ c:\windows\system32\dllcache\sonyait.sys
2009-05-31 22:58 7,040 ac------ c:\windows\system32\dllcache\snyaitmc.sys
2009-05-31 22:58 58,368 ac------ c:\windows\system32\dllcache\smiminib.sys
2009-05-31 22:58 147,200 ac------ c:\windows\system32\dllcache\smidispb.dll
2009-05-31 22:58 25,034 ac------ c:\windows\system32\dllcache\smcpwr2n.sys
2009-05-31 22:56 94,698 ac------ c:\windows\system32\dllcache\sk98xwin.sys
2009-05-31 22:56 157,696 ac------ c:\windows\system32\dllcache\sisv256.dll
2009-05-31 22:56 50,432 ac------ c:\windows\system32\dllcache\sisv.sys
2009-05-31 22:56 32,768 ac------ c:\windows\system32\dllcache\sisnic.sys
2009-05-31 22:56 238,592 ac------ c:\windows\system32\dllcache\sisgrv.dll
2009-05-31 22:56 104,064 ac------ c:\windows\system32\dllcache\sisgrp.sys
2009-05-31 22:56 40,960 ac------ c:\windows\system32\dllcache\sisagp.sys
2009-05-31 22:56 150,144 ac------ c:\windows\system32\dllcache\sis6306v.dll
2009-05-31 22:56 68,608 ac------ c:\windows\system32\dllcache\sis6306p.sys
2009-05-31 22:56 252,032 ac------ c:\windows\system32\dllcache\sis300iv.dll
2009-05-31 22:56 101,760 ac------ c:\windows\system32\dllcache\sis300ip.sys
2009-05-31 22:56 3,901 ac------ c:\windows\system32\dllcache\siint5.dll
2009-05-31 22:56 161,568 ac------ c:\windows\system32\dllcache\sgsmusb.sys
2009-05-31 22:55 18,400 ac------ c:\windows\system32\dllcache\sgsmld.sys
2009-05-31 22:55 98,080 ac------ c:\windows\system32\dllcache\sgiulnt5.sys
2009-05-31 22:55 386,560 ac------ c:\windows\system32\dllcache\sgiul50.dll
2009-05-31 22:55 36,480 ac------ c:\windows\system32\dllcache\sfmanm.sys
2009-05-31 22:55 6,784 ac------ c:\windows\system32\dllcache\serscan.sys
2009-05-31 22:55 17,664 ac------ c:\windows\system32\dllcache\sermouse.sys
2009-05-31 22:55 6,912 ac------ c:\windows\system32\dllcache\seaddsmc.sys
2009-05-31 22:55 11,520 ac------ c:\windows\system32\dllcache\scsiscan.sys
2009-05-31 22:55 11,648 ac------ c:\windows\system32\dllcache\scsiprnt.sys
2009-05-31 22:55 17,280 ac------ c:\windows\system32\dllcache\scr111.sys
2009-05-31 22:55 16,640 ac------ c:\windows\system32\dllcache\scmstcs.sys
2009-05-31 22:55 23,936 ac------ c:\windows\system32\dllcache\sccmusbm.sys
2009-05-31 22:53 166,720 ac------ c:\windows\system32\dllcache\s3m.sys
2009-05-31 22:52 86,097 ac------ c:\windows\system32\dllcache\reslog32.dll
2009-05-31 22:52 13,776 ac------ c:\windows\system32\dllcache\recagent.sys
2009-05-31 22:52 19,584 ac------ c:\windows\system32\dllcache\rasirda.sys
2009-05-31 22:52 714,762 ac------ c:\windows\system32\dllcache\r2mdmkxx.sys
2009-05-31 22:52 899,146 ac------ c:\windows\system32\dllcache\r2mdkxga.sys
2009-05-31 22:52 41,472 ac------ c:\windows\system32\dllcache\qvusd.dll
2009-05-31 22:52 3,328 ac------ c:\windows\system32\dllcache\qv2kux.sys
2009-05-31 22:52 49,024 ac------ c:\windows\system32\dllcache\ql1280.sys
2009-05-31 22:52 40,448 ac------ c:\windows\system32\dllcache\ql1240.sys
2009-05-31 22:52 45,312 ac------ c:\windows\system32\dllcache\ql12160.sys
2009-05-31 22:50 7,168 ac------ c:\windows\system32\dllcache\pnrmc.sys
2009-05-31 22:49 169,984 ac------ c:\windows\system32\dllcache\pcx500.sys
2009-05-31 22:49 86,016 ac------ c:\windows\system32\dllcache\pctspk.exe
2009-05-31 22:49 35,328 ac------ c:\windows\system32\dllcache\pcntpci5.sys
2009-05-31 22:49 29,769 ac------ c:\windows\system32\dllcache\pcntn5m.sys
2009-05-31 22:49 30,282 ac------ c:\windows\system32\dllcache\pcntn5hl.sys
2009-05-31 22:49 26,153 ac------ c:\windows\system32\dllcache\pcmlm56.sys
2009-05-31 22:49 29,502 ac------ c:\windows\system32\dllcache\pca200e.sys
2009-05-31 22:49 30,495 ac------ c:\windows\system32\dllcache\pc100nds.sys
2009-05-31 22:49 41,984 ac------ c:\windows\system32\dllcache\ovui2rc.dll
2009-05-31 22:49 44,544 ac------ c:\windows\system32\dllcache\ovui2.dll
2009-05-31 22:49 25,216 ac------ c:\windows\system32\dllcache\ovsound2.sys
2009-05-31 22:49 39,424 ac------ c:\windows\system32\dllcache\ovcoms.exe
2009-05-31 22:47 198,144 ac------ c:\windows\system32\dllcache\nv3.sys
2009-05-31 22:47 123,776 ac------ c:\windows\system32\dllcache\nv3.dll
2009-05-31 22:47 180,360 ac------ c:\windows\system32\dllcache\ntmtlfax.sys
2009-05-31 22:47 51,552 ac------ c:\windows\system32\dllcache\ntgrip.sys
2009-05-31 22:47 9,344 ac------ c:\windows\system32\dllcache\ntapm.sys
2009-05-31 22:47 7,552 ac------ c:\windows\system32\dllcache\nsmmc.sys
2009-05-31 22:47 28,672 ac------ c:\windows\system32\dllcache\nscirda.sys
2009-05-31 22:47 87,040 ac------ c:\windows\system32\dllcache\nm6wdm.sys
2009-05-31 22:47 126,080 ac------ c:\windows\system32\dllcache\nm5a2wdm.sys
2009-05-31 22:47 32,840 ac------ c:\windows\system32\dllcache\ngrpci.sys
2009-05-31 22:47 132,695 ac------ c:\windows\system32\dllcache\netwlan5.sys
2009-05-31 22:45 7,168 ac------ c:\windows\system32\dllcache\mxport.dll
2009-05-31 22:44 35,200 ac------ c:\windows\system32\dllcache\msgame.sys
2009-05-31 22:44 6,016 ac------ c:\windows\system32\dllcache\msfsio.sys
2009-05-31 22:44 56,832 ac------ c:\windows\system32\dllcache\msdvbnp.ax
2009-05-31 22:44 51,200 ac------ c:\windows\system32\dllcache\msdv.sys
2009-05-31 22:44 17,280 ac------ c:\windows\system32\dllcache\mraid35x.sys
2009-05-31 22:44 15,232 ac------ c:\windows\system32\dllcache\mpe.sys
2009-05-31 22:44 12,160 ac------ c:\windows\system32\dllcache\mouhid.sys
2009-05-31 22:44 16,128 ac------ c:\windows\system32\dllcache\modemcsa.sys
2009-05-31 22:44 6,528 ac------ c:\windows\system32\dllcache\miniqic.sys
2009-05-31 22:44 320,384 ac------ c:\windows\system32\dllcache\mgaum.sys
2009-05-31 22:42 576,746 ac------ c:\windows\system32\dllcache\ltmdmntl.sys
2009-05-31 22:41 8,192 ac------ c:\windows\system32\dllcache\kbdkor.dll
2009-05-31 22:40 45,632 ac------ c:\windows\system32\dllcache\ip5515.sys
2009-05-31 22:40 90,200 ac------ c:\windows\system32\dllcache\io8ports.dll
2009-05-31 22:40 38,784 ac------ c:\windows\system32\dllcache\io8.sys
2009-05-31 22:40 13,056 ac------ c:\windows\system32\dllcache\inport.sys
2009-05-31 22:40 16,000 ac------ c:\windows\system32\dllcache\ini910u.sys
2009-05-31 22:40 81,920 ac------ c:\windows\system32\dllcache\ieencode.dll
2009-05-31 22:40 372,824 ac------ c:\windows\system32\dllcache\iconf32.dll
2009-05-31 22:38 58,592 ac------ c:\windows\system32\dllcache\i740nt5.sys
2009-05-31 22:38 353,184 ac------ c:\windows\system32\dllcache\i740dnt5.dll
2009-05-31 22:38 18,560 ac------ c:\windows\system32\dllcache\i2omp.sys
2009-05-31 22:38 8,576 ac------ c:\windows\system32\dllcache\i2omgmt.sys
2009-05-31 22:38 1,041,536 ac------ c:\windows\system32\dllcache\hsfdpsp2.sys
2009-05-31 22:38 685,056 ac------ c:\windows\system32\dllcache\hsfcxts2.sys
2009-05-31 22:38 32,285 ac------ c:\windows\system32\dllcache\hsfcisp2.dll
2009-05-31 22:38 220,032 ac------ c:\windows\system32\dllcache\hsfbs2s2.sys
2009-05-31 22:38 488,383 ac------ c:\windows\system32\dllcache\hsf_v124.sys
2009-05-31 22:38 50,751 ac------ c:\windows\system32\dllcache\hsf_tone.sys
2009-05-31 22:36 324,608 ac------ c:\windows\system32\dllcache\hpojwia.dll
2009-05-31 22:35 2,688 ac------ c:\windows\system32\dllcache\hidswvd.sys
2009-05-31 22:34 92,160 ac------ c:\windows\system32\dllcache\fuusd.dll
2009-05-31 22:34 455,296 ac------ c:\windows\system32\dllcache\fusbbase.sys
2009-05-31 22:34 455,680 ac------ c:\windows\system32\dllcache\fus2base.sys
2009-05-31 22:34 442,240 ac------ c:\windows\system32\dllcache\fpnpbase.sys
2009-05-31 22:34 441,728 ac------ c:\windows\system32\dllcache\fpcmbase.sys
2009-05-31 22:34 444,416 ac------ c:\windows\system32\dllcache\fpcibase.sys
2009-05-31 22:34 34,173 ac------ c:\windows\system32\dllcache\forehe.sys
2009-05-31 22:34 71,680 ac------ c:\windows\system32\dllcache\fnfilter.dll
2009-05-31 22:34 27,165 ac------ c:\windows\system32\dllcache\fetnd5.sys
2009-05-31 22:32 595,647 ac------ c:\windows\system32\dllcache\es56cvmp.sys
2009-05-31 22:31 66,591 ac------ c:\windows\system32\dllcache\el90xbc5.sys
2009-05-31 22:30 29,696 ac------ c:\windows\system32\dllcache\dm9pci5.sys
2009-05-31 22:29 419,357 ac------ c:\windows\system32\dllcache\dgconfig.dll
2009-05-31 22:28 93,952 ac------ c:\windows\system32\dllcache\cwcwdm.sys
2009-05-31 22:28 111,872 ac------ c:\windows\system32\dllcache\cwcspud.sys
2009-05-31 22:28 3,584 ac------ c:\windows\system32\dllcache\cwcosnt5.sys
2009-05-31 22:28 72,832 ac------ c:\windows\system32\dllcache\cwbwdm.sys
2009-05-31 22:00 272,640 ac------ c:\windows\system32\dllcache\cinemclc.sys
2009-05-31 21:59 13,824 ac------ c:\windows\system32\dllcache\bulltlp3.sys
2009-05-31 21:58 9,728 ac------ c:\windows\system32\dllcache\brcoinst.dll
2009-05-31 21:57 73,216 ac------ c:\windows\system32\dllcache\atintuxx.sys
2009-05-31 21:56 44,928 ac------ c:\windows\system32\dllcache\agpcpq.sys
2009-05-31 21:55 66,048 ac------ c:\windows\system32\dllcache\s3legacy.dll
2009-05-31 18:49 30,208 a------- c:\windows\system32\AM30615.dll
2009-05-31 18:49 4,096 a------- c:\windows\system32\AdMunch.dll
2009-05-31 17:32 <DIR> --d----- c:\program files\Ad Muncher
2009-05-31 17:32 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Ad Muncher
2009-05-31 17:13 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Martau
2009-05-31 17:13 <DIR> --d----- c:\program files\Total Uninstall 5
2009-05-29 17:21 244,224 a------- c:\windows\system32\ocxubcpy.dll
2009-05-29 16:20 23,600 a------- c:\windows\system32\drivers\TVICHW32.SYS
2009-05-29 14:26 <DIR> --d----- c:\docume~1\admini~1\applic~1\smc
2009-05-29 14:24 <DIR> --d----- c:\program files\IObit
2009-05-29 14:19 <DIR> --d----- c:\program files\Secret Maryo Chronicles
2009-05-29 12:44 <DIR> --d----- c:\docume~1\admini~1\applic~1\nCleaner
2009-05-29 12:43 <DIR> --d----- c:\program files\NKProds
2009-05-28 20:47 <DIR> --d----- c:\docume~1\admini~1\applic~1\TechSmith
2009-05-28 20:23 <DIR> --d----- c:\program files\CCleaner
2009-05-26 18:49 212,240 a------- c:\windows\system32\RICHTX32.OCX
2009-05-26 18:49 124,688 a------- c:\windows\system32\MSWINSCK.OCX
2009-05-26 18:49 372,736 a------- c:\windows\system32\_IJL11.DLL
2009-05-25 21:06 <DIR> --d----- c:\windows\system32\faxucvid
2009-05-24 18:09 25,992 a------- c:\windows\system32\pgdfgsvc.exe
2009-05-24 08:35 <DIR> --d----- c:\windows\system32\nicutsnd
2009-05-19 16:20 210,352 a------- c:\windows\system32\idmmbc.dll
2009-05-17 00:32 <DIR> --d----- c:\windows\pss
2009-05-14 23:47 532,992 a------- C:\This is an experiment.ppt
2009-05-14 20:53 <DIR> --d----- c:\windows\SHELLNEW
2009-05-10 16:42 <DIR> --d----- c:\program files\Unlocker

==================== Find3M ====================

2009-05-12 22:54 217,536 a------- c:\windows\system32\drivers\truecrypt.sys
2009-04-17 11:34 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-04-14 19:10 410,984 a------- c:\windows\system32\deploytk.dll
2009-04-14 16:34 21,640 a------- c:\windows\system32\emptyregdb.dat
2009-04-02 19:06 84,480 a------- c:\windows\system32\ff_vfw.dll
2009-03-21 19:51 2,486,272 a------- c:\windows\system32\icodubit.dll
2009-03-21 19:51 2,457,600 a------- c:\windows\system32\resohart.dll
2009-03-21 19:51 1,298,432 a------- c:\windows\system32\chmitbio.dll
2009-03-21 19:51 1,187,840 a------- c:\windows\system32\polepdot.exe
2009-03-21 19:51 1,183,744 a------- c:\windows\system32\urigidec.exe
2009-03-21 19:51 1,060,864 a------- c:\windows\system32\dosummod.dll
2009-03-21 19:51 157,896 a------- c:\windows\system32\dllorbio32.dll
2009-03-21 19:51 118,784 a------- c:\windows\system32\ipaxai.dll
2009-03-21 19:51 118,784 a------- c:\windows\system32\dbogexe.dll
2009-03-08 04:34 914,944 a------- c:\windows\system32\wininet.dll
2009-03-08 04:34 43,008 a------- c:\windows\system32\licmgr10.dll
2009-03-08 04:33 18,944 a------- c:\windows\system32\corpol.dll
2009-03-08 04:33 420,352 a------- c:\windows\system32\vbscript.dll
2009-03-08 04:32 72,704 a------- c:\windows\system32\admparse.dll
2009-03-08 04:32 71,680 a------- c:\windows\system32\iesetup.dll
2009-03-08 04:31 34,816 a------- c:\windows\system32\imgutil.dll
2009-03-08 04:31 48,128 a------- c:\windows\system32\mshtmler.dll
2009-03-08 04:31 45,568 a------- c:\windows\system32\mshta.exe
2009-03-08 04:22 156,160 a------- c:\windows\system32\msls31.dll
2009-03-06 20:07 284,160 a------- c:\windows\system32\pdh.dll

============= FINISH: 1:18:42.45 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:37 AM

Posted 12 June 2009 - 10:16 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#3 likom_ubuntu

likom_ubuntu
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:07 PM

Posted 13 June 2009 - 10:03 AM

Well the reason I used the combofix is because I have no problem with advance level of troubleshooting windows and there is nothing that important at stake in this computer. I at first suspected my computer had been compromised when "admuncher" crashed whenever I tried to click on its settings tabs. I posted this in there forum and also I started battery of scans from Number of antivirus and anti- spywares.

I scanned my computer with notron 2009, Kaspersky antivirus 2009 and also with avast 4.7 with all the latest updates loaded. Also i did a scan with malwarebytes and superantispyware. Though antiviruses could not find anything malwarebytes and superantispyware did find some form of Vundu Generic running (don't remember the exact name). I cleaned them all. I don't have the log that were generated back then (few days ago). Since then i have uninstalled the superantispyware and the malewarebytes scan comes clean when I do a scan now.

