Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please help, ".dll is not a valid image", "fonohamo.dll"


  • This topic is locked This topic is locked
31 replies to this topic

#1 Growat

Growat

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 27 October 2009 - 12:44 PM

About two days ago I started getting this message everytime a program boots.

"C:\WINDOWS\SYSTEM32\fonohamo.dll is not a valid windows image. Please check this against your installation diskette"

The programs continue to boot, but the constant pop-up of this message is very annoying and makes me concerned that something more disturbing is going on in the background. Also strange is the fact that I cannot find a "fonohamo.dll" file in my SYSTEM32 folder. It is also a file I can find nothing about using Google.

I've run a Norton quick-scan, with no results. I'm currently letting it do a heavy-duty scan. I have an up-to-date copy of Norton 360 running.

I attempted to run System File Checker "sfc / scannow" but I don't have my install disks with me, which are apparently needed (having them shipped to me now). I downloaded an .iso of XP Service Pack 3, which was being asked for, but the checker did not recognize it in the drive. System Restore did nothing.

Could I have malware of some kind?

Would reinstalling Service Pack 3 help with the .dll issue?

Appreciate any help or suggestions.

(XP Media Center Edition, Service Pack 3)

DDS (Ver_09-10-26.01) - NTFSx86
Run by Graham Rowat at 3:12:05.28 on Tue 10/27/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_16
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.1994 [GMT -6:00]

AV: Norton 360 *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
svchost.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
svchost.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\DOCUME~1\GRAHAM~1\LOCALS~1\Temp\clclean.0001
C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\hField Technologies, Inc\Wi-Fire Connection Manager\Wi-Fire Connection Manager.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\JungleDisk\junglediskmonitor.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpHost.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\My Documents\Software Downloads\everest system info\everesthome220 - folder\everest.bin
C:\Documents and Settings\Graham Rowat\My Documents\Software Downloads\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\My Documents\Software Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5061003
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5061003
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = <local>;*.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\3.5.2.11\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\3.5.2.11\IPSBHO.DLL
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\swg.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\3.5.2.11\coIEPlg.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [SetDefaultMIDI] MIDIDef.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Creative MediaSource Go] "c:\program files\creative\mediasource5\go\CTCMSGoU.exe" /SCB
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [igndlm.exe] c:\program files\download manager\DLM.exe /windowsstart /startifwork
uRun: [Windows Live Sync] "c:\program files\windows live\sync\WindowsLiveSync.exe" /background
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NVHotkey] rundll32.exe nvHotkey.dll,Start
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [CTSysVol] c:\program files\creative\sbaudigy\surround mixer\CTSysVol.exe /r
mRun: [MBMon] Rundll32 CTMBHA.DLL,MBMon
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [DU Meter] c:\program files\du meter\DUMeter.exe
mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [<NO NAME>]
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
StartupFolder: c:\docume~1\graham~1\startm~1\programs\startup\autoru~1\yahoo!~1.lnk - c:\program files\yahoo!\yahoo! widget engine\YahooWidgetEngine.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wi-fir~1.lnk - c:\program files\hfield technologies, inc\wi-fire connection manager\Wi-Fire Connection Manager.exe
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1219371888171
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton 360\engine\3.5.2.11\CoIEPlg.dll
Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL,fonohamo.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 nwprovau relog_ap

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\graham~1\applic~1\mozilla\firefox\profiles\34giujfk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - component: c:\documents and settings\graham rowat\application data\mozilla\firefox\profiles\34giujfk.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\winnt_x86-msvc\components\WeaveCrypto.dll
FF - component: c:\program files\evernote\evernote3\fftbclipper\components\enbar3.dll
FF - component: c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
FF - component: c:\program files\mozilla firefox\extensions\browserhighlighter@ebay.com\components\Shim.dll
FF - plugin: c:\documents and settings\graham rowat\local settings\application data\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\google updater\2.4.1399.3742\npCIDetect13.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdsplay.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwmsdrm.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\photosynth\npPhotosynthMozilla.dll
FF - plugin: c:\program files\picasa2\npPicasa2.dll
FF - plugin: c:\program files\picasa2\npPicasa3.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0305020.00b\SymEFA.sys [2009-9-8 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\n360\0305020.00b\BHDrvx86.sys [2009-9-8 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0305020.00b\cchpx86.sys [2009-9-8 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20091021.001\IDSXpx86.sys [2009-10-22 329080]
R2 N360;Norton 360;c:\program files\norton 360\engine\3.5.2.11\ccSvcHst.exe [2009-9-8 117640]
R2 NwSapAgent;SAP Agent;c:\windows\system32\svchost.exe -k netsvcs [2005-8-16 14336]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-8-30 102448]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\documents and settings\graham rowat\my documents\software downloads\everest system info\everesthome220 - folder\kerneld.wnt [2005-8-18 7168]
S3 Amazon Download Agent;Amazon Download Agent;c:\program files\amazon\amazon games & software downloader\AmazonGSDownloaderService.exe [2009-9-19 297472]
S3 bcbthub;Broadcom Blutonium Device Firmware Downloader (BCM2033);c:\windows\system32\drivers\bcbthub.sys --> c:\windows\system32\drivers\bcbthub.sys [?]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\google\google desktop search\GoogleDesktop.exe [2006-10-2 29744]
S3 ZDCNDIS5;ZDCNDIS5 NDIS Protocol Driver;\??\c:\windows\system32\zdcndis5.sys --> c:\windows\system32\ZDCndis5.SYS [?]

=============== Created Last 30 ================

2009-10-27 08:02:26 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-27 07:37:07 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2009-10-27 07:37:03 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2009-10-27 07:37:02 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
2009-10-27 07:36:58 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
2009-10-27 07:36:54 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
2009-10-27 07:35:03 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
2009-10-27 07:35:02 28288 ----a-w- c:\windows\system32\dllcache\xjis.nls
2009-10-27 07:34:57 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
2009-10-27 07:34:51 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys
2009-10-27 07:34:24 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys
2009-10-27 07:28:18 8832 ----a-w- c:\windows\system32\dllcache\wmiacpi.sys
2009-10-27 07:28:11 154624 ----a-w- c:\windows\system32\dllcache\wlluc48.sys
2009-10-27 07:28:08 34890 ----a-w- c:\windows\system32\dllcache\wlandrv2.sys
2009-10-27 07:26:55 604253 ----a-w- c:\windows\system32\dllcache\vmodem.sys
2009-10-27 07:25:52 94720 ----a-w- c:\windows\system32\dllcache\umaxud32.dll
2009-10-27 07:24:59 159232 ----a-w- c:\windows\system32\dllcache\tridkbm.sys
2009-10-27 07:23:57 37961 ----a-w- c:\windows\system32\dllcache\tdk100b.sys
2009-10-27 07:22:58 53248 ----a-w- c:\windows\system32\dllcache\stlncoin.dll
2009-10-27 07:21:58 7168 ----a-w- c:\windows\system32\dllcache\EXCH_snprfdll.dll
2009-10-27 07:20:59 32768 ----a-w- c:\windows\system32\dllcache\sisnic.sys
2009-10-27 07:19:58 11520 ----a-w- c:\windows\system32\dllcache\scsiscan.sys
2009-10-27 07:18:59 166720 ----a-w- c:\windows\system32\dllcache\s3m.sys
2009-10-27 07:17:58 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys
2009-10-27 07:16:56 7168 ----a-w- c:\windows\system32\dllcache\pnrmc.sys
2009-10-27 07:15:55 41984 ----a-w- c:\windows\system32\dllcache\ovui2rc.dll
2009-10-27 07:14:42 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys
2009-10-27 07:14:40 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll
2009-10-27 07:14:29 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
2009-10-27 07:14:29 38912 ----a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2009-10-27 07:14:24 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys
2009-10-27 07:14:21 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys
2009-10-27 07:14:20 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys
2009-10-27 07:13:31 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys
2009-10-27 07:13:28 126080 ----a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
2009-10-27 07:13:24 32840 ----a-w- c:\windows\system32\dllcache\ngrpci.sys
2009-10-27 07:13:23 53248 ----a-w- c:\windows\system32\dllcache\nextlink.dll
2009-10-27 07:13:23 132695 ----a-w- c:\windows\system32\dllcache\netwlan5.sys
2009-10-27 07:13:16 65278 ----a-w- c:\windows\system32\dllcache\netflx3.sys
2009-10-27 07:13:11 39264 ----a-w- c:\windows\system32\dllcache\neo20xx.sys
2009-10-27 07:13:08 60480 ----a-w- c:\windows\system32\dllcache\neo20xx.dll
2009-10-27 07:13:05 15872 ----a-w- c:\windows\system32\dllcache\ne2000.sys
2009-10-27 07:11:57 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys
2009-10-27 07:11:44 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys
2009-10-27 07:11:42 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys
2009-10-27 07:11:41 98304 ----a-w- c:\windows\system32\dllcache\msir3jp.dll
2009-10-27 07:11:41 1875968 ----a-w- c:\windows\system32\dllcache\msir3jp.lex
2009-10-27 07:11:29 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys
2009-10-27 07:11:26 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys
2009-10-27 07:11:05 15232 ----a-w- c:\windows\system32\dllcache\mpe.sys
2009-10-27 07:09:58 727786 ----a-w- c:\windows\system32\dllcache\ltck000c.sys
2009-10-27 07:08:48 6144 ----a-w- c:\windows\system32\dllcache\kbd106.dll
2009-10-27 07:07:59 57398 ----a-w- c:\windows\system32\dllcache\imjpdadm.exe
2009-10-27 07:06:59 353184 ----a-w- c:\windows\system32\dllcache\i740dnt5.dll
2009-10-27 07:05:58 126976 ----a-w- c:\windows\system32\dllcache\hpgt34tk.dll
2009-10-27 07:04:58 455296 ----a-w- c:\windows\system32\dllcache\fusbbase.sys
2009-10-27 07:03:58 34816 ----a-w- c:\windows\system32\dllcache\esuimg.dll
2009-10-27 07:02:55 114944 ----a-w- c:\windows\system32\dllcache\epstw2k.sys
2009-10-27 07:01:47 334208 ----a-w- c:\windows\system32\dllcache\ds1wdm.sys
2009-10-27 07:00:59 91305 ----a-w- c:\windows\system32\dllcache\dimaint.sys
2009-10-27 06:59:59 4096 ----a-w- c:\windows\system32\dllcache\ctwdm32.dll
2009-10-27 06:58:59 54528 ----a-w- c:\windows\system32\dllcache\cap7146.sys
2009-10-27 06:57:59 36128 ----a-w- c:\windows\system32\dllcache\banshee.sys
2009-10-27 06:56:59 747392 ----a-w- c:\windows\system32\dllcache\adm8830.sys
2009-10-27 00:27:42 7168 ----a-w- c:\windows\system32\dllcache\wamregps.dll
2009-10-27 00:27:27 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
2009-10-27 00:27:08 7680 ----a-w- c:\windows\system32\dllcache\inetmgr.exe
2009-10-27 00:27:08 19968 ----a-w- c:\windows\system32\dllcache\inetsloc.dll
2009-10-27 00:27:07 169984 ----a-w- c:\windows\system32\dllcache\iisui.dll
2009-10-27 00:27:06 5632 ----a-w- c:\windows\system32\dllcache\iisrstap.dll
2009-10-27 00:27:06 14336 ----a-w- c:\windows\system32\dllcache\iisreset.exe
2009-10-27 00:27:05 6144 ----a-w- c:\windows\system32\dllcache\ftpsapi2.dll
2009-10-27 00:26:52 94720 ----a-w- c:\windows\system32\dllcache\certmap.ocx
2009-10-22 17:14:10 0 d-sh--w- c:\documents and settings\graham rowat\IECompatCache
2009-10-22 16:01:01 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-10-17 02:54:31 0 d-----w- c:\program files\Witcobber
2009-10-17 02:49:59 0 d-----w- c:\program files\common files\Windows Live
2009-10-14 05:46:36 0 d-----w- c:\program files\common files\Control Panels
2009-10-14 05:43:18 0 d-----w- c:\docume~1\alluse~1\applic~1\ALM
2009-10-14 05:34:39 2463976 ----a-w- c:\windows\system32\NPSWF32.dll
2009-10-14 05:34:39 190696 ----a-w- c:\windows\system32\NPSWF32_FlashUtil.exe
2009-10-14 04:56:23 0 d-----w- c:\program files\common files\Macrovision Shared