I thought I had gotten rid of the problem but that was not the case admuncher crashes was not fixed and I stared getting system freeze. I could not use the keyboard/mouse when this happened and i had to press the reset button. I had kaspersky installed I thought it must be due to kaspersky so to test this hypothesis I removed it and moved on to nod32.
I took the matter into my own hand and started doing a little bit of investigation.

Initially I thought it was the explorer.exe which was crashing admuncher but I was wrong I think. It was part of the problem but it was not the problem. I installed winpatrol and went through it. I could see a dll file hooked to explorer.exe. It was located in system32 (named something starting with j**.dll). I went there and looked at its property it was not one of microsofts. So I unlocked the dll using unlocker and deleted it form the system32 (did a google search and also uploaded it to virustotal before deleting google showed 0 results and virustotal result came clean). I could now see that admucher was not crashing any more.

I thought I could breathe now but not to be. Like multi headed hydra to appear again system freezes did not go away and worse they started to become more and more frequent and computer was dragging. I noticed a folder inside windows with some random letters so I deleted it. After few refresh I could see a different folder with different random letters.
Desperate I downloaded and ran combofix. It did what it is supposed to do. I could see the computer coming back to life again no more system freezes and computer was lot more responsive. So I want you peoples to kindly look at my logs and tell me if or not that thing whatever it was has finally gone?

Ok next thing I noticed when I ran a netscan.exe from softperfect’s netscan.exe was that all the drives were now shared across the network. I have not done it. I can see that c: and d: are shared. I can further confirm that by typing \\192.168.1.2\C$ in run and I can get to my drive. Normally when a user shares folder or drive you see icon change. There is no icon change in any of the drives and they are shared across my home network or beyond??? I wonder…

Posted Image

Sorry if you find this post long and boring. I did :thumbup2:


DDS (Ver_09-05-14.01) - NTFSx86
Run by Administrator at 20:28:13.26 on Sat 06/13/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_14
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.649 [GMT 5.75:45]

AV: Doctor Web Anti-Virus *On-access scanning disabled* (Updated) {3454C8F1-ECBC-4180-A6F4-04632FBA762B}
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Ad Muncher\AdMunch.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\My Documents\Downloads\dds (1).scr

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = local
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 9\SnagitBHO.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.21.0\gears.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 9\SnagitIEAddin.dll
TB: Foxit Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} -
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
mRun: [Ad Muncher] "c:\program files\ad muncher\AdMunch.exe" /bt
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
IE: Block frame with Ad Muncher - http://www.admuncher.com/request_will_be_i...d=menu_ie_frame
IE: Block image with Ad Muncher - http://www.admuncher.com/request_will_be_i...d=menu_ie_image
IE: Block link with Ad Muncher - http://www.admuncher.com/request_will_be_i...id=menu_ie_link
IE: Don't filter page with Ad Muncher - http://www.admuncher.com/request_will_be_i...menu_ie_exclude
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Report page to the Ad Muncher developers - http://www.admuncher.com/request_will_be_i...=menu_ie_report
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.21.0\gears.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
TCP: {5737145F-5894-4306-84F3-6582C6C48D47} = 202.70.64.5,202.70.64.15
Notify: igfxcui - igfxsrvc.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\8zrcejh1.default\
FF - component: c:\documents and settings\administrator\application data\idm\idmmzcc3\components\idmmzcc.dll
FF - component: c:\program files\google\google gears\firefox\components\gears.dll
FF - plugin: c:\documents and settings\administrator\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\administrator\local settings\application data\google\update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.145.5\npGoogleOneClick8.dll

============= SERVICES / DRIVERS ===============

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-3-19 107256]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2009-3-19 731840]
R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2009-5-28 108032]
S2 gupdate1c9e28cbfec4100;Google Update Service (gupdate1c9e28cbfec4100);c:\program files\google\update\GoogleUpdate.exe [2009-6-1 133104]