==================== Find3M ====================

2009-10-27 07:55:08 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2009-10-27 07:54:58 0 ----a-w- c:\windows\system32\drivers\logiflt.iad
2009-10-27 05:00:33 160835 ----a-w- c:\windows\system32\nvModes.dat
2009-10-20 23:22:03 93304 ---ha-w- c:\windows\system32\mlfcache.dat
2009-10-06 05:44:35 18444 ----a-w- c:\docume~1\graham~1\applic~1\wklnhst.dat
2009-09-19 20:29:35 279712 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-09-19 20:29:31 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\dllcache\msv1_0.dll
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\dllcache\msasn1.dll
2009-08-28 23:42:52 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-08-28 23:42:52 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-08-28 10:35:52 173056 ----a-w- c:\windows\system32\dllcache\ie4uinit.exe
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\dllcache\strmdll.dll
2009-08-20 15:11:24 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2009-08-20 15:10:44 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2009-08-19 03:08:49 1885464 ----a-w- c:\windows\system32\AutoPartNt.exe
2009-08-18 17:17:08 98304 -c--a-w- c:\windows\system32\CmdLineExt.dll
2009-08-05 09:01:48 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-05 09:01:48 204800 ----a-w- c:\windows\system32\dllcache\mswebdvd.dll
2009-08-05 02:44:46 2189184 ----a-w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-08-04 15:13:08 2145280 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-04 15:13:08 2145280 ----a-w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-08-04 14:20:09 2023936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-08-04 14:20:09 2023936 ----a-w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-08-04 14:20:08 2066048 ----a-w- c:\windows\system32\dllcache\ntkrnlpa.exe
2005-06-26 20:32:28 616448 -csha-r- c:\windows\system32\cygwin1.dll
2005-06-22 03:37:42 45568 -csha-r- c:\windows\system32\cygz.dll
2006-05-03 09:06:54 163328 --sh--r- c:\windows\system32\flvDX.dll
2009-07-26 05:39:03 0 --sha-w- c:\windows\system32\fonohamo.dll
2004-01-25 05:00:00 70656 --sha-r- c:\windows\system32\i420vfw.dll
2007-02-21 10:47:16 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 12:30:52 216064 --sh--r- c:\windows\system32\nbDX.dll
2009-07-26 05:39:03 0 --sha-w- c:\windows\system32\sapahado.dll
2005-02-28 18:16:22 240128 --sha-r- c:\windows\system32\x.264.exe
2009-07-26 05:39:03 0 --sha-w- c:\windows\system32\yahafazo.dll
2004-01-25 05:00:00 70656 --sha-r- c:\windows\system32\yv12vfw.dll
2008-08-22 02:17:24 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008082120080822\index.dat
2008-06-29 15:47:51 1554432 -csha-w- c:\windows\system32\shelldhcp\ntmsxml\x264.exe

============= FINISH: 3:15:33.89 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Growat

Growat
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 27 October 2009 - 01:59 PM

Update: At the suggestion of a friend, I went hunting for the "fonohamo.dll" file using the command prompt. It would not appear without using the "attrib" command. I was then able to delete it (or so I believe) using "del /a fonohamo.dll".

The error messages have stopped, but I have no idea what I was fighting so am not sure if there is still malware on my computer or not.

For what it's worth, the fonohamo.dll was 0 kb in size.

#3 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,202 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:01:24 AM

Posted 03 November 2009 - 04:14 AM

Hello ,
And :( to the Bleeping Computer Malware Removal Forum
. My name is Elise and I'll be glad to help you with your computer problems.


I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.

You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.
-----------------------------------------------------------
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.

-------------------------------------------------------------
Please be patient and I'd be grateful if you would note the following
  • The cleaning process is not instant. DDS logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.
In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem

If you still need help, please include the following in your next reply
  • A detailed description of your problems
  • A new DDS log
  • GMER log


Please give me some time to review your logs and take the steps necessary with you to get your machine back in working order clean and free of malware.

Thanks and again sorry for the delay
.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#4 Growat

Growat
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 03 November 2009 - 07:49 PM

Hello,

After deleting "fonohamo.dll" my software boot errors disappeared. The problem now is when I reboot my computer, it freezes on the login screen. The only way to boot successfully to windows is by "boot to last successful configuration" or use system restore to go back a day. I suspect something malware related is still active behind the scenes. Thank you for your help.

Here is my current DDS report:


DDS (Ver_09-10-26.01) - NTFSx86
Run by Graham Rowat at 11:25:02.14 on Tue 11/03/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_16
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.1864 [GMT -7:00]

AV: Norton 360 *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
svchost.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\DOCUME~1\GRAHAM~1\LOCALS~1\Temp\clclean.0001
C:\Program Files\DU Meter\DUMeter.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\hField Technologies, Inc\Wi-Fire Connection Manager\Wi-Fire Connection Manager.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\JungleDisk\junglediskmonitor.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Steam\steam.exe
C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Graham Rowat\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5061003
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5061003
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = <local>;*.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\3.5.2.11\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\3.5.2.11\IPSBHO.DLL
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\swg.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\3.5.2.11\coIEPlg.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [SetDefaultMIDI] MIDIDef.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Creative MediaSource Go] "c:\program files\creative\mediasource5\go\CTCMSGoU.exe" /SCB
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [igndlm.exe] c:\program files\download manager\DLM.exe /windowsstart /startifwork
uRun: [Windows Live Sync] "c:\program files\windows live\sync\WindowsLiveSync.exe" /background
uRun: [Google Update] "c:\documents and settings\graham rowat\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NVHotkey] rundll32.exe nvHotkey.dll,Start
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [CTSysVol] c:\program files\creative\sbaudigy\surround mixer\CTSysVol.exe /r
mRun: [MBMon] Rundll32 CTMBHA.DLL,MBMon
mRun: [UpdReg] c:\windows\UpdReg.EXE
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [DU Meter] c:\program files\du meter\DUMeter.exe
mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [<NO NAME>]
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
StartupFolder: c:\docume~1\graham~1\startm~1\programs\startup\autoru~1\yahoo!~1.lnk - c:\program files\yahoo!\yahoo! widget engine\YahooWidgetEngine.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wi-fir~1.lnk - c:\program files\hfield technologies, inc\wi-fire connection manager\Wi-Fire Connection Manager.exe
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1219371888171
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton 360\engine\3.5.2.11\CoIEPlg.dll
Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
AppInit_DLLs: FONOHAMO.DLL c:\progra~1\google\google~1\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 nwprovau relog_ap

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\graham~1\applic~1\mozilla\firefox\profiles\34giujfk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - component: c:\documents and settings\graham rowat\application data\mozilla\firefox\profiles\34giujfk.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\winnt_x86-msvc\components\WeaveCrypto.dll
FF - component: c:\program files\evernote\evernote3\fftbclipper\components\enbar3.dll
FF - component: c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
FF - component: c:\program files\mozilla firefox\extensions\browserhighlighter@ebay.com\components\Shim.dll
FF - plugin: c:\documents and settings\graham rowat\local settings\application data\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\google updater\2.4.1399.3742\npCIDetect13.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdsplay.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwmsdrm.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\photosynth\npPhotosynthMozilla.dll
FF - plugin: c:\program files\picasa2\npPicasa2.dll
FF - plugin: c:\program files\picasa2\npPicasa3.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0305020.00b\SymEFA.sys [2009-9-8 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\n360\0305020.00b\BHDrvx86.sys [2009-9-8 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\n360\0305020.00b\cchpx86.sys [2009-9-8 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20091102.002\IDSXpx86.sys [2009-10-28 329592]
R2 N360;Norton 360;c:\program files\norton 360\engine\3.5.2.11\ccSvcHst.exe [2009-9-8 117640]
R2 NwSapAgent;SAP Agent;c:\windows\system32\svchost.exe -k netsvcs [2005-8-16 14336]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-8-30 102448]
S3 Amazon Download Agent;Amazon Download Agent;c:\program files\amazon\amazon games & software downloader\AmazonGSDownloaderService.exe [2009-9-19 297472]
S3 bcbthub;Broadcom Blutonium Device Firmware Downloader (BCM2033);c:\windows\system32\drivers\bcbthub.sys --> c:\windows\system32\drivers\bcbthub.sys [?]
S3 GoogleDesktopManager-093009-130223;Google Desktop Manager 5.9.909.30391;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-10-29 30192]
S3 ZDCNDIS5;ZDCNDIS5 NDIS Protocol Driver;\??\c:\windows\system32\zdcndis5.sys --> c:\windows\system32\ZDCndis5.SYS [?]