=============== Created Last 30 ================

2009-06-13 20:01 <DIR> --d-h--- c:\windows\system32\GroupPolicy
2009-06-12 21:22 <DIR> --d----- C:\RootkitNO
2009-06-12 21:15 2 a--shrot c:\windows\winstart.bat
2009-06-12 21:14 <DIR> --d----- c:\program files\UnHackMe
2009-06-12 18:42 75 a------- c:\windows\SYMGAMES.INI
2009-06-12 11:34 36 a------- c:\windows\mafosav.INI
2009-06-11 21:38 <DIR> --d----- c:\windows\ie8updates
2009-06-11 21:30 246,272 -c------ c:\windows\system32\dllcache\ieproxy.dll
2009-06-11 21:30 12,800 -c------ c:\windows\system32\dllcache\xpshims.dll
2009-06-11 21:30 1,985,024 -c------ c:\windows\system32\dllcache\iertutil.dll
2009-06-11 21:29 11,064,832 -c------ c:\windows\system32\dllcache\ieframe.dll
2009-06-10 09:04 <DIR> --d----- c:\docume~1\admini~1\applic~1\ESET
2009-06-06 21:24 <DIR> --d----- c:\documents and settings\administrator\DoctorWeb
2009-06-06 21:24 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Doctor Web
2009-06-06 21:24 <DIR> --d----- c:\program files\DrWeb
2009-06-05 14:18 <DIR> --d----- C:\Rooter$
2009-06-04 19:52 <DIR> --d----- c:\program files\ESET
2009-06-02 22:52 <DIR> --d----- c:\program files\GPLGS
2009-06-02 22:27 87,552 a------- c:\windows\system32\cpwmon2k.dll
2009-06-02 22:26 <DIR> --d----- c:\program files\Acro Software
2009-06-02 21:31 200,496 a------- c:\windows\system32\DBLIST32.OCX
2009-06-02 21:31 134,928 a------- c:\windows\system32\COMDLG32.OCX
2009-06-02 21:31 89,360 a------- c:\windows\system32\VB5DB.DLL
2009-06-02 21:31 1,056,768 a------- c:\windows\system32\MSJET35.DLL
2009-06-02 21:31 430,080 a------- c:\windows\system32\MSREPL35.DLL
2009-06-02 21:31 368,912 a------- c:\windows\system32\VBAR332.DLL
2009-06-02 21:31 252,176 a------- c:\windows\system32\MSRD2X35.DLL
2009-06-02 21:31 123,664 a------- c:\windows\system32\MSJINT35.DLL
2009-06-02 21:31 24,848 a------- c:\windows\system32\MSJTER35.DLL
2009-06-02 21:31 <DIR> --d----- c:\program files\Kundli
2009-06-02 21:31 299,520 a------- c:\windows\uninst.exe
2009-06-02 21:31 <DIR> --d----- c:\documents and settings\administrator\WINDOWS
2009-06-02 20:25 410,984 a------- c:\windows\system32\deploytk.dll
2009-06-02 20:25 73,728 a------- c:\windows\system32\javacpl.cpl
2009-06-02 17:10 <DIR> --d----- c:\program files\trend micro
2009-06-02 16:53 0 a------- c:\windows\system32\w32apiw.dll
2009-06-02 00:55 <DIR> --d----- c:\program files\Microsoft Bootvis
2009-06-02 00:33 <DIR> a-dshr-- C:\cmdcons
2009-06-02 00:30 <DIR> --d----- c:\program files\FreeFixer
2009-06-02 00:25 161,792 a------- c:\windows\SWREG.exe
2009-06-02 00:25 154,624 a------- c:\windows\PEV.exe
2009-06-02 00:25 98,816 a------- c:\windows\sed.exe
2009-06-01 22:21 <DIR> --d----- c:\docume~1\admini~1\applic~1\WinPatrol
2009-06-01 22:21 <DIR> --d----- c:\program files\BillP Studios
2009-06-01 20:38 1,970,176 a------- c:\windows\system32\d3dx9.dll
2009-06-01 20:38 679,936 a------- c:\windows\system32\D3DX81ab.dll
2009-06-01 20:38 <DIR> --d----- c:\program files\Cheat Engine
2009-06-01 12:56 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Kaspersky Lab Setup Files
2009-06-01 11:56 <DIR> --d----- c:\docume~1\admini~1\applic~1\Malwarebytes
2009-06-01 11:56 40,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-01 11:56 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-06-01 11:56 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-06-01 11:56 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-06-01 11:15 301,568 a------- c:\windows\system32\catohtxt.dll
2009-06-01 11:11 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-06-01 11:10 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-05-31 23:08 116,224 ac------ c:\windows\system32\dllcache\xrxwiadr.dll
2009-05-31 23:08 23,040 ac------ c:\windows\system32\dllcache\xrxwbtmp.dll
2009-05-31 23:08 18,944 ac------ c:\windows\system32\dllcache\xrxscnui.dll
2009-05-31 23:08 27,648 ac------ c:\windows\system32\dllcache\xrxftplt.exe
2009-05-31 23:08 4,608 ac------ c:\windows\system32\dllcache\xrxflnch.exe
2009-05-31 23:07 99,865 ac------ c:\windows\system32\dllcache\xlog.exe
2009-05-31 23:07 16,970 ac------ c:\windows\system32\dllcache\xem336n5.sys
2009-05-31 23:07 19,455 ac------ c:\windows\system32\dllcache\wvchntxx.sys
2009-05-31 23:07 12,063 ac------ c:\windows\system32\dllcache\wsiintxx.sys
2009-05-31 23:07 8,192 ac------ c:\windows\system32\dllcache\wshirda.dll
2009-05-31 23:07 8,832 ac------ c:\windows\system32\dllcache\wmiacpi.sys
2009-05-31 23:07 154,624 ac------ c:\windows\system32\dllcache\wlluc48.sys
2009-05-31 23:07 34,890 ac------ c:\windows\system32\dllcache\wlandrv2.sys
2009-05-31 23:07 771,581 ac------ c:\windows\system32\dllcache\winacisa.sys
2009-05-31 23:05 19,528 ac------ c:\windows\system32\dllcache\w840nd.sys
2009-05-31 23:05 64,605 ac------ c:\windows\system32\dllcache\vvoice.sys
2009-05-31 23:05 397,502 ac------ c:\windows\system32\dllcache\vpctcom.sys
2009-05-31 23:05 604,253 ac------ c:\windows\system32\dllcache\vmodem.sys
2009-05-31 23:05 249,402 ac------ c:\windows\system32\dllcache\vinwm.sys
2009-05-31 23:05 24,576 ac------ c:\windows\system32\dllcache\viairda.sys
2009-05-31 23:05 5,376 ac------ c:\windows\system32\dllcache\viaide.sys
2009-05-31 23:05 42,240 ac------ c:\windows\system32\dllcache\viaagp.sys
2009-05-31 23:05 11,325 ac------ c:\windows\system32\dllcache\vchnt5.dll
2009-05-31 23:05 687,999 ac------ c:\windows\system32\dllcache\usrwdxjs.sys
2009-05-31 23:05 765,884 ac------ c:\windows\system32\dllcache\usrti.sys
2009-05-31 23:03 69,632 ac------ c:\windows\system32\dllcache\umaxu12.dll
2009-05-31 23:03 50,688 ac------ c:\windows\system32\dllcache\umaxscan.dll
2009-05-31 23:03 22,912 ac------ c:\windows\system32\dllcache\umaxpcls.sys
2009-05-31 23:03 50,176 ac------ c:\windows\system32\dllcache\umaxp60.dll
2009-05-31 23:03 47,616 ac------ c:\windows\system32\dllcache\umaxcam.dll
2009-05-31 23:03 211,968 ac------ c:\windows\system32\dllcache\um54scan.dll
2009-05-31 23:03 216,064 ac------ c:\windows\system32\dllcache\um34scan.dll
2009-05-31 23:03 36,736 ac------ c:\windows\system32\dllcache\ultra.sys
2009-05-31 23:03 44,672 ac------ c:\windows\system32\dllcache\uagp35.sys
2009-05-31 23:03 11,520 ac------ c:\windows\system32\dllcache\twotrack.sys
2009-05-31 23:03 166,784 ac------ c:\windows\system32\dllcache\tridxpm.sys
2009-05-31 23:02 525,568 ac------ c:\windows\system32\dllcache\tridxp.dll
2009-05-31 23:02 159,232 ac------ c:\windows\system32\dllcache\tridkbm.sys
2009-05-31 23:02 440,576 ac------ c:\windows\system32\dllcache\tridkb.dll
2009-05-31 23:02 222,336 ac------ c:\windows\system32\dllcache\trid3dm.sys
2009-05-31 23:02 315,520 ac------ c:\windows\system32\dllcache\trid3d.dll
2009-05-31 23:02 34,375 ac------ c:\windows\system32\dllcache\tpro4.sys
2009-05-31 23:02 42,496 ac------ c:\windows\system32\dllcache\tp4res.dll
2009-05-31 23:02 82,944 ac------ c:\windows\system32\dllcache\tp4mon.exe
2009-05-31 23:02 31,744 ac------ c:\windows\system32\dllcache\tp4.dll
2009-05-31 23:02 4,992 ac------ c:\windows\system32\dllcache\toside.sys
2009-05-31 23:02 230,912 ac------ c:\windows\system32\dllcache\tosdvd03.sys
2009-05-31 23:01 241,664 ac------ c:\windows\system32\dllcache\tosdvd02.sys
2009-05-31 23:01 28,232 ac------ c:\windows\system32\dllcache\tos4mo.sys
2009-05-31 23:01 123,995 ac------ c:\windows\system32\dllcache\tjisdn.sys
2009-05-31 23:01 138,528 ac------ c:\windows\system32\dllcache\tgiulnt5.sys
2009-05-31 23:01 81,408 ac------ c:\windows\system32\dllcache\tgiul50.dll
2009-05-31 23:01 149,376 ac------ c:\windows\system32\dllcache\tffsport.sys
2009-05-31 23:01 17,129 ac------ c:\windows\system32\dllcache\tdkcd31.sys
2009-05-31 23:01 37,961 ac------ c:\windows\system32\dllcache\tdk100b.sys
2009-05-31 23:01 30,464 ac------ c:\windows\system32\dllcache\tbatm155.sys
2009-05-31 23:01 7,040 ac------ c:\windows\system32\dllcache\tandqic.sys
2009-05-31 23:01 36,640 ac------ c:\windows\system32\dllcache\t2r4mini.sys
2009-05-31 23:00 172,768 ac------ c:\windows\system32\dllcache\t2r4disp.dll
2009-05-31 23:00 32,640 ac------ c:\windows\system32\dllcache\symc8xx.sys
2009-05-31 23:00 16,256 ac------ c:\windows\system32\dllcache\symc810.sys
2009-05-31 23:00 30,688 ac------ c:\windows\system32\dllcache\sym_u3.sys
2009-05-31 23:00 28,384 ac------ c:\windows\system32\dllcache\sym_hi.sys
2009-05-31 23:00 94,293 ac------ c:\windows\system32\dllcache\sxports.dll
2009-05-31 23:00 103,936 ac------ c:\windows\system32\dllcache\sx.sys
2009-05-31 23:00 3,968 ac------ c:\windows\system32\dllcache\swusbflt.sys
2009-05-31 23:00 10,240 ac------ c:\windows\system32\dllcache\swpidflt.dll
2009-05-31 23:00 10,240 ac------ c:\windows\system32\dllcache\swpdflt2.dll
2009-05-31 23:00 53,760 ac------ c:\windows\system32\dllcache\sw_wheel.dll
2009-05-31 22:59 41,472 ac------ c:\windows\system32\dllcache\sw_effct.dll
2009-05-31 22:59 155,648 ac------ c:\windows\system32\dllcache\stlnprop.dll
2009-05-31 22:59 53,248 ac------ c:\windows\system32\dllcache\stlncoin.dll
2009-05-31 22:59 285,760 ac------ c:\windows\system32\dllcache\stlnata.sys
2009-05-31 22:59 16,896 ac------ c:\windows\system32\dllcache\stcusb.sys
2009-05-31 22:59 48,736 ac------ c:\windows\system32\dllcache\srwlnd5.sys
2009-05-31 22:59 99,328 ac------ c:\windows\system32\dllcache\srusd.dll
2009-05-31 22:59 24,660 ac------ c:\windows\system32\dllcache\spxupchk.dll
2009-05-31 22:59 61,824 ac------ c:\windows\system32\dllcache\speed.sys
2009-05-31 22:59 106,584 ac------ c:\windows\system32\dllcache\spdports.dll
2009-05-31 22:58 19,072 ac------ c:\windows\system32\dllcache\sparrow.sys
2009-05-31 22:58 7,552 ac------ c:\windows\system32\dllcache\sonypvu1.sys
2009-05-31 22:58 37,040 ac------ c:\windows\system32\dllcache\sonypi.sys
2009-05-31 22:58 114,688 ac------ c:\windows\system32\dllcache\sonypi.dll
2009-05-31 22:58 20,752 ac------ c:\windows\system32\dllcache\sonync.sys
2009-05-31 22:58 9,600 ac------ c:\windows\system32\dllcache\sonymc.sys
2009-05-31 22:58 7,552 ac------ c:\windows\system32\dllcache\sonyait.sys
2009-05-31 22:58 7,040 ac------ c:\windows\system32\dllcache\snyaitmc.sys
2009-05-31 22:58 58,368 ac------ c:\windows\system32\dllcache\smiminib.sys
2009-05-31 22:58 147,200 ac------ c:\windows\system32\dllcache\smidispb.dll
2009-05-31 22:58 25,034 ac------ c:\windows\system32\dllcache\smcpwr2n.sys
2009-05-31 22:56 94,698 ac------ c:\windows\system32\dllcache\sk98xwin.sys
2009-05-31 22:56 157,696 ac------ c:\windows\system32\dllcache\sisv256.dll
2009-05-31 22:56 50,432 ac------ c:\windows\system32\dllcache\sisv.sys
2009-05-31 22:56 32,768 ac------ c:\windows\system32\dllcache\sisnic.sys
2009-05-31 22:56 238,592 ac------ c:\windows\system32\dllcache\sisgrv.dll
2009-05-31 22:56 104,064 ac------ c:\windows\system32\dllcache\sisgrp.sys
2009-05-31 22:56 40,960 ac------ c:\windows\system32\dllcache\sisagp.sys
2009-05-31 22:56 150,144 ac------ c:\windows\system32\dllcache\sis6306v.dll
2009-05-31 22:56 68,608 ac------ c:\windows\system32\dllcache\sis6306p.sys
2009-05-31 22:56 252,032 ac------ c:\windows\system32\dllcache\sis300iv.dll
2009-05-31 22:56 101,760 ac------ c:\windows\system32\dllcache\sis300ip.sys
2009-05-31 22:56 3,901 ac------ c:\windows\system32\dllcache\siint5.dll
2009-05-31 22:56 161,568 ac------ c:\windows\system32\dllcache\sgsmusb.sys
2009-05-31 22:55 18,400 ac------ c:\windows\system32\dllcache\sgsmld.sys
2009-05-31 22:55 98,080 ac------ c:\windows\system32\dllcache\sgiulnt5.sys
2009-05-31 22:55 386,560 ac------ c:\windows\system32\dllcache\sgiul50.dll
2009-05-31 22:55 36,480 ac------ c:\windows\system32\dllcache\sfmanm.sys
2009-05-31 22:55 6,784 ac------ c:\windows\system32\dllcache\serscan.sys
2009-05-31 22:55 17,664 ac------ c:\windows\system32\dllcache\sermouse.sys
2009-05-31 22:55 6,912 ac------ c:\windows\system32\dllcache\seaddsmc.sys
2009-05-31 22:55 11,520 ac------ c:\windows\system32\dllcache\scsiscan.sys
2009-05-31 22:55 11,648 ac------ c:\windows\system32\dllcache\scsiprnt.sys
2009-05-31 22:55 17,280 ac------ c:\windows\system32\dllcache\scr111.sys
2009-05-31 22:55 16,640 ac------ c:\windows\system32\dllcache\scmstcs.sys
2009-05-31 22:55 23,936 ac------ c:\windows\system32\dllcache\sccmusbm.sys
2009-05-31 22:53 166,720 ac------ c:\windows\system32\dllcache\s3m.sys
2009-05-31 22:52 86,097 ac------ c:\windows\system32\dllcache\reslog32.dll
2009-05-31 22:52 13,776 ac------ c:\windows\system32\dllcache\recagent.sys
2009-05-31 22:52 19,584 ac------ c:\windows\system32\dllcache\rasirda.sys
2009-05-31 22:52 714,762 ac------ c:\windows\system32\dllcache\r2mdmkxx.sys
2009-05-31 22:52 899,146 ac------ c:\windows\system32\dllcache\r2mdkxga.sys
2009-05-31 22:52 41,472 ac------ c:\windows\system32\dllcache\qvusd.dll
2009-05-31 22:52 3,328 ac------ c:\windows\system32\dllcache\qv2kux.sys
2009-05-31 22:52 49,024 ac------ c:\windows\system32\dllcache\ql1280.sys
2009-05-31 22:52 40,448 ac------ c:\windows\system32\dllcache\ql1240.sys
2009-05-31 22:52 45,312 ac------ c:\windows\system32\dllcache\ql12160.sys
2009-05-31 22:50 7,168 ac------ c:\windows\system32\dllcache\pnrmc.sys
2009-05-31 22:49 169,984 ac------ c:\windows\system32\dllcache\pcx500.sys
2009-05-31 22:49 86,016 ac------ c:\windows\system32\dllcache\pctspk.exe
2009-05-31 22:49 35,328 ac------ c:\windows\system32\dllcache\pcntpci5.sys
2009-05-31 22:49 29,769 ac------ c:\windows\system32\dllcache\pcntn5m.sys
2009-05-31 22:49 30,282 ac------ c:\windows\system32\dllcache\pcntn5hl.sys
2009-05-31 22:49 26,153 ac------ c:\windows\system32\dllcache\pcmlm56.sys
2009-05-31 22:49 29,502 ac------ c:\windows\system32\dllcache\pca200e.sys
2009-05-31 22:49 30,495 ac------ c:\windows\system32\dllcache\pc100nds.sys
2009-05-31 22:49 41,984 ac------ c:\windows\system32\dllcache\ovui2rc.dll
2009-05-31 22:49 44,544 ac------ c:\windows\system32\dllcache\ovui2.dll
2009-05-31 22:49 25,216 ac------ c:\windows\system32\dllcache\ovsound2.sys
2009-05-31 22:49 39,424 ac------ c:\windows\system32\dllcache\ovcoms.exe
2009-05-31 22:47 198,144 ac------ c:\windows\system32\dllcache\nv3.sys
2009-05-31 22:47 123,776 ac------ c:\windows\system32\dllcache\nv3.dll
2009-05-31 22:47 180,360 ac------ c:\windows\system32\dllcache\ntmtlfax.sys
2009-05-31 22:47 51,552 ac------ c:\windows\system32\dllcache\ntgrip.sys
2009-05-31 22:47 9,344 ac------ c:\windows\system32\dllcache\ntapm.sys
2009-05-31 22:47 7,552 ac------ c:\windows\system32\dllcache\nsmmc.sys
2009-05-31 22:47 28,672 ac------ c:\windows\system32\dllcache\nscirda.sys
2009-05-31 22:47 87,040 ac------ c:\windows\system32\dllcache\nm6wdm.sys
2009-05-31 22:47 126,080 ac------ c:\windows\system32\dllcache\nm5a2wdm.sys
2009-05-31 22:47 32,840 ac------ c:\windows\system32\dllcache\ngrpci.sys
2009-05-31 22:47 132,695 ac------ c:\windows\system32\dllcache\netwlan5.sys
2009-05-31 22:45 7,168 ac------ c:\windows\system32\dllcache\mxport.dll
2009-05-31 22:44 35,200 ac------ c:\windows\system32\dllcache\msgame.sys
2009-05-31 22:44 6,016 ac------ c:\windows\system32\dllcache\msfsio.sys
2009-05-31 22:44 56,832 ac------ c:\windows\system32\dllcache\msdvbnp.ax
2009-05-31 22:44 51,200 ac------ c:\windows\system32\dllcache\msdv.sys
2009-05-31 22:44 17,280 ac------ c:\windows\system32\dllcache\mraid35x.sys
2009-05-31 22:44 15,232 ac------ c:\windows\system32\dllcache\mpe.sys
2009-05-31 22:44 12,160 ac------ c:\windows\system32\dllcache\mouhid.sys
2009-05-31 22:44 16,128 ac------ c:\windows\system32\dllcache\modemcsa.sys
2009-05-31 22:44 6,528 ac------ c:\windows\system32\dllcache\miniqic.sys
2009-05-31 22:44 320,384 ac------ c:\windows\system32\dllcache\mgaum.sys
2009-05-31 22:42 576,746 ac------ c:\windows\system32\dllcache\ltmdmntl.sys
2009-05-31 22:41 8,192 ac------ c:\windows\system32\dllcache\kbdkor.dll
2009-05-31 22:40 45,632 ac------ c:\windows\system32\dllcache\ip5515.sys
2009-05-31 22:40 90,200 ac------ c:\windows\system32\dllcache\io8ports.dll
2009-05-31 22:40 38,784 ac------ c:\windows\system32\dllcache\io8.sys
2009-05-31 22:40 13,056 ac------ c:\windows\system32\dllcache\inport.sys
2009-05-31 22:40 16,000 ac------ c:\windows\system32\dllcache\ini910u.sys
2009-05-31 22:40 81,920 ac------ c:\windows\system32\dllcache\ieencode.dll
2009-05-31 22:40 372,824 ac------ c:\windows\system32\dllcache\iconf32.dll
2009-05-31 22:38 58,592 ac------ c:\windows\system32\dllcache\i740nt5.sys
2009-05-31 22:38 353,184 ac------ c:\windows\system32\dllcache\i740dnt5.dll
2009-05-31 22:38 18,560 ac------ c:\windows\system32\dllcache\i2omp.sys
2009-05-31 22:38 8,576 ac------ c:\windows\system32\dllcache\i2omgmt.sys
2009-05-31 22:38 1,041,536 ac------ c:\windows\system32\dllcache\hsfdpsp2.sys
2009-05-31 22:38 685,056 ac------ c:\windows\system32\dllcache\hsfcxts2.sys
2009-05-31 22:38 32,285 ac------ c:\windows\system32\dllcache\hsfcisp2.dll
2009-05-31 22:38 220,032 ac------ c:\windows\system32\dllcache\hsfbs2s2.sys
2009-05-31 22:38 488,383 ac------ c:\windows\system32\dllcache\hsf_v124.sys
2009-05-31 22:38 50,751 ac------ c:\windows\system32\dllcache\hsf_tone.sys
2009-05-31 22:36 324,608 ac------ c:\windows\system32\dllcache\hpojwia.dll
2009-05-31 22:35 2,688 ac------ c:\windows\system32\dllcache\hidswvd.sys
2009-05-31 22:34 92,160 ac------ c:\windows\system32\dllcache\fuusd.dll
2009-05-31 22:34 455,296 ac------ c:\windows\system32\dllcache\fusbbase.sys
2009-05-31 22:34 455,680 ac------ c:\windows\system32\dllcache\fus2base.sys
2009-05-31 22:34 442,240 ac------ c:\windows\system32\dllcache\fpnpbase.sys
2009-05-31 22:34 441,728 ac------ c:\windows\system32\dllcache\fpcmbase.sys
2009-05-31 22:34 444,416 ac------ c:\windows\system32\dllcache\fpcibase.sys
2009-05-31 22:34 34,173 ac------ c:\windows\system32\dllcache\forehe.sys
2009-05-31 22:34 71,680 ac------ c:\windows\system32\dllcache\fnfilter.dll
2009-05-31 22:34 27,165 ac------ c:\windows\system32\dllcache\fetnd5.sys
2009-05-31 22:32 595,647 ac------ c:\windows\system32\dllcache\es56cvmp.sys
2009-05-31 22:31 66,591 ac------ c:\windows\system32\dllcache\el90xbc5.sys
2009-05-31 22:30 29,696 ac------ c:\windows\system32\dllcache\dm9pci5.sys
2009-05-31 22:29 419,357 ac------ c:\windows\system32\dllcache\dgconfig.dll
2009-05-31 22:28 93,952 ac------ c:\windows\system32\dllcache\cwcwdm.sys
2009-05-31 22:28 111,872 ac------ c:\windows\system32\dllcache\cwcspud.sys
2009-05-31 22:28 3,584 ac------ c:\windows\system32\dllcache\cwcosnt5.sys
2009-05-31 22:28 72,832 ac------ c:\windows\system32\dllcache\cwbwdm.sys
2009-05-31 22:00 272,640 ac------ c:\windows\system32\dllcache\cinemclc.sys
2009-05-31 21:59 13,824 ac------ c:\windows\system32\dllcache\bulltlp3.sys
2009-05-31 21:58 9,728 ac------ c:\windows\system32\dllcache\brcoinst.dll
2009-05-31 21:57 73,216 ac------ c:\windows\system32\dllcache\atintuxx.sys
2009-05-31 21:56 44,928 ac------ c:\windows\system32\dllcache\agpcpq.sys
2009-05-31 21:55 66,048 ac------ c:\windows\system32\dllcache\s3legacy.dll
2009-05-31 18:49 30,208 a------- c:\windows\system32\AM30615.dll
2009-05-31 18:49 4,096 a------- c:\windows\system32\AdMunch.dll
2009-05-31 17:32 <DIR> --d----- c:\program files\Ad Muncher
2009-05-31 17:32 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Ad Muncher
2009-05-31 17:13 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Martau
2009-05-31 17:13 <DIR> --d----- c:\program files\Total Uninstall 5
2009-05-29 17:21 244,224 a------- c:\windows\system32\ocxubcpy.dll
2009-05-29 16:20 23,600 a------- c:\windows\system32\drivers\TVICHW32.SYS
2009-05-29 14:26 <DIR> --d----- c:\docume~1\admini~1\applic~1\smc
2009-05-29 14:24 <DIR> --d----- c:\program files\IObit
2009-05-29 14:19 <DIR> --d----- c:\program files\Secret Maryo Chronicles
2009-05-29 12:44 <DIR> --d----- c:\docume~1\admini~1\applic~1\nCleaner
2009-05-29 12:43 <DIR> --d----- c:\program files\NKProds
2009-05-28 20:47 <DIR> --d----- c:\docume~1\admini~1\applic~1\TechSmith
2009-05-28 20:23 <DIR> --d----- c:\program files\CCleaner
2009-05-26 18:49 212,240 a------- c:\windows\system32\RICHTX32.OCX
2009-05-26 18:49 124,688 a------- c:\windows\system32\MSWINSCK.OCX
2009-05-26 18:49 372,736 a------- c:\windows\system32\_IJL11.DLL
2009-05-25 21:06 <DIR> --d----- c:\windows\system32\faxucvid
2009-05-24 18:09 25,992 a------- c:\windows\system32\pgdfgsvc.exe
2009-05-24 08:35 <DIR> --d----- c:\windows\system32\nicutsnd
2009-05-19 16:20 210,352 a------- c:\windows\system32\idmmbc.dll
2009-05-17 00:32 <DIR> --d----- c:\windows\pss
2009-05-14 23:47 532,992 a------- C:\This is an experiment.ppt
2009-05-14 20:53 <DIR> --d----- c:\windows\SHELLNEW

==================== Find3M ====================

2009-05-13 11:00 915,456 a------- c:\windows\system32\wininet.dll
2009-05-12 22:54 217,536 a------- c:\windows\system32\drivers\truecrypt.sys
2009-05-07 21:17 345,600 a------- c:\windows\system32\localspl.dll
2009-04-17 18:11 1,847,168 a------- c:\windows\system32\win32k.sys
2009-04-17 11:34 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-04-15 20:36 585,216 a------- c:\windows\system32\rpcrt4.dll
2009-04-14 16:34 21,640 a------- c:\windows\system32\emptyregdb.dat
2009-04-02 19:06 84,480 a------- c:\windows\system32\ff_vfw.dll
2009-03-21 19:51 2,486,272 a------- c:\windows\system32\icodubit.dll
2009-03-21 19:51 2,457,600 a------- c:\windows\system32\resohart.dll
2009-03-21 19:51 1,298,432 a------- c:\windows\system32\chmitbio.dll
2009-03-21 19:51 1,187,840 a------- c:\windows\system32\polepdot.exe
2009-03-21 19:51 1,183,744 a------- c:\windows\system32\urigidec.exe
2009-03-21 19:51 1,060,864 a------- c:\windows\system32\dosummod.dll
2009-03-21 19:51 157,896 a------- c:\windows\system32\dllorbio32.dll
2009-03-21 19:51 118,784 a------- c:\windows\system32\ipaxai.dll
2009-03-21 19:51 118,784 a------- c:\windows\system32\dbogexe.dll

============= FINISH: 20:28:42.40 ===============

Attached Files


Edited by likom_ubuntu, 13 June 2009 - 10:10 AM.


#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:37 AM

Posted 15 June 2009 - 01:22 PM

Hi likom ubuntu ,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already.
  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.
  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day then I will close the topic.


Your log shows the Vundo infection so we need to see what is left.

I know you've already been told this but...

Please do not run Combofix without supervision, this is a powerful program and can damage your PC if not used correctly.

Having said that, please provide the log so I can see what has happened. :)

We need to check the PC out in a bit more detail

We need to scan for Rootkits with GMER
  • Please download GMER from one of the following locations, and save it to your desktop, please rename it as gamer.exe.
    • Main Mirror
      This version will download a randomly named file (Recommended)
    • Zip Mirror
      This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Close any and all open programs, as this process may crash your computer.
  • Double click Posted Image or Posted Image on your desktop.
  • Allow the gmer.sys driver to load if asked.
  • You may see this window. If you do, click No.
    Posted Image
  • Click on Posted Image and wait for the scan to finish.
  • If you see a rootkit warning window, click OK.
  • Push Posted Image and save the logfile to your desktop.
  • Copy and Paste the contents of that file in your next post.

Next

We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
    So to recap I need the Combofix log, the Gmer log and the two OTL scans as well.
Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#5 likom_ubuntu

likom_ubuntu
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:07 PM

Posted 16 June 2009 - 09:29 AM

here we go this one is the old combofix log

ComboFix 09-05-31.06 - Administrator 06/02/2009 0:34.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.616 [GMT 5.75:45]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090531-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\explorer.exe
c:\windows\system32\ipeccam32.dll
c:\windows\system32\w32apiw.dll
D:\Desktop.ini

.
((((((((((((((((((((((((( Files Created from 2009-05-01 to 2009-06-01 )))))))))))))))))))))))))))))))
.