=============== Created Last 30 ================

2009-10-31 23:39:03 0 d-----w- c:\windows\system32\wbem\Repository
2009-10-28 07:19:27 0 d-----w- c:\docume~1\graham~1\applic~1\Malwarebytes
2009-10-28 07:19:19 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-28 07:19:18 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-10-28 07:19:17 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-28 07:19:17 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-28 05:44:32 0 d-----w- C:\VundoFix Backups
2009-10-27 23:39:52 0 d-----w- c:\program files\CCleaner
2009-10-27 23:36:32 0 d-----w- c:\program files\Norton Support
2009-10-27 08:02:26 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-27 07:37:07 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2009-10-27 07:37:03 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2009-10-27 07:37:02 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
2009-10-27 07:36:58 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
2009-10-27 07:36:54 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
2009-10-27 07:35:03 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
2009-10-27 07:35:02 28288 ----a-w- c:\windows\system32\dllcache\xjis.nls
2009-10-27 07:34:57 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
2009-10-27 07:34:51 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys
2009-10-27 07:34:24 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys
2009-10-27 07:28:18 8832 ----a-w- c:\windows\system32\dllcache\wmiacpi.sys
2009-10-27 07:28:11 154624 ----a-w- c:\windows\system32\dllcache\wlluc48.sys
2009-10-27 07:28:08 34890 ----a-w- c:\windows\system32\dllcache\wlandrv2.sys
2009-10-27 07:26:55 604253 ----a-w- c:\windows\system32\dllcache\vmodem.sys
2009-10-27 07:25:52 94720 ----a-w- c:\windows\system32\dllcache\umaxud32.dll
2009-10-27 07:24:59 159232 ----a-w- c:\windows\system32\dllcache\tridkbm.sys
2009-10-27 07:23:57 37961 ----a-w- c:\windows\system32\dllcache\tdk100b.sys
2009-10-27 07:22:58 53248 ----a-w- c:\windows\system32\dllcache\stlncoin.dll
2009-10-27 07:21:58 7168 ----a-w- c:\windows\system32\dllcache\EXCH_snprfdll.dll
2009-10-27 07:20:59 32768 ----a-w- c:\windows\system32\dllcache\sisnic.sys
2009-10-27 07:19:58 11520 ----a-w- c:\windows\system32\dllcache\scsiscan.sys
2009-10-27 07:18:59 166720 ----a-w- c:\windows\system32\dllcache\s3m.sys
2009-10-27 07:17:58 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys
2009-10-27 07:16:56 7168 ----a-w- c:\windows\system32\dllcache\pnrmc.sys
2009-10-27 07:15:55 41984 ----a-w- c:\windows\system32\dllcache\ovui2rc.dll
2009-10-27 07:14:42 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys
2009-10-27 07:14:40 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll
2009-10-27 07:14:29 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
2009-10-27 07:14:29 38912 ----a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2009-10-27 07:14:24 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys
2009-10-27 07:14:21 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys
2009-10-27 07:14:20 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys
2009-10-27 07:13:31 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys
2009-10-27 07:13:28 126080 ----a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
2009-10-27 07:13:24 32840 ----a-w- c:\windows\system32\dllcache\ngrpci.sys
2009-10-27 07:13:23 53248 ----a-w- c:\windows\system32\dllcache\nextlink.dll
2009-10-27 07:13:23 132695 ----a-w- c:\windows\system32\dllcache\netwlan5.sys
2009-10-27 07:13:16 65278 ----a-w- c:\windows\system32\dllcache\netflx3.sys
2009-10-27 07:13:11 39264 ----a-w- c:\windows\system32\dllcache\neo20xx.sys
2009-10-27 07:13:08 60480 ----a-w- c:\windows\system32\dllcache\neo20xx.dll
2009-10-27 07:13:05 15872 ----a-w- c:\windows\system32\dllcache\ne2000.sys
2009-10-27 07:11:57 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys
2009-10-27 07:11:44 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys
2009-10-27 07:11:42 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys
2009-10-27 07:11:41 98304 ----a-w- c:\windows\system32\dllcache\msir3jp.dll
2009-10-27 07:11:41 1875968 ----a-w- c:\windows\system32\dllcache\msir3jp.lex
2009-10-27 07:11:29 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys
2009-10-27 07:11:26 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys
2009-10-27 07:11:05 15232 ----a-w- c:\windows\system32\dllcache\mpe.sys
2009-10-27 07:09:58 727786 ----a-w- c:\windows\system32\dllcache\ltck000c.sys
2009-10-27 07:08:48 6144 ----a-w- c:\windows\system32\dllcache\kbd106.dll
2009-10-27 07:07:59 57398 ----a-w- c:\windows\system32\dllcache\imjpdadm.exe
2009-10-27 07:06:59 353184 ----a-w- c:\windows\system32\dllcache\i740dnt5.dll
2009-10-27 07:05:58 126976 ----a-w- c:\windows\system32\dllcache\hpgt34tk.dll
2009-10-27 07:04:58 455296 ----a-w- c:\windows\system32\dllcache\fusbbase.sys
2009-10-27 07:03:58 34816 ----a-w- c:\windows\system32\dllcache\esuimg.dll
2009-10-27 07:02:55 114944 ----a-w- c:\windows\system32\dllcache\epstw2k.sys
2009-10-27 07:01:47 334208 ----a-w- c:\windows\system32\dllcache\ds1wdm.sys
2009-10-27 07:00:59 91305 ----a-w- c:\windows\system32\dllcache\dimaint.sys
2009-10-27 06:59:59 4096 ----a-w- c:\windows\system32\dllcache\ctwdm32.dll
2009-10-27 06:58:59 54528 ----a-w- c:\windows\system32\dllcache\cap7146.sys
2009-10-27 06:57:59 36128 ----a-w- c:\windows\system32\dllcache\banshee.sys
2009-10-27 06:56:59 747392 ----a-w- c:\windows\system32\dllcache\adm8830.sys
2009-10-27 00:27:42 7168 ----a-w- c:\windows\system32\dllcache\wamregps.dll
2009-10-27 00:27:27 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
2009-10-27 00:27:08 7680 ----a-w- c:\windows\system32\dllcache\inetmgr.exe
2009-10-27 00:27:08 19968 ----a-w- c:\windows\system32\dllcache\inetsloc.dll
2009-10-27 00:27:07 169984 ----a-w- c:\windows\system32\dllcache\iisui.dll
2009-10-27 00:27:06 5632 ----a-w- c:\windows\system32\dllcache\iisrstap.dll
2009-10-27 00:27:06 14336 ----a-w- c:\windows\system32\dllcache\iisreset.exe
2009-10-27 00:27:05 6144 ----a-w- c:\windows\system32\dllcache\ftpsapi2.dll
2009-10-27 00:26:52 94720 ----a-w- c:\windows\system32\dllcache\certmap.ocx
2009-10-22 17:14:10 0 d-sh--w- c:\documents and settings\graham rowat\IECompatCache
2009-10-22 16:01:01 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2009-10-17 02:54:31 0 d-----w- c:\program files\Witcobber
2009-10-17 02:49:59 0 d-----w- c:\program files\common files\Windows Live
2009-10-14 05:46:36 0 d-----w- c:\program files\common files\Control Panels
2009-10-14 05:43:18 0 d-----w- c:\docume~1\alluse~1\applic~1\ALM
2009-10-14 05:34:39 2463976 ----a-w- c:\windows\system32\NPSWF32.dll
2009-10-14 05:34:39 190696 ----a-w- c:\windows\system32\NPSWF32_FlashUtil.exe
2009-10-14 04:56:23 0 d-----w- c:\program files\common files\Macrovision Shared