2009-06-01 18:45 . 2009-06-01 18:45 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\FreeFixer
2009-06-01 18:45 . 2009-06-01 18:45 -------- d-----w- c:\program files\FreeFixer
2009-06-01 16:50 . 2009-06-01 16:50 -------- d-----w- c:\windows\system32\cabadzap
2009-06-01 16:43 . 2009-06-01 16:43 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Runscanner.net
2009-06-01 16:36 . 2009-06-01 16:41 -------- d-----w- c:\documents and settings\Administrator\Application Data\WinPatrol
2009-06-01 16:36 . 2009-04-14 10:53 0 ----a-w- c:\documents and settings\Administrator\Application Data\WinPatrol\Config.sys
2009-06-01 16:36 . 2009-04-14 10:53 0 ----a-w- c:\documents and settings\Administrator\Application Data\WinPatrol\Autoexec.bat
2009-06-01 16:36 . 2009-06-01 16:36 -------- d-----w- c:\program files\BillP Studios
2009-06-01 16:00 . 2009-02-05 21:06 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-06-01 16:00 . 2009-02-05 21:06 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-06-01 16:00 . 2009-02-05 21:05 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-06-01 16:00 . 2009-02-05 21:04 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-06-01 16:00 . 2009-02-05 21:08 93296 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-06-01 16:00 . 2009-02-05 21:08 94032 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-06-01 16:00 . 2009-02-05 21:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-06-01 16:00 . 2009-02-05 21:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-06-01 15:59 . 2009-02-05 21:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe
2009-06-01 14:53 . 2007-12-26 11:45 679936 ----a-w- c:\windows\system32\D3DX81ab.dll
2009-06-01 14:53 . 2007-12-26 11:45 1970176 ----a-w- c:\windows\system32\d3dx9.dll
2009-06-01 14:53 . 2009-06-01 16:19 -------- d-----w- c:\program files\Cheat Engine
2009-06-01 07:44 . 2009-06-01 07:44 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-06-01 07:43 . 2009-06-01 07:48 -------- d-----w- c:\program files\Google
2009-06-01 07:11 . 2009-06-01 07:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-06-01 06:11 . 2009-06-01 06:11 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2009-06-01 06:11 . 2009-05-26 07:35 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-01 06:11 . 2009-06-01 06:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-01 06:11 . 2009-05-26 07:34 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-01 06:11 . 2009-06-01 07:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-01 05:30 . 2009-06-01 05:30 301568 ----a-w- c:\windows\system32\catohtxt.dll
2009-06-01 05:26 . 2009-06-01 05:26 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-06-01 05:25 . 2009-06-01 13:35 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-05-31 17:23 . 2008-04-13 23:57 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2009-05-31 17:23 . 2001-08-17 16:51 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2009-05-31 17:23 . 2008-04-13 23:57 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2009-05-31 17:23 . 2001-08-17 16:52 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2009-05-31 17:23 . 2001-08-17 16:52 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2009-05-31 17:22 . 2001-08-17 16:52 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2009-05-31 17:22 . 2001-08-17 06:26 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2009-05-31 17:22 . 2008-04-13 16:19 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2009-05-31 17:22 . 2008-04-13 16:19 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2009-05-31 17:22 . 2008-04-13 23:57 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2009-05-31 17:22 . 2008-04-13 18:21 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys
2009-05-31 17:22 . 2008-04-13 16:20 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2009-05-31 17:22 . 2001-08-17 06:27 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2009-05-31 17:22 . 2001-08-17 07:43 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2009-05-31 17:20 . 2001-08-17 06:28 19528 -c--a-w- c:\windows\system32\dllcache\w840nd.sys
2009-05-31 17:20 . 2001-08-17 07:43 64605 -c--a-w- c:\windows\system32\dllcache\vvoice.sys
2009-05-31 17:20 . 2001-08-17 07:43 397502 -c--a-w- c:\windows\system32\dllcache\vpctcom.sys
2009-05-31 17:20 . 2001-08-17 07:43 604253 -c--a-w- c:\windows\system32\dllcache\vmodem.sys
2009-05-31 17:20 . 2001-08-17 06:29 249402 -c--a-w- c:\windows\system32\dllcache\vinwm.sys
2009-05-31 17:20 . 2001-08-17 08:04 24576 -c--a-w- c:\windows\system32\dllcache\viairda.sys
2009-05-31 17:20 . 2008-04-13 18:25 5376 -c--a-w- c:\windows\system32\dllcache\viaide.sys
2009-05-31 17:20 . 2008-04-13 18:21 42240 -c--a-w- c:\windows\system32\dllcache\viaagp.sys
2009-05-31 17:20 . 2008-04-13 23:57 11325 -c--a-w- c:\windows\system32\dllcache\vchnt5.dll
2009-05-31 17:20 . 2001-08-17 07:43 687999 -c--a-w- c:\windows\system32\dllcache\usrwdxjs.sys
2009-05-31 17:20 . 2001-08-17 07:43 765884 -c--a-w- c:\windows\system32\dllcache\usrti.sys
2009-05-31 17:18 . 2001-08-17 16:51 69632 -c--a-w- c:\windows\system32\dllcache\umaxu12.dll
2009-05-31 17:18 . 2001-08-17 16:51 50688 -c--a-w- c:\windows\system32\dllcache\umaxscan.dll
2009-05-31 17:18 . 2001-08-17 08:13 22912 -c--a-w- c:\windows\system32\dllcache\umaxpcls.sys
2009-05-31 17:18 . 2001-08-17 16:51 50176 -c--a-w- c:\windows\system32\dllcache\umaxp60.dll
2009-05-31 17:18 . 2001-08-17 16:51 47616 -c--a-w- c:\windows\system32\dllcache\umaxcam.dll
2009-05-31 17:18 . 2001-08-17 16:51 211968 -c--a-w- c:\windows\system32\dllcache\um54scan.dll
2009-05-31 17:18 . 2001-08-17 16:51 216064 -c--a-w- c:\windows\system32\dllcache\um34scan.dll
2009-05-31 17:18 . 2001-08-17 08:07 36736 -c--a-w- c:\windows\system32\dllcache\ultra.sys
2009-05-31 17:18 . 2008-04-13 18:21 44672 -c--a-w- c:\windows\system32\dllcache\uagp35.sys
2009-05-31 17:18 . 2001-08-17 08:03 11520 -c--a-w- c:\windows\system32\dllcache\twotrack.sys
2009-05-31 17:18 . 2001-08-17 07:06 166784 -c--a-w- c:\windows\system32\dllcache\tridxpm.sys
2009-05-31 17:17 . 2001-08-17 16:51 525568 -c--a-w- c:\windows\system32\dllcache\tridxp.dll
2009-05-31 17:17 . 2001-08-17 07:06 159232 -c--a-w- c:\windows\system32\dllcache\tridkbm.sys
2009-05-31 17:17 . 2001-08-17 09:11 440576 -c--a-w- c:\windows\system32\dllcache\tridkb.dll
2009-05-31 17:17 . 2001-08-17 07:06 222336 -c--a-w- c:\windows\system32\dllcache\trid3dm.sys
2009-05-31 17:17 . 2001-08-17 09:11 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll
2009-05-31 17:17 . 2001-08-17 06:27 34375 -c--a-w- c:\windows\system32\dllcache\tpro4.sys
2009-05-31 17:17 . 2001-08-17 16:50 42496 -c--a-w- c:\windows\system32\dllcache\tp4res.dll
2009-05-31 17:17 . 2008-04-13 23:57 82944 -c--a-w- c:\windows\system32\dllcache\tp4mon.exe
2009-05-31 17:17 . 2001-08-17 16:51 31744 -c--a-w- c:\windows\system32\dllcache\tp4.dll
2009-05-31 17:17 . 2001-08-17 08:06 4992 -c--a-w- c:\windows\system32\dllcache\toside.sys
2009-05-31 17:17 . 2001-08-17 08:17 230912 -c--a-w- c:\windows\system32\dllcache\tosdvd03.sys
2009-05-31 17:16 . 2001-08-17 08:16 241664 -c--a-w- c:\windows\system32\dllcache\tosdvd02.sys
2009-05-31 17:16 . 2001-08-17 06:25 28232 -c--a-w- c:\windows\system32\dllcache\tos4mo.sys
2009-05-31 17:16 . 2001-08-17 06:29 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys
2009-05-31 17:16 . 2001-08-17 07:06 138528 -c--a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2009-05-31 17:16 . 2001-08-17 09:11 81408 -c--a-w- c:\windows\system32\dllcache\tgiul50.dll
2009-05-31 17:16 . 2008-04-13 18:25 149376 -c--a-w- c:\windows\system32\dllcache\tffsport.sys
2009-05-31 17:16 . 2001-08-17 06:28 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys
2009-05-31 17:16 . 2001-08-17 06:28 37961 -c--a-w- c:\windows\system32\dllcache\tdk100b.sys
2009-05-31 17:16 . 2001-08-17 08:04 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys
2009-05-31 17:16 . 2001-08-17 08:07 7040 -c--a-w- c:\windows\system32\dllcache\tandqic.sys
2009-05-31 17:16 . 2001-08-17 07:05 36640 -c--a-w- c:\windows\system32\dllcache\t2r4mini.sys
2009-05-31 17:15 . 2001-08-17 09:11 172768 -c--a-w- c:\windows\system32\dllcache\t2r4disp.dll
2009-05-31 17:15 . 2001-08-17 08:22 32640 -c--a-w- c:\windows\system32\dllcache\symc8xx.sys
2009-05-31 17:15 . 2001-08-17 08:22 16256 -c--a-w- c:\windows\system32\dllcache\symc810.sys
2009-05-31 17:15 . 2001-08-17 08:22 30688 -c--a-w- c:\windows\system32\dllcache\sym_u3.sys
2009-05-31 17:15 . 2001-08-17 08:22 28384 -c--a-w- c:\windows\system32\dllcache\sym_hi.sys
2009-05-31 17:15 . 2001-08-17 16:51 94293 -c--a-w- c:\windows\system32\dllcache\sxports.dll
2009-05-31 17:15 . 2001-08-17 08:05 103936 -c--a-w- c:\windows\system32\dllcache\sx.sys
2009-05-31 17:15 . 2001-08-17 08:17 3968 -c--a-w- c:\windows\system32\dllcache\swusbflt.sys
2009-05-31 17:15 . 2001-08-17 16:51 10240 -c--a-w- c:\windows\system32\dllcache\swpidflt.dll
2009-05-31 17:15 . 2001-08-17 16:51 10240 -c--a-w- c:\windows\system32\dllcache\swpdflt2.dll
2009-05-31 17:15 . 2001-08-17 16:51 53760 -c--a-w- c:\windows\system32\dllcache\sw_wheel.dll
2009-05-31 17:14 . 2001-08-17 16:51 41472 -c--a-w- c:\windows\system32\dllcache\sw_effct.dll
2009-05-31 17:14 . 2001-08-17 16:51 155648 -c--a-w- c:\windows\system32\dllcache\stlnprop.dll
2009-05-31 17:14 . 2001-08-17 16:51 53248 -c--a-w- c:\windows\system32\dllcache\stlncoin.dll
2009-05-31 17:14 . 2001-08-17 06:33 285760 -c--a-w- c:\windows\system32\dllcache\stlnata.sys
2009-05-31 17:14 . 2001-08-17 08:06 16896 -c--a-w- c:\windows\system32\dllcache\stcusb.sys
2009-05-31 17:14 . 2001-08-17 06:26 48736 -c--a-w- c:\windows\system32\dllcache\srwlnd5.sys
2009-05-31 17:14 . 2001-08-17 16:51 99328 -c--a-w- c:\windows\system32\dllcache\srusd.dll
2009-05-31 17:14 . 2001-08-17 16:51 24660 -c--a-w- c:\windows\system32\dllcache\spxupchk.dll
2009-05-31 17:14 . 2001-08-17 08:06 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys
2009-05-31 17:14 . 2001-08-17 16:51 106584 -c--a-w- c:\windows\system32\dllcache\spdports.dll
2009-05-31 17:13 . 2001-08-17 08:22 19072 -c--a-w- c:\windows\system32\dllcache\sparrow.sys
2009-05-31 17:13 . 2001-08-17 08:11 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2009-05-31 17:13 . 2001-08-17 07:06 37040 -c--a-w- c:\windows\system32\dllcache\sonypi.sys
2009-05-31 17:13 . 2001-08-17 16:51 114688 -c--a-w- c:\windows\system32\dllcache\sonypi.dll
2009-05-31 17:13 . 2001-08-17 07:06 20752 -c--a-w- c:\windows\system32\dllcache\sonync.sys
2009-05-31 17:13 . 2001-08-17 08:08 9600 -c--a-w- c:\windows\system32\dllcache\sonymc.sys
2009-05-31 17:13 . 2008-04-13 18:25 7552 -c--a-w- c:\windows\system32\dllcache\sonyait.sys
2009-05-31 17:13 . 2001-08-17 08:08 7040 -c--a-w- c:\windows\system32\dllcache\snyaitmc.sys
2009-05-31 17:13 . 2001-08-17 07:06 58368 -c--a-w- c:\windows\system32\dllcache\smiminib.sys
2009-05-31 17:13 . 2001-08-17 09:11 147200 -c--a-w- c:\windows\system32\dllcache\smidispb.dll
2009-05-31 17:13 . 2001-08-17 06:27 25034 -c--a-w- c:\windows\system32\dllcache\smcpwr2n.sys
2009-05-31 17:11 . 2001-08-17 06:27 94698 -c--a-w- c:\windows\system32\dllcache\sk98xwin.sys
2009-05-31 17:11 . 2001-08-17 09:11 157696 -c--a-w- c:\windows\system32\dllcache\sisv256.dll
2009-05-31 17:11 . 2001-08-17 07:05 50432 -c--a-w- c:\windows\system32\dllcache\sisv.sys
2009-05-31 17:11 . 2008-04-13 16:20 32768 -c--a-w- c:\windows\system32\dllcache\sisnic.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-01 18:52 . 2009-04-14 12:23 -------- d-----w- c:\documents and settings\Administrator\Application Data\DMCache
2009-06-01 18:27 . 2009-04-28 11:15 -------- d-----w- c:\program files\Mozilla Firefox 3.5 Beta 4
2009-06-01 13:35 . 2009-04-22 11:21 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-06-01 07:04 . 2009-04-22 09:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2009-06-01 07:04 . 2009-04-22 09:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2009-06-01 07:03 . 2009-04-22 09:38 -------- d-----w- c:\program files\Symantec
2009-06-01 07:03 . 2009-04-22 09:38 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-05-31 19:16 . 2009-04-14 19:20 -------- d-----w- c:\documents and settings\Administrator\Application Data\Media Player Classic
2009-05-29 16:42 . 2009-04-14 12:23 -------- d-----w- c:\documents and settings\Administrator\Application Data\IDM
2009-05-29 11:36 . 2009-04-14 12:23 -------- d-----w- c:\program files\Internet Download Manager
2009-05-29 08:41 . 2009-04-16 08:04 -------- d-----w- c:\documents and settings\Administrator\Application Data\TeamViewer
2009-05-29 08:41 . 2008-12-12 13:04 -------- d--h--w- c:\program files\Lgvlcqlujdbtcr
2009-05-28 18:24 . 2009-04-14 11:28 -------- d-----w- c:\program files\Yahoo!
2009-05-26 13:13 . 2009-04-17 17:01 -------- d-----w- c:\program files\AskBarDis
2009-05-19 18:21 . 2009-04-14 12:35 198064 ----a-w- c:\documents and settings\Administrator\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-05-14 16:13 . 2009-04-14 10:59 60408 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-12 17:09 . 2009-04-14 12:47 217536 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2009-04-30 17:17 . 2009-04-30 17:17 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-04-30 17:03 . 2009-04-30 17:03 -------- d-----w- c:\program files\HashTab Shell Extension
2009-04-30 04:26 . 2009-04-30 04:26 -------- d-----w- c:\documents and settings\Administrator\Application Data\ImgBurn
2009-04-28 16:52 . 2009-04-24 15:42 -------- d-----w- c:\documents and settings\Administrator\Application Data\VMware
2009-04-28 11:16 . 2009-04-14 11:24 -------- d-----w- c:\program files\Mozilla Firefox 3.1 Beta 3
2009-04-23 13:12 . 2009-04-14 13:06 -------- d-----w- c:\program files\Windows Live
2009-04-23 03:51 . 2009-04-23 03:50 -------- d-----w- c:\program files\ImgBurn
2009-04-22 17:27 . 2009-04-22 17:18 -------- d-----w- c:\program files\SystemRequirementsLab
2009-04-22 17:18 . 2009-04-22 17:17 -------- d-----w- c:\documents and settings\Administrator\Application Data\SystemRequirementsLab
2009-04-22 17:17 . 2009-04-22 17:17 207872 ----a-w- c:\documents and settings\Administrator\Application Data\SystemRequirementsLab\SRLProxy_srl_4.dll
2009-04-22 17:17 . 2009-04-22 17:17 207872 ----a-w- c:\documents and settings\Administrator\Application Data\SystemRequirementsLab\SRLProxy_srl_3.dll
2009-04-22 17:17 . 2009-04-22 17:17 207872 ----a-w- c:\documents and settings\Administrator\Application Data\SystemRequirementsLab\SRLProxy_srl_2.dll
2009-04-22 17:17 . 2009-04-22 17:17 207872 ----a-w- c:\documents and settings\Administrator\Application Data\SystemRequirementsLab\SRLProxy_srl_1.dll
2009-04-22 11:23 . 2009-04-22 11:23 -------- d-----w- c:\documents and settings\All Users\Application Data\TechSmith
2009-04-22 11:23 . 2009-04-22 11:23 -------- d-----w- c:\program files\TechSmith
2009-04-22 09:37 . 2009-04-22 09:36 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2009-04-22 09:36 . 2009-04-22 09:36 -------- d-----w- c:\program files\NortonInstaller
2009-04-19 10:42 . 2009-04-19 10:42 -------- d-----w- c:\program files\Microsoft Silverlight
2009-04-19 10:37 . 2009-04-19 10:37 6915 ----a-w- c:\documents and settings\Administrator\Application Data\IDM\DwnlData\Administrator\Silverlight.2.0_36\Silverlight.2.0.exe
2009-04-19 05:21 . 2009-04-17 17:01 -------- d-----w- c:\program files\Foxit Software
2009-04-17 17:01 . 2009-04-17 17:01 -------- d-----w- c:\documents and settings\Administrator\Application Data\Foxit
2009-04-17 15:59 . 2009-04-17 15:55 -------- d-----w- c:\program files\Common Files\Adobe
2009-04-17 15:56 . 2009-04-17 15:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Adobe Systems
2009-04-17 15:56 . 2009-04-17 15:56 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2009-04-17 09:04 . 2009-04-17 09:04 -------- d-----w- c:\program files\Universal Extractor
2009-04-17 05:49 . 2009-04-14 10:52 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-04-16 08:04 . 2009-04-16 08:04 -------- d-----w- c:\program files\TeamViewer
2009-04-15 07:38 . 2009-04-15 07:38 -------- d-----w- c:\program files\Realtek AC97
2009-04-14 19:31 . 2009-04-14 19:18 -------- d-----w- c:\documents and settings\Administrator\Application Data\TrueCrypt
2009-04-14 13:25 . 2009-04-14 13:25 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-04-14 13:25 . 2009-04-14 13:25 -------- d-----w- c:\program files\Java
2009-04-14 13:24 . 2009-04-14 13:24 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-04-14 12:47 . 2009-04-14 12:47 -------- d-----w- c:\program files\TrueCrypt
2009-04-14 12:23 . 2009-04-14 12:23 198064 ----a-w- c:\documents and settings\Administrator\Application Data\IDM\idmmzcc02\components\idmmzcc.dll
2009-04-14 12:15 . 2009-04-14 12:15 -------- d-----w- c:\program files\Sandboxie
2009-04-14 12:04 . 2009-04-14 12:04 -------- d-----w- c:\program files\Defraggler
2009-04-14 11:43 . 2009-04-14 11:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-04-14 11:24 . 2009-04-14 11:24 0 ----a-w- c:\windows\nsreg.dat
2009-04-14 11:03 . 2009-04-14 11:03 -------- d-----w- c:\program files\Alwil Software
2009-04-14 11:02 . 2009-04-14 11:02 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-04-14 11:02 . 2009-04-14 11:02 -------- d-----w- c:\program files\Common Files\InstallShield
2009-04-14 11:01 . 2009-04-14 11:01 -------- d-----w- c:\program files\Intel
2009-04-14 10:54 . 2009-04-14 10:54 -------- d-----w- c:\program files\microsoft frontpage
2009-04-14 10:49 . 2009-04-14 10:49 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-04-02 13:21 . 2009-04-30 17:17 84480 ----a-w- c:\windows\system32\ff_vfw.dll
2009-03-24 12:48 . 2009-03-24 12:48 237264 ----a-w- c:\documents and settings\Administrator\Application Data\Mozilla\plugins\npgoogletalk.dll
2009-03-21 14:06 . 2008-04-14 12:00 2486272 ----a-w- c:\windows\system32\icodubit.dll
2009-03-21 14:06 . 2008-04-14 12:00 2457600 ----a-w- c:\windows\system32\resohart.dll
2009-03-21 14:06 . 2008-04-14 12:00 157896 ----a-w- c:\windows\system32\dllorbio32.dll
2009-03-21 14:06 . 2008-04-14 12:00 1298432 ----a-w- c:\windows\system32\chmitbio.dll
2009-03-21 14:06 . 2008-04-14 12:00 1187840 ----a-w- c:\windows\system32\polepdot.exe
2009-03-21 14:06 . 2008-04-14 12:00 118784 ----a-w- c:\windows\system32\ipaxai.dll
2009-03-21 14:06 . 2008-04-14 12:00 118784 ----a-w- c:\windows\system32\dbogexe.dll
2009-03-21 14:06 . 2008-04-14 12:00 1183744 ----a-w- c:\windows\system32\urigidec.exe
2009-03-21 14:06 . 2008-04-14 12:00 1060864 ----a-w- c:\windows\system32\dosummod.dll
2009-03-07 22:49 . 2008-04-14 12:00 914944 ----a-w- c:\windows\system32\wininet.dll
2009-03-07 22:49 . 2008-04-14 12:00 43008 ----a-w- c:\windows\system32\licmgr10.dll
2009-03-07 22:48 . 2008-04-14 12:00 18944 ----a-w- c:\windows\system32\corpol.dll
2009-03-07 22:48 . 2008-04-14 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2009-03-07 22:47 . 2008-04-14 12:00 72704 ----a-w- c:\windows\system32\admparse.dll
2009-03-07 22:47 . 2008-04-14 12:00 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-03-07 22:46 . 2008-04-14 12:00 34816 ----a-w- c:\windows\system32\imgutil.dll
2009-03-07 22:46 . 2008-04-14 12:00 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-03-07 22:46 . 2008-04-14 12:00 45568 ----a-w- c:\windows\system32\mshta.exe
2009-03-07 22:37 . 2008-04-14 12:00 156160 ----a-w- c:\windows\system32\msls31.dll
2009-03-06 14:22 . 2008-04-14 12:00 284160 ----a-w- c:\windows\system32\pdh.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-05-19 2811312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ad Muncher"="c:\program files\Ad Muncher\AdMunch.exe" [2009-05-31 841728]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2009-05-28 341312]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\Internet Download Manager\\IDMan.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Documents and Settings\\Administrator\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\Administrator\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [6/1/2009 9:45 PM 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6/1/2009 9:45 PM 20560]
R3 SbieDrv;SbieDrv;c:\program files\Sandboxie\SbieDrv.sys [5/28/2009 7:17 PM 108032]
S2 gupdate1c9e28cbfec4100;Google Update Service (gupdate1c9e28cbfec4100);c:\program files\Google\Update\GoogleUpdate.exe [6/1/2009 1:29 PM 133104]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - DWVIWILTGVPK
*NewlyCreated* - PHOOKS
*NewlyCreated* - SDTHOOK
*Deregistered* - dwviwiltgvpk
*Deregistered* - SDTHOOK

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-06-01 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-01 07:43]

2009-05-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-412668190-1644491937-500.job
- c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-23 01:29]

2009-05-29 c:\windows\Tasks\User_Feed_Synchronization-{0EB15FCA-6085-43A4-957D-EA6071B81785}.job
- c:\windows\system32\msfeedssync.exe [2009-03-07 22:46]
.
- - - - ORPHANS REMOVED - - - -

BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
HKCU-Run-Google Update - and settings\administrator\local settings\application data\google\update\googleupdate.exe
SafeBoot-procexp90.Sys


.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = local
IE: Block frame with Ad Muncher - http://www.admuncher.com/request_will_be_i...d=menu_ie_frame
IE: Block image with Ad Muncher - http://www.admuncher.com/request_will_be_i...d=menu_ie_image
IE: Block link with Ad Muncher - http://www.admuncher.com/request_will_be_i...id=menu_ie_link
IE: Don't filter page with Ad Muncher - http://www.admuncher.com/request_will_be_i...menu_ie_exclude
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Report page to the Ad Muncher developers - http://www.admuncher.com/request_will_be_i...=menu_ie_report
TCP: {5737145F-5894-4306-84F3-6582C6C48D47} = 202.70.64.5,202.70.64.15
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8zrcejh1.default\
FF - component: c:\documents and settings\Administrator\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
FF - component: c:\program files\Google\Google Gears\Firefox\components\gears.dll
FF - plugin: c:\documents and settings\Administrator\Application Data\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\Google\Update\1.2.145.5\npGoogleOneClick8.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-02 00:37
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1757981266-412668190-1644491937-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ba,b7,38,1a,15,27,b4,42,82,57,54,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ba,b7,38,1a,15,27,b4,42,82,57,54,\

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\MSSYCLM]
@Denied: (B C D 1 2 3 4 5 6) (LocalSystem)
.
Completion time: 2009-06-01 0:39
ComboFix-quarantined-files.txt 2009-06-01 18:54

Pre-Run: 10,570,592,256 bytes free
Post-Run: 10,614,013,952 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

335 --- E O F --- 2009-05-14 16:22



after this comes the gmer log. :thumbup2:


GMER 1.0.15.14972 - http://www.gmer.net
Rootkit scan 2009-06-16 19:27:17
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.15 ----

SSDT 86687630 ZwAssignProcessToJobObject
SSDT 86686A60 ZwOpenProcess
SSDT 86686E80 ZwOpenThread
SSDT 86687460 ZwSuspendProcess
SSDT 86687280 ZwSuspendThread
SSDT 86686C90 ZwTerminateProcess
SSDT 866870B0 ZwTerminateThread

---- Kernel code sections - GMER 1.0.15 ----

.text win32k.sys!EngAcquireSemaphore + 20E2 BF8082D1 5 Bytes JMP 865C84D0
.text win32k.sys!EngFreeUserMem + 5BD2 BF80EE58 5 Bytes JMP 865C8430
.text win32k.sys!EngCreateBitmap + D9A0 BF84582C 5 Bytes JMP 865C8610
.text win32k.sys!EngMultiByteToWideChar + 2F22 BF85277C 5 Bytes JMP 865C8750
.text win32k.sys!EngGradientFill + 5100 BF8B3C90 5 Bytes JMP 865C8570
.text win32k.sys!EngAlphaBlend + 9285 BF8C3136 3 Bytes JMP 865C86B0
.text win32k.sys!EngAlphaBlend + 9289 BF8C313A 1 Byte [C6]
.text win32k.sys!PATHOBJ_vGetBounds + 74E1 BF8F004B 5 Bytes JMP 865C87F0

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe[456] ws2_32.dll!getsockname 71AB3D10 6 Bytes JMP 00A10000
.text C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe[456] ws2_32.dll!closesocket 71AB3E2B 6 Bytes JMP 00A60000
.text C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe[456] ws2_32.dll!connect 71AB4A07 6 Bytes JMP 00A50000
.text C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe[456] ws2_32.dll!WSAStartup 71AB6A55 6 Bytes JMP 00A30000
.text C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe[456] ws2_32.dll!getpeername 71AC0B68 6 Bytes JMP 00A20000
.text C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe[456] ws2_32.dll!WSAConnect 71AC0C81 6 Bytes JMP 00A40000
.text C:\Program Files\ESET\ESET Smart Security\egui.exe[464] WS2_32.dll!getsockname 71AB3D10 6 Bytes JMP 01CD0000
.text C:\Program Files\ESET\ESET Smart Security\egui.exe[464] WS2_32.dll!closesocket 71AB3E2B 6 Bytes JMP 01D20000
.text C:\Program Files\ESET\ESET Smart Security\egui.exe[464] WS2_32.dll!connect 71AB4A07 6 Bytes JMP 01D10000
.text C:\Program Files\ESET\ESET Smart Security\egui.exe[464] WS2_32.dll!WSAStartup 71AB6A55 6 Bytes JMP 01CF0000
.text C:\Program Files\ESET\ESET Smart Security\egui.exe[464] WS2_32.dll!getpeername 71AC0B68 6 Bytes JMP 01CE0000
.text C:\Program Files\ESET\ESET Smart Security\egui.exe[464] WS2_32.dll!WSAConnect 71AC0C81 6 Bytes JMP 01D00000
.text C:\Program Files\ESET\ESET Smart Security\ekrn.exe[688] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 00]
.text C:\WINDOWS\Explorer.EXE[1836] WS2_32.dll!getsockname 71AB3D10 6 Bytes JMP 02890000
.text C:\WINDOWS\Explorer.EXE[1836] WS2_32.dll!closesocket 71AB3E2B 6 Bytes JMP 028E0000
.text C:\WINDOWS\Explorer.EXE[1836] WS2_32.dll!connect 71AB4A07 6 Bytes JMP 028D0000
.text C:\WINDOWS\Explorer.EXE[1836] WS2_32.dll!WSAStartup 71AB6A55 6 Bytes JMP 028B0000
.text C:\WINDOWS\Explorer.EXE[1836] WS2_32.dll!getpeername 71AC0B68 6 Bytes JMP 028A0000
.text C:\WINDOWS\Explorer.EXE[1836] WS2_32.dll!WSAConnect 71AC0C81 6 Bytes JMP 028C0000
.text C:\Documents and Settings\Administrator\Desktop\hmlcyw7z.exe[3192] ws2_32.dll!getsockname 71AB3D10 6 Bytes JMP 00B00000
.text C:\Documents and Settings\Administrator\Desktop\hmlcyw7z.exe[3192] ws2_32.dll!closesocket 71AB3E2B 6 Bytes JMP 00B50000
.text C:\Documents and Settings\Administrator\Desktop\hmlcyw7z.exe[3192] ws2_32.dll!connect 71AB4A07 6 Bytes JMP 00B40000
.text C:\Documents and Settings\Administrator\Desktop\hmlcyw7z.exe[3192] ws2_32.dll!WSAStartup 71AB6A55 6 Bytes JMP 00B20000
.text C:\Documents and Settings\Administrator\Desktop\hmlcyw7z.exe[3192] ws2_32.dll!getpeername 71AC0B68 6 Bytes JMP 00B10000
.text C:\Documents and Settings\Administrator\Desktop\hmlcyw7z.exe[3192] ws2_32.dll!WSAConnect 71AC0C81 6 Bytes JMP 00B30000

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Ip epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\Udp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\RawIp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)

---- Threads - GMER 1.0.15 ----

Thread System [4:516] 86685790

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}@scansk 0x9B 0x2B 0x31 0x7B ...
Reg HKLM\SOFTWARE\Classes\CLSID\{bf044578-2da5-49e7-a1d4-4f65bad29b46}@Model 160
Reg HKLM\SOFTWARE\Classes\CLSID\{bf044578-2da5-49e7-a1d4-4f65bad29b46}@Therad 1
Reg HKLM\SOFTWARE\Classes\CLSID\{bf044578-2da5-49e7-a1d4-4f65bad29b46}@MData 0x73 0xD5 0xCF 0xB8 ...

---- EOF - GMER 1.0.15 ----



:)This is the olt log :)

OTL logfile created on: 6/16/2009 4:56:56 PM - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1021.80 Mb Total Physical Memory | 662.46 Mb Available Physical Memory | 64.83% Memory free
3.38 Gb Paging File | 3.06 Gb Available in Paging File | 90.57% Paging File free
Paging file location(s): C:\pagefile.sys 2536 4072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.54 Gb Total Space | 8.44 Gb Free Space | 43.21% Space Free | Partition Type: NTFS
Drive D: | 54.99 Gb Total Space | 30.30 Gb Free Space | 55.11% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME-B5021EFA3B
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== Processes (SafeList) ==========

PRC - [2008/04/14 17:45:00 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2009/03/19 11:44:50 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2009/05/28 19:17:26 | 00,053,760 | ---- | M] (tzuk) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2009/06/01 13:28:34 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2009/05/31 17:32:05 | 00,841,728 | ---- | M] (Murray Hurps Corp Pty Ltd) -- C:\Program Files\Ad Muncher\AdMunch.exe
PRC - [2009/06/01 22:26:11 | 00,341,312 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
PRC - [2009/03/19 11:44:28 | 02,029,640 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2009/05/26 21:06:32 | 00,079,088 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
PRC - [2009/05/20 11:23:48 | 00,839,152 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/05/20 11:23:48 | 00,839,152 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/05/20 11:23:48 | 00,839,152 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/05/20 11:23:48 | 00,839,152 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/05/20 00:06:09 | 02,811,312 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2008/02/18 18:46:01 | 00,251,312 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2009/06/16 16:52:33 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/06/05 21:26:18 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2009/03/19 11:48:08 | 00,020,680 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv [On_Demand | Stopped])
SRV - [2009/03/19 11:44:50 | 00,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn [Auto | Running])
SRV - [2009/06/01 13:28:34 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9e28cbfec4100 [Auto | Stopped])
SRV - [2008/04/14 17:45:00 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2009/06/02 20:24:49 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Disabled | Stopped])
SRV - [2002/09/27 11:56:20 | 00,139,264 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc [On_Demand | Stopped])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2009/05/28 19:17:26 | 00,053,760 | ---- | M] (tzuk) -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc [Auto | Running])

========== Driver Services (SafeList) ==========

DRV - [2006/02/09 05:29:00 | 03,846,016 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
DRV - [2002/09/25 06:09:12 | 00,140,800 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Running])
DRV - [2009/03/19 11:41:38 | 00,113,960 | ---- | M] (ESET) -- C:\WINDOWS\system32\DRIVERS\eamon.sys -- (eamon [On_Demand | Running])
DRV - [2009/03/19 11:44:34 | 00,107,256 | ---- | M] (ESET) -- C:\WINDOWS\system32\DRIVERS\ehdrv.sys -- (ehdrv [System | Running])
DRV - [2009/03/19 11:45:32 | 00,131,976 | ---- | M] (ESET) -- C:\WINDOWS\system32\DRIVERS\epfw.sys -- (epfw [Auto | Running])
DRV - [2009/03/19 11:45:34 | 00,033,096 | ---- | M] (ESET) -- C:\WINDOWS\system32\DRIVERS\Epfwndis.sys -- (Epfwndis [On_Demand | Running])
DRV - [2009/03/19 11:45:36 | 00,055,768 | ---- | M] (ESET) -- C:\WINDOWS\system32\DRIVERS\epfwtdi.sys -- (epfwtdi [System | Running])
DRV - [2005/06/21 17:12:34 | 00,807,998 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Running])
DRV - [2008/04/14 17:45:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2009/05/28 19:17:24 | 00,108,032 | ---- | M] (tzuk) -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv [On_Demand | Running])
DRV - [2008/04/14 17:45:00 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2009/05/12 22:54:44 | 00,217,536 | ---- | M] (TrueCrypt Foundation) -- C:\WINDOWS\System32\drivers\truecrypt.sys -- (truecrypt [System | Running])
DRV - [2007/05/01 22:51:02 | 00,030,768 | R--- | M] (VMware, Inc.) -- C:\WINDOWS\System32\Drivers\vmusb.sys -- (vmusb [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1757981266-412668190-1644491937-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1757981266-412668190-1644491937-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch
IE - HKU\S-1-5-21-1757981266-412668190-1644491937-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome
IE - HKU\S-1-5-21-1757981266-412668190-1644491937-500\S-1-5-21-1757981266-412668190-1644491937-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1757981266-412668190-1644491937-500\S-1-5-21-1757981266-412668190-1644491937-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {3ED591BC-7CC7-495B-A526-B2431356EDC1}:2.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.21.0
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.3
FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:0.1.05262009
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11