==================== Find3M ====================

2009-11-03 17:40:18 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2009-11-03 06:31:24 160835 ----a-w- c:\windows\system32\nvModes.dat
2009-10-31 23:40:20 0 ----a-w- c:\windows\system32\drivers\logiflt.iad
2009-10-20 23:22:03 93304 ---ha-w- c:\windows\system32\mlfcache.dat
2009-10-06 05:44:35 18444 ----a-w- c:\docume~1\graham~1\applic~1\wklnhst.dat
2009-09-19 20:29:35 279712 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-09-19 20:29:31 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\dllcache\msv1_0.dll
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\dllcache\msasn1.dll
2009-08-28 23:42:52 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-08-28 10:35:52 173056 ----a-w- c:\windows\system32\dllcache\ie4uinit.exe
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\dllcache\strmdll.dll
2009-08-20 15:11:24 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2009-08-20 15:10:44 107368 ----a-r- c:\windows\system32\GEARAspi.dll
2009-08-19 03:08:49 1885464 ----a-w- c:\windows\system32\AutoPartNt.exe
2009-08-18 17:17:08 98304 -c--a-w- c:\windows\system32\CmdLineExt.dll
2009-08-07 01:24:18 327896 ----a-w- c:\windows\system32\dllcache\wucltui.dll
2009-08-07 01:24:18 209632 ----a-w- c:\windows\system32\dllcache\wuweb.dll
2009-08-07 01:24:06 53472 ----a-w- c:\windows\system32\dllcache\wuauclt.exe
2009-08-07 01:24:04 96480 ----a-w- c:\windows\system32\dllcache\cdm.dll
2009-08-07 01:23:54 575704 ----a-w- c:\windows\system32\dllcache\wuapi.dll
2009-08-07 01:23:46 1929952 ----a-w- c:\windows\system32\dllcache\wuaueng.dll
2005-06-26 20:32:28 616448 -csha-r- c:\windows\system32\cygwin1.dll
2005-06-22 03:37:42 45568 -csha-r- c:\windows\system32\cygz.dll
2006-05-03 09:06:54 163328 --sh--r- c:\windows\system32\flvDX.dll
2004-01-25 05:00:00 70656 --sha-r- c:\windows\system32\i420vfw.dll
2007-02-21 10:47:16 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 12:30:52 216064 --sh--r- c:\windows\system32\nbDX.dll
2009-07-26 05:39:03 0 --sha-w- c:\windows\system32\sapahado.dll
2005-02-28 18:16:22 240128 --sha-r- c:\windows\system32\x.264.exe
2009-07-26 05:39:03 0 --sha-w- c:\windows\system32\yahafazo.dll
2004-01-25 05:00:00 70656 --sha-r- c:\windows\system32\yv12vfw.dll
2008-08-22 02:17:24 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008082120080822\index.dat
2008-06-29 15:47:51 1554432 -csha-w- c:\windows\system32\shelldhcp\ntmsxml\x264.exe