FF - HKLM\software\mozilla\Firefox\Extensions\\{3ED591BC-7CC7-495B-A526-B2431356EDC1}: C:\PROGRAM FILES\AD MUNCHER\FIREFOXEXTENSION_2.0 [2009/05/31 17:32:05 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\PROGRAM FILES\GOOGLE\GOOGLE GEARS\FIREFOX\ [2009/06/14 12:48:45 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2009/06/02 20:24:51 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX 3.5 BETA 4\COMPONENTS [2009/06/14 08:39:21 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.11\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX 3.5 BETA 4\PLUGINS [2009/06/14 12:48:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\SeaMonkey\Extensions\\{3ED591BC-7CC7-495B-A526-B2431356EDC1}: C:\PROGRAM FILES\AD MUNCHER\FIREFOXEXTENSION_2.0 [2009/05/31 17:32:05 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2009/06/14 12:48:45 | 00,000,000 | ---D | M]

[2009/04/14 17:09:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Extensions
[2009/04/14 17:09:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/06/14 13:27:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\8zrcejh1.default\extensions
[2009/04/29 07:48:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\8zrcejh1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/06/01 14:34:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\mozilla\Firefox\Profiles\8zrcejh1.default\extensions\SkipScreen@SkipScreen

O1 HOSTS File: (307487 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 10585 more lines...
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.21.0\gears.dll (Google Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKU\S-1-5-21-1757981266-412668190-1644491937-500\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - Reg Error: Key error. File not found
O3 - HKU\S-1-5-21-1757981266-412668190-1644491937-500\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [Ad Muncher] "C:\Program Files\Ad Muncher\AdMunch.exe" /bt (Murray Hurps Corp Pty Ltd)
O4 - HKLM..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice (ESET)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot (BillP Studios)
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 383
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1757981266-412668190-1644491937-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1757981266-412668190-1644491937-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1757981266-412668190-1644491937-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1757981266-412668190-1644491937-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1757981266-412668190-1644491937-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKU\S-1-5-21-1757981266-412668190-1644491937-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 1
O7 - HKU\S-1-5-21-1757981266-412668190-1644491937-500_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Block frame with Ad Muncher - http://www.admuncher.com/request_will_be_i...d=menu_ie_frame File not found
O8 - Extra context menu item: Block image with Ad Muncher - http://www.admuncher.com/request_will_be_i...d=menu_ie_image File not found
O8 - Extra context menu item: Block link with Ad Muncher - http://www.admuncher.com/request_will_be_i...id=menu_ie_link File not found
O8 - Extra context menu item: Don't filter page with Ad Muncher - http://www.admuncher.com/request_will_be_i...menu_ie_exclude File not found
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 (Microsoft Corporation)
O8 - Extra context menu item: Report page to the Ad Muncher developers - http://www.admuncher.com/request_will_be_i...=menu_ie_report File not found
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.21.0\gears.dll (Google Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1757981266-412668190-1644491937-500\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009/04/14 16:38:50 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/04/14 09:54:06 | 00,000,000 | ---D | M] - D:\AutoHotkey -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/06/16 16:57:24 | 00,000,000 | ---D | M]
O34 - HKLM BootExecute: (MACHINE) - File not found
O34 - HKLM BootExecute: (BootExecut) - File not found

========== Files/Folders - Created Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[2009/06/16 16:57:24 | 00,286,208 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\hmlcyw7z.exe
[2009/06/16 16:52:55 | 00,501,760 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2009/06/15 15:15:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2009/06/15 09:38:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\MGlogs
[2009/06/15 09:17:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\gmer
[2009/06/15 09:16:18 | 00,278,221 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\gmer.zip
[2009/06/15 07:31:24 | 00,033,648 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\opera.png
[2009/06/14 19:01:13 | 00,561,464 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\SecurityCheck.exe
[2009/06/14 18:47:58 | 00,052,288 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/06/14 14:19:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2009/06/14 12:29:01 | 00,000,000 | ---D | C] -- C:\Program Files\inKline Global
[2009/06/14 11:38:03 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/06/14 11:35:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Apple Computer
[2009/06/14 11:34:59 | 00,002,391 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2009/06/14 11:34:38 | 00,000,000 | ---D | C] -- C:\Program Files\Safari
[2009/06/14 11:34:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/06/14 00:44:59 | 00,002,344 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Google Chrome.lnk
[2009/06/13 20:01:04 | 00,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2009/06/12 21:15:26 | 00,000,002 | RHS- | C] () -- C:\WINDOWS\winstart.bat
[2009/06/12 21:14:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\RegRun2
[2009/06/12 21:14:38 | 00,000,000 | ---D | C] -- C:\Program Files\UnHackMe
[2009/06/12 18:42:37 | 00,000,075 | ---- | C] () -- C:\WINDOWS\SYMGAMES.INI
[2009/06/12 12:35:05 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\New Image.GIF
[2009/06/12 11:34:41 | 00,000,036 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2009/06/11 21:38:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2009/06/11 21:30:10 | 00,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieproxy.dll
[2009/06/11 21:30:10 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpshims.dll
[2009/06/11 21:30:08 | 01,985,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/06/11 21:29:57 | 11,064,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/06/10 09:04:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\ESET
[2009/06/10 08:52:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESET
[2009/06/07 11:08:55 | 00,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Videos
[2009/06/06 21:31:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2009/06/06 21:24:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Doctor Web
[2009/06/06 21:24:05 | 00,000,000 | ---D | C] -- C:\Program Files\DrWeb
[2009/06/06 14:05:38 | 00,001,154 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Flash2X EXE Packager.lnk
[2009/06/05 21:06:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\PRAM
[2009/06/05 20:04:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\game.jsp_files
[2009/06/04 22:17:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\logs
[2009/06/04 20:11:02 | 00,000,093 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Suda Aunt.KUN
[2009/06/04 19:52:42 | 00,000,000 | ---D | C] -- C:\Program Files\ESET
[2009/06/02 22:52:57 | 00,000,000 | ---D | C] -- C:\Program Files\GPLGS
[2009/06/02 22:27:04 | 00,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2009/06/02 22:26:51 | 00,000,000 | ---D | C] -- C:\Program Files\Acro Software
[2009/06/02 21:31:52 | 00,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Kundli-Pro.lnk
[2009/06/02 21:31:47 | 00,200,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\DBLIST32.OCX
[2009/06/02 21:31:47 | 00,134,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\COMDLG32.OCX
[2009/06/02 21:31:47 | 00,089,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB5DB.DLL
[2009/06/02 21:31:46 | 01,056,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSJET35.DLL
[2009/06/02 21:31:46 | 00,430,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSREPL35.DLL
[2009/06/02 21:31:46 | 00,368,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VBAR332.DLL
[2009/06/02 21:31:46 | 00,252,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSRD2X35.DLL
[2009/06/02 21:31:46 | 00,123,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSJINT35.DLL
[2009/06/02 21:31:46 | 00,024,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSJTER35.DLL
[2009/06/02 21:31:41 | 00,000,000 | ---D | C] -- C:\Program Files\Kundli
[2009/06/02 21:31:32 | 00,299,520 | ---- | C] (InstallShield Corporation, Inc.) -- C:\WINDOWS\uninst.exe
[2009/06/02 20:24:43 | 00,000,000 | ---D | C] -- C:\Program Files\Java
[2009/06/02 19:14:33 | 01,546,240 | ---- | C] (Topala Software Solutions) -- C:\Documents and Settings\Administrator\Desktop\siw.exe
[2009/06/02 17:10:20 | 00,000,000 | ---D | C] -- C:\Program Files\trend micro
[2009/06/02 00:55:30 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Bootvis
[2009/06/02 00:43:22 | 00,000,000 | -HSD | C] -- C:\RECYCLER
[2009/06/02 00:39:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\temp
[2009/06/02 00:33:17 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/06/02 00:30:14 | 00,000,000 | ---D | C] -- C:\Program Files\FreeFixer
[2009/06/02 00:25:14 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/06/02 00:25:14 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/06/02 00:25:14 | 00,154,624 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/06/02 00:25:14 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/06/02 00:25:14 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/06/02 00:25:14 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/06/02 00:25:14 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/06/02 00:25:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/06/01 23:01:56 | 00,000,131 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\look.bat
[2009/06/01 22:21:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\WinPatrol
[2009/06/01 22:21:13 | 00,000,000 | ---D | C] -- C:\Program Files\BillP Studios
[2009/06/01 20:38:42 | 00,000,670 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Cheat Engine.lnk
[2009/06/01 20:38:39 | 01,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2009/06/01 20:38:39 | 00,679,936 | ---- | C] (Generated by JEDI) -- C:\WINDOWS\System32\D3DX81ab.dll
[2009/06/01 20:38:38 | 00,000,000 | ---D | C] -- C:\Program Files\Cheat Engine
[2009/06/01 20:37:32 | 04,393,269 | ---- | C] (Dark Byte ) -- C:\Documents and Settings\Administrator\Desktop\CheatEngine55.exe
[2009/06/01 13:28:37 | 00,000,000 | ---D | C] -- C:\Program Files\Google
[2009/06/01 12:56:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
[2009/06/01 11:56:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2009/06/01 11:56:25 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/06/01 11:56:21 | 00,040,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/06/01 11:56:18 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/06/01 11:56:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/06/01 11:56:17 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/06/01 11:11:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2009/06/01 11:10:58 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/05/31 23:08:40 | 00,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2009/05/31 23:08:34 | 00,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2009/05/31 23:08:33 | 00,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2009/05/31 23:08:27 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2009/05/31 23:08:21 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2009/05/31 23:07:52 | 00,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2009/05/31 23:07:45 | 00,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2009/05/31 23:07:37 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2009/05/31 23:07:22 | 00,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiacpi.sys
[2009/05/31 23:07:19 | 00,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2009/05/31 23:07:14 | 00,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2009/05/31 23:07:01 | 00,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2009/05/31 23:06:54 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2009/05/31 23:06:48 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2009/05/31 23:06:38 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys
[2009/05/31 23:06:33 | 00,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2009/05/31 23:06:14 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wacompen.sys
[2009/05/31 23:06:08 | 00,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2009/05/31 23:06:03 | 00,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2009/05/31 23:05:57 | 00,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2009/05/31 23:05:48 | 00,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2009/05/31 23:05:42 | 00,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2009/05/31 23:05:34 | 00,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2009/05/31 23:05:29 | 00,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2009/05/31 23:05:21 | 00,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viaide.sys
[2009/05/31 23:05:20 | 00,042,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viaagp.sys
[2009/05/31 23:05:11 | 00,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2009/05/31 23:05:05 | 00,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2009/05/31 23:04:59 | 00,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2009/05/31 23:04:54 | 00,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2009/05/31 23:04:48 | 00,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2009/05/31 23:04:42 | 00,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2009/05/31 23:04:37 | 00,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2009/05/31 23:04:31 | 00,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2009/05/31 23:04:29 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2009/05/31 23:04:29 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2009/05/31 23:04:27 | 00,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbohci.sys
[2009/05/31 23:04:25 | 00,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2009/05/31 23:04:23 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2009/05/31 23:04:22 | 00,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2009/05/31 23:04:12 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll
[2009/05/31 23:04:07 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2009/05/31 23:04:02 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2009/05/31 23:03:56 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll
[2009/05/31 23:03:51 | 00,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2009/05/31 23:03:45 | 00,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2009/05/31 23:03:40 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2009/05/31 23:03:35 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2009/05/31 23:03:29 | 00,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2009/05/31 23:03:24 | 00,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2009/05/31 23:03:16 | 00,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uagp35.sys
[2009/05/31 23:03:01 | 00,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2009/05/31 23:02:55 | 00,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2009/05/31 23:02:50 | 00,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2009/05/31 23:02:44 | 00,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2009/05/31 23:02:39 | 00,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2009/05/31 23:02:34 | 00,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2009/05/31 23:02:09 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\toside.sys
[2009/05/31 23:01:46 | 00,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2009/05/31 23:01:38 | 00,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2009/05/31 23:01:32 | 00,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2009/05/31 23:01:31 | 00,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2009/05/31 23:01:24 | 00,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2009/05/31 23:01:19 | 00,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2009/05/31 23:01:05 | 00,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2009/05/31 23:01:00 | 00,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2009/05/31 23:00:55 | 00,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2009/05/31 23:00:26 | 00,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2009/05/31 23:00:21 | 00,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2009/05/31 23:00:17 | 00,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2009/05/31 23:00:12 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2009/05/31 23:00:07 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2009/05/31 23:00:02 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2009/05/31 22:59:57 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2009/05/31 22:59:50 | 00,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2009/05/31 22:59:45 | 00,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2009/05/31 22:59:40 | 00,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2009/05/31 22:59:35 | 00,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2009/05/31 22:59:26 | 00,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2009/05/31 22:59:21 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2009/05/31 22:59:12 | 00,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2009/05/31 22:59:06 | 00,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2009/05/31 22:59:01 | 00,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2009/05/31 22:58:56 | 00,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2009/05/31 22:58:31 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2009/05/31 22:58:30 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys
[2009/05/31 22:58:24 | 00,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2009/05/31 22:58:11 | 00,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2009/05/31 22:58:06 | 00,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2009/05/31 22:58:00 | 00,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2009/05/31 22:57:55 | 00,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2009/05/31 22:57:51 | 00,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2009/05/31 22:57:45 | 00,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys
[2009/05/31 22:57:44 | 00,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys
[2009/05/31 22:57:44 | 00,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys
[2009/05/31 22:57:43 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbali.sys
[2009/05/31 22:57:37 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll
[2009/05/31 22:57:32 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll
[2009/05/31 22:57:27 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll
[2009/05/31 22:57:21 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll
[2009/05/31 22:57:07 | 00,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2009/05/31 22:57:03 | 00,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2009/05/31 22:56:58 | 00,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2009/05/31 22:56:46 | 00,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2009/05/31 22:56:04 | 00,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2009/05/31 22:55:59 | 00,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2009/05/31 22:55:55 | 00,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2009/05/31 22:55:50 | 00,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2009/05/31 22:55:38 | 00,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2009/05/31 22:55:33 | 00,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys
[2009/05/31 22:55:26 | 00,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys
[2009/05/31 22:55:25 | 00,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys
[2009/05/31 22:55:20 | 00,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys
[2009/05/31 22:55:13 | 00,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2009/05/31 22:55:08 | 00,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys
[2009/05/31 22:55:02 | 00,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2009/05/31 22:54:58 | 00,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2009/05/31 22:54:56 | 00,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys
[2009/05/31 22:54:36 | 00,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2009/05/31 22:54:31 | 00,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2009/05/31 22:54:26 | 00,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2009/05/31 22:54:21 | 00,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2009/05/31 22:54:17 | 00,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2009/05/31 22:54:12 | 00,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2009/05/31 22:54:07 | 00,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2009/05/31 22:54:03 | 00,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2009/05/31 22:53:58 | 00,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2009/05/31 22:53:53 | 00,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2009/05/31 22:53:46 | 00,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2009/05/31 22:53:41 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2009/05/31 22:53:38 | 00,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2009/05/31 22:53:37 | 00,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2009/05/31 22:53:34 | 00,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8139.sys
[2009/05/31 22:53:29 | 00,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2009/05/31 22:53:18 | 00,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2009/05/31 22:53:09 | 00,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2009/05/31 22:53:08 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rndismpx.sys
[2009/05/31 22:53:03 | 00,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2009/05/31 22:53:01 | 00,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rfcomm.sys
[2009/05/31 22:52:56 | 00,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2009/05/31 22:52:43 | 00,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys
[2009/05/31 22:52:36 | 00,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2009/05/31 22:52:31 | 00,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2009/05/31 22:52:26 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2009/05/31 22:52:21 | 00,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[2009/05/31 22:52:09 | 00,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql1240.sys
[2009/05/31 22:51:59 | 00,033,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql10wnt.sys
[2009/05/31 22:51:52 | 00,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys
[2009/05/31 22:51:44 | 00,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2009/05/31 22:51:39 | 00,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2009/05/31 22:51:34 | 00,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2009/05/31 22:51:32 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll
[2009/05/31 22:51:27 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll
[2009/05/31 22:51:26 | 00,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2009/05/31 22:51:22 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll
[2009/05/31 22:51:20 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2009/05/31 22:51:15 | 00,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2009/05/31 22:51:11 | 00,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys
[2009/05/31 22:51:06 | 00,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys
[2009/05/31 22:51:06 | 00,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys
[2009/05/31 22:50:59 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys
[2009/05/31 22:50:47 | 00,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll
[2009/05/31 22:50:41 | 00,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys
[2009/05/31 22:50:36 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys
[2009/05/31 22:50:31 | 00,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys
[2009/05/31 22:50:27 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys
[2009/05/31 22:50:21 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll
[2009/05/31 22:50:16 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax
[2009/05/31 22:50:14 | 00,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll
[2009/05/31 22:50:12 | 00,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys
[2009/05/31 22:50:11 | 00,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll
[2009/05/31 22:50:10 | 00,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys
[2009/05/31 22:50:04 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2hib.sys
[2009/05/31 22:50:00 | 00,027,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2.sys
[2009/05/31 22:49:58 | 00,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2009/05/31 22:49:53 | 00,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2009/05/31 22:49:48 | 00,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys
[2009/05/31 22:49:43 | 00,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys
[2009/05/31 22:49:38 | 00,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[2009/05/31 22:49:33 | 00,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2009/05/31 22:49:32 | 00,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2009/05/31 22:49:27 | 00,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2009/05/31 22:49:16 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll
[2009/05/31 22:49:11 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll
[2009/05/31 22:49:07 | 00,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys
[2009/05/31 22:49:02 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe
[2009/05/31 22:48:58 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll
[2009/05/31 22:48:53 | 00,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys
[2009/05/31 22:48:48 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll
[2009/05/31 22:48:44 | 00,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys
[2009/05/31 22:48:39 | 00,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys
[2009/05/31 22:48:34 | 00,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys
[2009/05/31 22:48:30 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys
[2009/05/31 22:48:25 | 00,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2009/05/31 22:48:20 | 00,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2009/05/31 22:48:15 | 00,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2009/05/31 22:48:10 | 00,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2009/05/31 22:48:06 | 00,061,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ohci1394.sys
[2009/05/31 22:47:40 | 00,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2009/05/31 22:47:34 | 00,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys
[2009/05/31 22:47:29 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys
[2009/05/31 22:47:20 | 00,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2009/05/31 22:47:16 | 00,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2009/05/31 22:47:10 | 00,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2009/05/31 22:47:06 | 00,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2009/05/31 22:46:59 | 00,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys
[2009/05/31 22:46:54 | 00,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2009/05/31 22:46:49 | 00,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2009/05/31 22:46:45 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys
[2009/05/31 22:46:38 | 00,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2009/05/31 22:46:33 | 00,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2009/05/31 22:46:29 | 00,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2009/05/31 22:46:24 | 00,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2009/05/31 22:46:20 | 00,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2009/05/31 22:46:16 | 00,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2009/05/31 22:46:11 | 00,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys
[2009/05/31 22:46:07 | 00,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys
[2009/05/31 22:46:02 | 00,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2009/05/31 22:45:58 | 00,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2009/05/31 22:45:53 | 00,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2009/05/31 22:45:49 | 00,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2009/05/31 22:45:44 | 00,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2009/05/31 22:45:43 | 00,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mutohpen.sys
[2009/05/31 22:45:37 | 00,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2009/05/31 22:45:23 | 00,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2009/05/31 22:45:16 | 00,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys
[2009/05/31 22:45:07 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmpu401.sys
[2009/05/31 22:45:05 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys
[2009/05/31 22:44:52 | 00,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys
[2009/05/31 22:44:47 | 00,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys
[2009/05/31 22:44:45 | 00,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2009/05/31 22:44:44 | 00,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2009/05/31 22:44:34 | 00,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2009/05/31 22:44:29 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2009/05/31 22:44:23 | 00,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2009/05/31 22:44:18 | 00,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys
[2009/05/31 22:44:09 | 00,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys
[2009/05/31 22:43:51 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll
[2009/05/31 22:43:47 | 00,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys
[2009/05/31 22:43:41 | 00,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2009/05/31 22:43:34 | 00,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys
[2009/05/31 22:43:24 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll
[2009/05/31 22:43:20 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll
[2009/05/31 22:43:09 | 00,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2009/05/31 22:43:05 | 00,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2009/05/31 22:43:04 | 00,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys
[2009/05/31 22:43:03 | 00,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2009/05/31 22:42:59 | 00,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2009/05/31 22:42:58 | 00,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2009/05/31 22:42:54 | 00,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2009/05/31 22:42:49 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys
[2009/05/31 22:42:42 | 00,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2009/05/31 22:42:38 | 00,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2009/05/31 22:42:34 | 00,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2009/05/31 22:42:29 | 00,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2009/05/31 22:42:23 | 00,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2009/05/31 22:42:18 | 00,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2009/05/31 22:42:13 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2009/05/31 22:42:09 | 00,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll
[2009/05/31 22:42:07 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll
[2009/05/31 22:41:55 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2009/05/31 22:41:51 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2009/05/31 22:41:48 | 00,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2009/05/31 22:41:40 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2009/05/31 22:41:36 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2009/05/31 22:41:32 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2009/05/31 22:41:28 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2009/05/31 22:41:15 | 00,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2009/05/31 22:41:14 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll
[2009/05/31 22:41:10 | 00,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2009/05/31 22:41:09 | 00,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2009/05/31 22:41:08 | 00,088,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys
[2009/05/31 22:41:06 | 00,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irbus.sys
[2009/05/31 22:40:58 | 00,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2009/05/31 22:40:54 | 00,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll
[2009/05/31 22:40:50 | 00,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys
[2009/05/31 22:40:45 | 00,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys
[2009/05/31 22:40:40 | 00,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ini910u.sys
[2009/05/31 22:40:15 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll
[2009/05/31 22:40:06 | 00,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2009/05/31 22:39:59 | 00,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys
[2009/05/31 22:39:55 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll
[2009/05/31 22:39:50 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll
[2009/05/31 22:39:46 | 00,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2009/05/31 22:39:42 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2009/05/31 22:39:38 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2009/05/31 22:39:33 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2009/05/31 22:39:29 | 00,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2009/05/31 22:39:25 | 00,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2009/05/31 22:38:51 | 00,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omp.sys
[2009/05/31 22:38:49 | 00,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2009/05/31 22:37:07 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2009/05/31 22:37:03 | 00,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2009/05/31 22:37:00 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2009/05/31 22:36:56 | 00,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2009/05/31 22:36:52 | 00,025,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpn.sys
[2009/05/31 22:36:48 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2009/05/31 22:36:44 | 00,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2009/05/31 22:36:40 | 00,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2009/05/31 22:36:36 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2009/05/31 22:36:33 | 00,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2009/05/31 22:36:29 | 00,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2009/05/31 22:36:25 | 00,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2009/05/31 22:36:21 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2009/05/31 22:36:18 | 00,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2009/05/31 22:36:14 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2009/05/31 22:36:10 | 00,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2009/05/31 22:36:06 | 00,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2009/05/31 22:36:01 | 00,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2009/05/31 22:35:58 | 00,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2009/05/31 22:35:56 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2009/05/31 22:35:55 | 00,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidir.sys
[2009/05/31 22:35:52 | 00,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2009/05/31 22:35:50 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbth.sys
[2009/05/31 22:35:49 | 00,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2009/05/31 22:35:35 | 00,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2009/05/31 22:35:31 | 00,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2009/05/31 22:35:23 | 00,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2009/05/31 22:35:20 | 00,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys
[2009/05/31 22:35:18 | 00,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2009/05/31 22:35:17 | 00,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gagp30kx.sys
[2009/05/31 22:35:00 | 00,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2009/05/31 22:34:40 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2009/05/31 22:34:37 | 00,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2009/05/31 22:34:34 | 00,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2009/05/31 22:34:26 | 00,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2009/05/31 22:34:22 | 00,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2009/05/31 22:34:18 | 00,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2009/05/31 22:34:15 | 00,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2009/05/31 22:34:11 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2009/05/31 22:33:49 | 00,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2009/05/31 22:33:42 | 00,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2009/05/31 22:33:39 | 00,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2009/05/31 22:33:34 | 00,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2009/05/31 22:33:22 | 00,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2009/05/31 22:33:19 | 00,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2009/05/31 22:33:16 | 00,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2009/05/31 22:33:11 | 00,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2009/05/31 22:32:51 | 00,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2009/05/31 22:32:31 | 00,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2009/05/31 22:32:25 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2009/05/31 22:32:23 | 00,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\enum1394.sys
[2009/05/31 22:32:10 | 00,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2009/05/31 22:31:20 | 00,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2009/05/31 22:31:15 | 00,020,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpti2o.sys
[2009/05/31 22:31:10 | 00,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2009/05/31 22:31:08 | 00,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2009/05/31 22:31:06 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2009/05/31 22:31:04 | 00,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2009/05/31 22:31:03 | 00,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys
[2009/05/31 22:30:51 | 00,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2009/05/31 22:30:50 | 00,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2009/05/31 22:30:47 | 00,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2009/05/31 22:30:45 | 00,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2009/05/31 22:30:44 | 00,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2009/05/31 22:30:42 | 00,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2009/05/31 22:30:40 | 00,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2009/05/31 22:30:38 | 00,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2009/05/31 22:30:36 | 00,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2009/05/31 22:30:34 | 00,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2009/05/31 22:30:32 | 00,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2009/05/31 22:30:28 | 00,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2009/05/31 22:29:53 | 00,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2009/05/31 22:29:51 | 00,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2009/05/31 22:29:44 | 00,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2009/05/31 22:29:42 | 00,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2009/05/31 22:29:39 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2009/05/31 22:29:37 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2009/05/31 22:29:33 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2009/05/31 22:29:31 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2009/05/31 22:29:22 | 00,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dac960nt.sys
[2009/05/31 22:29:13 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2009/05/31 22:29:11 | 00,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2009/05/31 22:29:09 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2009/05/31 22:29:08 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2009/05/31 22:29:06 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2009/05/31 22:29:04 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2009/05/31 22:29:03 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2009/05/31 22:29:01 | 00,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2009/05/31 22:29:00 | 00,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2009/05/31 22:28:59 | 00,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2009/05/31 22:28:56 | 00,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2009/05/31 22:28:55 | 00,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2009/05/31 22:28:53 | 00,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2009/05/31 22:01:54 | 00,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2009/05/31 22:01:53 | 00,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2009/05/31 22:01:50 | 00,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2009/05/31 22:01:41 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll
[2009/05/31 22:01:38 | 00,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2009/05/31 22:01:35 | 00,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2009/05/31 22:01:34 | 00,021,533 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2009/05/31 22:01:32 | 00,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cpqarray.sys
[2009/05/31 22:01:21 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compbatt.sys
[2009/05/31 22:01:17 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2009/05/31 22:01:11 | 00,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2009/05/31 22:01:10 | 00,013,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmbatt.sys
[2009/05/31 22:01:07 | 00,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2009/05/31 22:01:06 | 00,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2009/05/31 22:01:05 | 00,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2009/05/31 22:01:03 | 00,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2009/05/31 22:01:02 | 00,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2009/05/31 22:00:59 | 00,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2009/05/31 22:00:57 | 00,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2009/05/31 22:00:44 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2009/05/31 22:00:39 | 00,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2009/05/31 22:00:37 | 00,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2009/05/31 22:00:36 | 00,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2009/05/31 22:00:35 | 00,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2009/05/31 22:00:34 | 00,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2009/05/31 22:00:31 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cd20xrnt.sys
[2009/05/31 22:00:30 | 00,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2009/05/31 22:00:28 | 00,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2009/05/31 22:00:26 | 00,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2009/05/31 22:00:25 | 00,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2009/05/31 22:00:22 | 00,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2009/05/31 22:00:20 | 00,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2009/05/31 22:00:17 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2009/05/31 22:00:16 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2009/05/31 22:00:15 | 00,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2009/05/31 22:00:14 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2009/05/31 22:00:13 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2009/05/31 22:00:11 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2009/05/31 22:00:10 | 00,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2009/05/31 22:00:09 | 00,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2009/05/31 22:00:08 | 00,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2009/05/31 21:59:30 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2009/05/31 21:59:29 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthusb.sys
[2009/05/31 21:59:28 | 00,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthprint.sys
[2009/05/31 21:59:26 | 00,101,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthpan.sys
[2009/05/31 21:59:25 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthmodem.sys
[2009/05/31 21:59:24 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthenum.sys
[2009/05/31 21:59:23 | 00,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2009/05/31 21:59:22 | 00,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2009/05/31 21:59:21 | 00,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2009/05/31 21:59:20 | 00,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2009/05/31 21:59:19 | 00,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2009/05/31 21:59:18 | 00,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2009/05/31 21:59:16 | 00,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2009/05/31 21:59:15 | 00,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2009/05/31 21:59:11 | 00,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2009/05/31 21:59:10 | 00,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2009/05/31 21:59:09 | 00,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2009/05/31 21:59:08 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2009/05/31 21:59:07 | 00,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2009/05/31 21:59:03 | 00,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2009/05/31 21:59:02 | 00,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2009/05/31 21:59:01 | 00,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2009/05/31 21:59:00 | 00,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2009/05/31 21:58:59 | 00,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2009/05/31 21:58:58 | 00,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2009/05/31 21:58:51 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2009/05/31 21:58:49 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2009/05/31 21:58:48 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2009/05/31 21:58:47 | 00,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2009/05/31 21:58:43 | 00,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\battc.sys
[2009/05/31 21:58:41 | 00,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2009/05/31 21:58:41 | 00,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2009/05/31 21:58:39 | 00,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2009/05/31 21:58:38 | 00,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2009/05/31 21:58:37 | 00,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2009/05/31 21:58:36 | 00,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2009/05/31 21:58:35 | 00,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2009/05/31 21:58:33 | 00,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2009/05/31 21:58:32 | 00,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2009/05/31 21:58:30 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2009/05/31 21:58:16 | 00,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2009/05/31 21:58:16 | 00,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2009/05/31 21:58:13 | 00,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2009/05/31 21:58:09 | 00,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2009/05/31 21:58:07 | 00,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2009/05/31 21:58:06 | 00,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2009/05/31 21:58:06 | 00,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2009/05/31 21:58:05 | 00,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2009/05/31 21:58:02 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2009/05/31 21:57:47 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2009/05/31 21:57:44 | 00,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2009/05/31 21:57:26 | 00,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2009/05/31 21:57:25 | 00,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2009/05/31 21:57:22 | 00,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2009/05/31 21:57:19 | 00,022,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asc3350p.sys
[2009/05/31 21:57:14 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2009/05/31 21:57:12 | 00,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\amsint.sys
[2009/05/31 21:57:09 | 00,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2009/05/31 21:57:08 | 00,042,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\alim1541.sys
[2009/05/31 21:57:05 | 00,056,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78xx.sys
[2009/05/31 21:57:04 | 00,055,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78u2.sys
[2009/05/31 21:57:04 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aha154x.sys
[2009/05/31 21:56:57 | 00,044,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agpcpq.sys
[2009/05/31 21:56:55 | 00,042,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agp440.sys
[2009/05/31 21:56:51 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2009/05/31 21:56:36 | 00,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adpu160m.sys
[2009/05/31 21:56:35 | 00,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2009/05/31 21:56:33 | 00,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2009/05/31 21:56:31 | 00,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2009/05/31 21:56:30 | 00,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2009/05/31 21:56:29 | 00,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2009/05/31 21:56:29 | 00,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2009/05/31 21:56:28 | 00,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2009/05/31 21:56:25 | 00,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2009/05/31 21:56:22 | 00,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2009/05/31 21:56:19 | 00,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\abp480n5.sys
[2009/05/31 21:56:18 | 00,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2009/05/31 21:56:18 | 00,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2009/05/31 21:56:17 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2009/05/31 21:56:16 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2009/05/31 21:56:14 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2009/05/31 21:56:13 | 00,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2009/05/31 21:56:13 | 00,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2009/05/31 21:56:12 | 00,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2009/05/31 21:56:12 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2009/05/31 21:56:10 | 00,053,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394bus.sys
[2009/05/31 21:55:23 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2009/05/31 21:32:39 | 00,430,080 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\u94.exe
[2009/05/31 18:49:27 | 00,030,208 | ---- | C] (Murray Hurps Corp Pty Ltd) -- C:\WINDOWS\System32\AM30615.dll
[2009/05/31 18:49:27 | 00,004,096 | ---- | C] (Murray Hurps Corp Pty Ltd) -- C:\WINDOWS\System32\AdMunch.dll
[2009/05/31 17:32:05 | 00,000,000 | ---D | C] -- C:\Program Files\Ad Muncher
[2009/05/31 17:32:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ad Muncher
[2009/05/31 17:13:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Martau
[2009/05/31 17:13:49 | 00,000,639 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Total Uninstall 5.lnk
[2009/05/31 17:13:46 | 00,000,000 | ---D | C] -- C:\Program Files\Total Uninstall 5
[2009/05/30 21:49:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\CueClub
[2009/05/29 23:45:33 | 00,000,362 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\easy_quest1.ram
[2009/05/29 14:26:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\smc
[2009/05/29 14:24:08 | 00,000,737 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Game Booster.lnk
[2009/05/29 14:24:07 | 00,000,000 | ---D | C] -- C:\Program Files\IObit
[2009/05/29 14:19:20 | 00,000,000 | ---D | C] -- C:\Program Files\Secret Maryo Chronicles
[2009/05/29 12:43:57 | 00,000,000 | ---D | C] -- C:\Program Files\NKProds
[2009/05/29 11:00:52 | 00,001,848 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Secret Maryo Chronicles.lnk
[2009/05/29 00:10:32 | 00,000,812 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2009/05/28 23:23:17 | 00,069,655 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\winapp2.ini
[2009/05/28 22:12:29 | 00,003,269 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\some.amc
[2009/05/28 20:47:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\TechSmith
[2009/05/28 20:23:22 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/05/28 17:38:43 | 00,648,469 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\4Ravan Ki Kahani.3gp
[2009/05/26 22:49:05 | 00,023,300 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\5-26-2009 10-49-05 PM.png
[2009/05/26 18:49:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/05/26 18:49:01 | 00,212,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\RICHTX32.OCX
[2009/05/26 18:49:01 | 00,124,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSWINSCK.OCX
[2009/05/26 16:59:01 | 01,753,180 | ---- | C] () -- C:\Documents and Settings\All Users\Documents\cracked-screen-desktop-wallpaper.jpg
[2009/05/25 21:06:56 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\faxucvid
[2009/05/24 18:09:26 | 00,025,992 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe
[2009/05/24 17:20:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Help
[2009/05/24 09:18:51 | 00,000,610 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\UnHookExec.inf
[2009/05/24 08:35:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\nicutsnd
[2009/05/22 22:05:42 | 00,017,856 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\5-22-2009 10-05-42 PM.gif
[2009/05/19 16:20:59 | 00,210,352 | ---- | C] (Tonec Inc.) -- C:\WINDOWS\System32\idmmbc.dll
[2009/04/30 23:02:17 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/04/30 23:02:10 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/04/30 23:02:10 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/04/30 23:02:09 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/04/30 23:02:05 | 00,084,480 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/04/30 23:02:05 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/04/14 21:33:28 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/04/14 18:00:44 | 00,001,670 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2009/04/14 16:47:29 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2008/07/20 20:38:34 | 00,009,847 | ---- | C] () -- C:\WINDOWS\System32\mswfn1o0em.dll
[2008/04/14 17:45:00 | 02,486,272 | ---- | C] () -- C:\WINDOWS\System32\icodubit.dll
[2008/04/14 17:45:00 | 02,457,600 | ---- | C] () -- C:\WINDOWS\System32\resohart.dll
[2008/04/14 17:45:00 | 00,000,537 | ---- | C] () -- C:\WINDOWS\win.ini
[2008/04/14 17:45:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2002/10/07 18:15:36 | 00,016,384 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== Files - Modified Within 30 Days ==========

[1 C:\WINDOWS\System32\*.tmp files]
[2009/06/16 16:52:33 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2009/06/16 16:51:15 | 00,286,208 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\hmlcyw7z.exe
[2009/06/16 13:56:56 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/06/16 13:56:54 | 00,000,062 | -HS- | M] () -- C:\Documents and Settings\Administrator\Local Settings\desktop.ini
[2009/06/16 13:56:51 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/06/15 16:12:40 | 00,307,487 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2009/06/15 15:43:20 | 00,307,487 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090615-161240.backup
[2009/06/15 15:26:18 | 00,249,881 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090615-154320.backup
[2009/06/15 09:44:26 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/06/15 09:38:29 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/06/15 09:17:17 | 00,278,221 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\gmer.zip
[2009/06/15 07:31:36 | 00,033,648 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\opera.png
[2009/06/14 19:01:54 | 00,561,464 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\SecurityCheck.exe
[2009/06/14 18:47:58 | 00,052,288 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/06/14 18:42:34 | 00,002,391 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2009/06/14 15:55:46 | 00,510,286 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/06/14 15:55:46 | 00,435,870 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/06/14 15:55:46 | 00,068,974 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/06/14 00:44:59 | 00,002,344 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Google Chrome.lnk
[2009/06/12 21:15:26 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2009/06/12 21:15:26 | 00,001,688 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2009/06/12 21:15:26 | 00,000,002 | RHS- | M] () -- C:\WINDOWS\winstart.bat
[2009/06/12 18:42:37 | 00,000,075 | ---- | M] () -- C:\WINDOWS\SYMGAMES.INI
[2009/06/12 12:35:06 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\New Image.GIF
[2009/06/12 11:35:17 | 00,000,036 | ---- | M] () -- C:\WINDOWS\mafosav.INI
[2009/06/11 19:17:14 | 00,254,272 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/06/07 11:18:34 | 00,001,670 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2009/06/06 14:06:08 | 00,001,154 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Flash2X EXE Packager.lnk
[2009/06/04 20:11:02 | 00,000,093 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Suda Aunt.KUN
[2009/06/02 21:31:52 | 00,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Kundli-Pro.lnk
[2009/06/02 19:50:55 | 00,000,732 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20090615-152618.backup
[2009/06/02 19:17:26 | 01,546,240 | ---- | M] (Topala Software Solutions) -- C:\Documents and Settings\Administrator\Desktop\siw.exe
[2009/06/02 00:37:33 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/06/02 00:11:37 | 00,000,537 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/06/01 23:02:08 | 00,000,131 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\look.bat
[2009/06/01 22:36:12 | 23,635,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe
[2009/06/01 20:38:42 | 00,000,670 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Cheat Engine.lnk
[2009/06/01 16:40:23 | 04,393,269 | ---- | M] (Dark Byte ) -- C:\Documents and Settings\Administrator\Desktop\CheatEngine55.exe
[2009/06/01 11:56:25 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/05/31 17:32:05 | 00,030,208 | ---- | M] (Murray Hurps Corp Pty Ltd) -- C:\WINDOWS\System32\AM30615.dll
[2009/05/31 17:32:05 | 00,004,096 | ---- | M] (Murray Hurps Corp Pty Ltd) -- C:\WINDOWS\System32\AdMunch.dll
[2009/05/31 17:13:49 | 00,000,639 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Total Uninstall 5.lnk
[2009/05/31 11:08:41 | 00,154,624 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2009/05/29 23:45:33 | 00,000,362 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\easy_quest1.ram
[2009/05/29 14:24:08 | 00,000,737 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Game Booster.lnk
[2009/05/29 14:20:37 | 00,001,848 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Secret Maryo Chronicles.lnk
[2009/05/29 00:10:32 | 00,000,812 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Yahoo! Messenger.lnk
[2009/05/28 23:56:33 | 00,000,879 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 4.lnk
[2009/05/28 23:23:18 | 00,069,655 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\winapp2.ini
[2009/05/28 22:12:29 | 00,003,269 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\some.amc
[2009/05/26 22:51:57 | 00,023,300 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\5-26-2009 10-49-05 PM.png
[2009/05/26 13:20:08 | 00,040,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/05/26 13:19:56 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/05/24 18:09:26 | 00,025,992 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe
[2009/05/24 09:18:52 | 00,000,610 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\UnHookExec.inf
[2009/05/22 22:06:28 | 00,017,856 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\5-22-2009 10-05-42 PM.gif
[2009/05/19 23:20:07 | 00,001,705 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2009/05/18 18:15:12 | 00,648,469 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\4Ravan Ki Kahani.3gp

========== Alternate Data Streams ==========

@Alternate Data Stream - 195 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E6E3D650
< End of report >


now comes the extras.txt from olt.exe :cool:

OTL Extras logfile created on: 6/16/2009 4:56:56 PM - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1021.80 Mb Total Physical Memory | 662.46 Mb Available Physical Memory | 64.83% Memory free
3.38 Gb Paging File | 3.06 Gb Available in Paging File | 90.57% Paging File free
Paging file location(s): C:\pagefile.sys 2536 4072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.54 Gb Total Space | 8.44 Gb Free Space | 43.21% Space Free | Partition Type: NTFS
Drive D: | 54.99 Gb Total Space | 30.30 Gb Free Space | 55.11% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME-B5021EFA3B
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 3.5 Beta 4\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-1757981266-412668190-1644491937-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 3.5 Beta 4\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
"EnableFirewall" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall" = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/14 17:45:00 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/04/14 17:45:00 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2009/05/26 21:06:32 | 04,351,216 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
[2009/05/27 18:37:08 | 04,263,208 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application
[2009/05/20 00:06:09 | 02,811,312 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:Internet Download Manager (IDM)
[2009/02/06 18:51:28 | 03,885,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
[2009/03/24 18:33:40 | 03,985,104 | ---- | M] (Google) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin
[2009/03/24 17:55:30 | 00,083,440 | ---- | M] (Google) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin
[2008/04/14 17:45:00 | 01,032,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®
[2008/04/14 17:45:00 | 00,077,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtcshare.exe:*:Enabled:RTC App Sharing
[2008/04/14 17:45:00 | 00,769,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A9C92A5-D27F-4BD9-9DB9-0EFD8C681E29}" = Safari
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0F9196C6-58B4-445B-B56E-B1200FECC151}" = Microsoft Bootvis
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java™ 6 Update 14
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{5012BC0C-7E1A-329A-8F02-B6846070C5F8}" = Google Talk Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73719814-8C72-4469-94A7-136E5F1F516F}" = Nepali Unicode Romanized Layout
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{A11138F6-31A2-34D9-93E9-3F5BC0EB2F8C}" = Google Gears
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B440D659-FECA-4BDD-A12B-5C9F05790FF3}" = Snagit 9.1.2
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{C21C71CB-3E5C-401C-91D2-DEDACDB26BAF}" = ESET Smart Security
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EF4EF65F-4D62-44D7-82C9-1AECCBA74C50}" = Intel® PROSet
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Ad Muncher" = Ad Muncher v4.73 Beta Build 30615
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"CCleaner" = CCleaner (remove only)
"CutePDF Writer Installation" = CutePDF Writer 2.7
"Defraggler" = Defraggler (remove only)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"Foxit Reader" = Foxit Reader
"Game Booster_is1" = Game Booster
"HashTab" = HashTab 1.14 for x32
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"Internet Download Manager" = Internet Download Manager
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.8.0 (Full)
"Kundli for Windows (Professional Edition)" = Kundli for Windows (Professional Edition)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.0.11)" = Mozilla Firefox (3.0.11)
"PROSet" = Intel® PRO Network Adapters and Drivers
"Sandboxie" = Sandboxie 3.38
"secretmaryo" = Secret Maryo Chronicles
"TeamViewer 4" = TeamViewer 4
"Total Uninstall 5_is1" = Total Uninstall 5.2.0
"TrueCrypt" = TrueCrypt
"Tweak UI 2.10" = Tweak UI
"Universal Extractor_is1" = Universal Extractor 1.6
"Unlocker" = Unlocker 1.8.7
"WinPatrol" = WinPatrol 2009
"WinRAR archiver" = WinRAR archiver
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1757981266-412668190-1644491937-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/11/2009 12:27:29 PM | Computer Name = HOME-B5021EFA3B | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
chrome.dll, version 3.0.187.0, fault address 0x00621c6c.

Error - 6/11/2009 12:28:17 PM | Computer Name = HOME-B5021EFA3B | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
chrome.dll, version 3.0.187.0, fault address 0x00621c6c.

Error - 6/11/2009 12:28:19 PM | Computer Name = HOME-B5021EFA3B | Source = Application Error | ID = 1001
Description = Fault bucket 1313699528.

Error - 6/13/2009 11:19:59 AM | Computer Name = HOME-B5021EFA3B | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
chrome.dll, version 3.0.187.0, fault address 0x00621c6c.

Error - 6/13/2009 2:56:53 PM | Computer Name = HOME-B5021EFA3B | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
chrome.dll, version 3.0.187.0, fault address 0x00621c6c.

Error - 6/13/2009 2:58:37 PM | Computer Name = HOME-B5021EFA3B | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
chrome.dll, version 3.0.187.0, fault address 0x00621c6c.

Error - 6/13/2009 2:58:46 PM | Computer Name = HOME-B5021EFA3B | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
chrome.dll, version 3.0.187.0, fault address 0x00621c6c.

Error - 6/13/2009 10:57:14 PM | Computer Name = HOME-B5021EFA3B | Source = Google Update | ID = 20
Description =

Error - 6/13/2009 11:03:07 PM | Computer Name = HOME-B5021EFA3B | Source = Google Update | ID = 20
Description =

Error - 6/15/2009 4:13:04 AM | Computer Name = HOME-B5021EFA3B | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 9.0.0.2162, faulting
module yahoomessenger.exe, version 9.0.0.2162, fault address 0x00159de9.

[ Application Events ]
Error - 6/11/2009 12:27:29 PM | Computer Name = HOME-B5021EFA3B | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
chrome.dll, version 3.0.187.0, fault address 0x00621c6c.

Error - 6/11/2009 12:28:17 PM | Computer Name = HOME-B5021EFA3B | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
chrome.dll, version 3.0.187.0, fault address 0x00621c6c.

Error - 6/11/2009 12:28:19 PM | Computer Name = HOME-B5021EFA3B | Source = Application Error | ID = 1001
Description = Fault bucket 1313699528.

Error - 6/13/2009 11:19:59 AM | Computer Name = HOME-B5021EFA3B | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
chrome.dll, version 3.0.187.0, fault address 0x00621c6c.

Error - 6/13/2009 2:56:53 PM | Computer Name = HOME-B5021EFA3B | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
chrome.dll, version 3.0.187.0, fault address 0x00621c6c.

Error - 6/13/2009 2:58:37 PM | Computer Name = HOME-B5021EFA3B | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
chrome.dll, version 3.0.187.0, fault address 0x00621c6c.

Error - 6/13/2009 2:58:46 PM | Computer Name = HOME-B5021EFA3B | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 0.0.0.0, faulting module
chrome.dll, version 3.0.187.0, fault address 0x00621c6c.

Error - 6/13/2009 10:57:14 PM | Computer Name = HOME-B5021EFA3B | Source = Google Update | ID = 20
Description =

Error - 6/13/2009 11:03:07 PM | Computer Name = HOME-B5021EFA3B | Source = Google Update | ID = 20
Description =

Error - 6/15/2009 4:13:04 AM | Computer Name = HOME-B5021EFA3B | Source = Application Error | ID = 1000
Description = Faulting application yahoomessenger.exe, version 9.0.0.2162, faulting
module yahoomessenger.exe, version 9.0.0.2162, fault address 0x00159de9.

[ System Events ]
Error - 6/15/2009 12:50:11 PM | Computer Name = HOME-B5021EFA3B | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 6/15/2009 12:50:17 PM | Computer Name = HOME-B5021EFA3B | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 6/15/2009 12:50:24 PM | Computer Name = HOME-B5021EFA3B | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 6/15/2009 12:50:30 PM | Computer Name = HOME-B5021EFA3B | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 6/15/2009 12:50:37 PM | Computer Name = HOME-B5021EFA3B | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 6/15/2009 12:50:49 PM | Computer Name = HOME-B5021EFA3B | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 6/15/2009 12:50:58 PM | Computer Name = HOME-B5021EFA3B | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort1, did not respond within the timeout
period.

Error - 6/15/2009 12:53:04 PM | Computer Name = HOME-B5021EFA3B | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort1, did not respond within the timeout
period.

Error - 6/15/2009 12:53:14 PM | Computer Name = HOME-B5021EFA3B | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort1, did not respond within the timeout
period.

Error - 6/15/2009 12:53:24 PM | Computer Name = HOME-B5021EFA3B | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort1, did not respond within the timeout
period.


< End of report >


lastly a log file from spybot search and destroy. Done recently attached.

Attached Files



#6 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:37 AM

Posted 16 June 2009 - 05:59 PM

Hi likom_ubuntu,

The logs are all very clean.

Combofix has removed any remnants and it should be running very smoothly. Can you let me know about any current problems.

Also please run this online scan

Please go to Kaspersky website and perform an online antivirus scan.

  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
    • Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
      Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  • Please post this log in your next reply.
Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#7 likom_ubuntu

likom_ubuntu
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:07 PM

Posted 16 June 2009 - 10:28 PM

The only problem i have is that all my drives are shared across the network. I don't want it to happen. I did not do it. I have mentioned it before also.

Other than that there is no problem. :thumbup2:

edit: I have a dllhost.exe always running these days. It is totally killable (consumes 4Mb memory, 0 CPU) and won't return through out the session. but it is there again when i restart. Is it a problem?

I will do the kaspersky scan later in the day today. gotta go to work. Thanks in advance.

Edited by likom_ubuntu, 16 June 2009 - 11:03 PM.


#8 likom_ubuntu

likom_ubuntu
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:02:07 PM

Posted 16 June 2009 - 10:47 PM

Just realized Update size of kaspersky is too big (60 Mb) for my internet connection. It is pathetic. But i happen to have offline update files just gotten downloaded today from elsewhere. So can i uninstall my current anti-virus install kaspersky trial version update it and then scan? That would be lot more convenient for me.

kaspersky update (offline) i have with me is for 8.0.0.506 version and i just further updated it to include todays update.

Edited by likom_ubuntu, 16 June 2009 - 10:54 PM.


#9 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:37 AM

Posted 17 June 2009 - 11:53 AM

So can i uninstall my current anti-virus install kaspersky trial version update it and then scan? That would be lot more convenient for me.


Yes, that's fine.
Posted Image
m0le is a proud member of UNITE

#10 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:37 AM

Posted 20 June 2009 - 05:05 AM

Hi likom_ubuntu,

I have not had a reply from you for 3 days. Can you please tell me if you still need help with your computer as I am unable to help other members with their problems while I have your topic still open.

If you like you can PM me.

Thanks,


m0le
Posted Image
m0le is a proud member of UNITE

#11 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:37 AM

Posted 21 June 2009 - 03:55 AM

Since this issue appears to be resolved ... this topic has been closed. Glad we could help. :thumbup2:

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users