============= FINISH: 11:25:58.81 ===============

Here is my GMER log

GMER 1.0.15.15163 - http://www.gmer.net
Rootkit scan 2009-11-03 17:22:02
Windows 5.1.2600 Service Pack 3
Running: 5i0wg1vt.exe; Driver: C:\DOCUME~1\GRAHAM~1\LOCALS~1\Temp\uxldrpob.sys


---- System - GMER 1.0.15 ----

SSDT 8B364D48 ZwConnectPort
SSDT 8AE8BB30 ZwCreateThread
SSDT 8B43ADC0 ZwLoadDriver
SSDT 8B3D2460 ZwResumeThread

---- Kernel code sections - GMER 1.0.15 ----

? SYMEFA.SYS The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2232] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4448] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5340] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED1A
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED8B
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEB9
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 17, 00]
.text C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[8336] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe[312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00C72F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe[312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00C72CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe[312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00C72D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe[312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00C72CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\Rundll32.exe[320] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00832F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\Rundll32.exe[320] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00832CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\Rundll32.exe[320] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00832D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\Rundll32.exe[320] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00832CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE[480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AE2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE[480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AE2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE[480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00AE2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE[480] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AE2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[620] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [015A2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[620] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [015A2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[620] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [015A2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[620] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [015A2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\psapi.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\psapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] [6BFA9979] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe[668] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9A27] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[736] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00C52F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[736] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00C52CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[736] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00C52D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[736] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00C52CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[944] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003C2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[944] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003C2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[944] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003C2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe[944] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003C2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\eHome\ehmsas.exe[996] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B02F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\eHome\ehmsas.exe[996] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B02CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\eHome\ehmsas.exe[996] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00B02D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\eHome\ehmsas.exe[996] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B02CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\System32\DLA\DLACTRLW.EXE[1748] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00C52F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\System32\DLA\DLACTRLW.EXE[1748] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00C52CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\System32\DLA\DLACTRLW.EXE[1748] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00C52D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\System32\DLA\DLACTRLW.EXE[1748] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00C52CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\ehome\ehtray.exe[2316] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B62F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\ehome\ehtray.exe[2316] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B62CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\ehome\ehtray.exe[2316] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00B62D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\ehome\ehtray.exe[2316] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B62CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2544] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00D42F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2544] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00D42CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2544] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00D42D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2544] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00D42CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\WLTRAY.exe[2680] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003D2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\WLTRAY.exe[2680] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003D2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\WLTRAY.exe[2680] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003D2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\WLTRAY.exe[2680] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003D2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2976] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00DC2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2976] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00DC2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2976] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00DC2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe[2976] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00DC2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\rundll32.exe[3012] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B32F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\rundll32.exe[3012] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B32CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\rundll32.exe[3012] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00B32D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\rundll32.exe[3012] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B32CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe[3068] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00CE2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe[3068] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00CE2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe[3068] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00CE2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe[3068] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00CE2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\stsystra.exe[3304] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00BA2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\stsystra.exe[3304] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00BA2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\stsystra.exe[3304] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00BA2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\stsystra.exe[3304] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00BA2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Dell\Media Experience\DMXLauncher.exe[3472] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00C12F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Dell\Media Experience\DMXLauncher.exe[3472] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00C12CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Dell\Media Experience\DMXLauncher.exe[3472] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00C12D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Dell\Media Experience\DMXLauncher.exe[3472] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00C12CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[3944] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003E2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[3944] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003E2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[3944] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003E2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[3944] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003E2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3992] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00D42F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3992] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00D42CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3992] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00D42D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[3992] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00D42CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe[4016] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00C22F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe[4016] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00C22CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe[4016] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00C22D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe[4016] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00C22CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\DOCUME~1\GRAHAM~1\LOCALS~1\Temp\clclean.0001[4112] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00AC2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\DOCUME~1\GRAHAM~1\LOCALS~1\Temp\clclean.0001[4112] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00AC2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\DOCUME~1\GRAHAM~1\LOCALS~1\Temp\clclean.0001[4112] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00AC2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\DOCUME~1\GRAHAM~1\LOCALS~1\Temp\clclean.0001[4112] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00AC2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\DU Meter\DUMeter.exe[4220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00CB2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\DU Meter\DUMeter.exe[4220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00CB2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\DU Meter\DUMeter.exe[4220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00CB2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\DU Meter\DUMeter.exe[4220] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00CB2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Logitech\SetPoint\SetPoint.exe[4276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00DD2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Logitech\SetPoint\SetPoint.exe[4276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00DD2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Logitech\SetPoint\SetPoint.exe[4276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00DD2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Logitech\SetPoint\SetPoint.exe[4276] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00DD2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\hField Technologies, Inc\Wi-Fire Connection Manager\Wi-Fire Connection Manager.exe[4292] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00F82F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\hField Technologies, Inc\Wi-Fire Connection Manager\Wi-Fire Connection Manager.exe[4292] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00F82CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\hField Technologies, Inc\Wi-Fire Connection Manager\Wi-Fire Connection Manager.exe[4292] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00F82D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\hField Technologies, Inc\Wi-Fire Connection Manager\Wi-Fire Connection Manager.exe[4292] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00F82CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe[4312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [003D2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe[4312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [003D2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe[4312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [003D2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe[4312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [003D2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\rundll32.exe[4316] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B32F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\rundll32.exe[4316] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B32CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\rundll32.exe[4316] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00B32D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\rundll32.exe[4316] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B32CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE[4408] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00F52F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE[4408] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00F52CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE[4408] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00F52D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE[4408] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00F52CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[4628] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A62F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[4628] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A62CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[4628] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A62D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\ctfmon.exe[4628] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A62CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4732] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00D52F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4732] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00D52CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4732] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00D52D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4732] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00D52CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\JungleDisk\junglediskmonitor.exe[4936] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00C92F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\JungleDisk\junglediskmonitor.exe[4936] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00C92CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\JungleDisk\junglediskmonitor.exe[4936] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00C92D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\JungleDisk\junglediskmonitor.exe[4936] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00C92CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe[5264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00B92F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe[5264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00B92CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe[5264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00B92D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe[5264] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00B92CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Logitech\QuickCam\Quickcam.exe[5304] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [010B2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Logitech\QuickCam\Quickcam.exe[5304] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [010B2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Logitech\QuickCam\Quickcam.exe[5304] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [010B2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Logitech\QuickCam\Quickcam.exe[5304] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [010B2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[5376] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00DD2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[5376] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00DD2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[5376] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00DD2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[5376] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00DD2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe[5880] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00C52F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe[5880] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00C52CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe[5880] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00C52D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe[5880] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00C52CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe[6256] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00F82F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe[6256] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00F82CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe[6256] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00F82D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe[6256] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00F82CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\notepad.exe[6524] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00382F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\notepad.exe[6524] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00382CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\notepad.exe[6524] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00382D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\notepad.exe[6524] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00382CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\taskmgr.exe[7136] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A42F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\taskmgr.exe[7136] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A42CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\taskmgr.exe[7136] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A42D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\taskmgr.exe[7136] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A42CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\wscntfy.exe[7356] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00962F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\wscntfy.exe[7356] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00962CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\wscntfy.exe[7356] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00962D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\wscntfy.exe[7356] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00962CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Graham Rowat\Desktop\5i0wg1vt.exe[9312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00802F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Graham Rowat\Desktop\5i0wg1vt.exe[9312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00802CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Graham Rowat\Desktop\5i0wg1vt.exe[9312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00802D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\Graham Rowat\Desktop\5i0wg1vt.exe[9312] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00802CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\notepad.exe[9372] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00A42F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\notepad.exe[9372] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00A42CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\notepad.exe[9372] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00A42D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT C:\WINDOWS\system32\notepad.exe[9372] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00A42CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume4 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume4 timntr.sys (Acronis True Image Backup Archive Explorer/Acronis)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)

AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device Cdfs.SYS (CD-ROM File System Driver/Microsoft Corporation)
Device DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet002\Control\Session Manager@PendingFileRenameOperations ?????&??????????????????????????{8??? ??????????????????????????????}???????????????????????????SWITZERLAND??????????????????????????????????????????????????????????!?!?!?!?!???!?!?#?%?#??????????????????????????????????192.168.0.1?d????????^??????????? ???????????????????????????????????????????????????????E???????u????????????????????????E?????????????????????? ???????????????????????????????????????????????????????E??????????????????UKRAINE???????????????????E????????????????????????????A?A?????????????????S????Auto????? ????????????????????? ??????????[? ??????cii??????????????????????? ????????????????????? ????????N???????fs???????????????????????????????????????&???????????????????????????????E???????????????????a??????????????????????????????????????????????????????????????????????????????????????????????????????????????????la??? ??????????????????????????????????????????? ????????????????????? ?????????????????f??? ???????????????????%? ??????????\?????????Se??? ??d`???A?????A?A??? ?????????????????
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000272a1cbb4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000272a1cbb4@001915727899 0xB4 0xA8 0x1D 0xBC ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\0003c92ac6e6 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\0003c92ac6e6@001915727899 0x46 0x93 0x72 0xF2 ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001a7d0ac377 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001a7d0ac377@00231265e2d4 0x8A 0xCB 0x04 0xA1 ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001a7d0ac377@001a4506d102 0x36 0xFA 0x45 0x71 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272a1cbb4
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272a1cbb4@001915727899 0xB4 0xA8 0x1D 0xBC ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0003c92ac6e6
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0003c92ac6e6@001915727899 0x46 0x93 0x72 0xF2 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001a7d0ac377
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001a7d0ac377@00231265e2d4 0x8A 0xCB 0x04 0xA1 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001a7d0ac377@001a4506d102 0x36 0xFA 0x45 0x71 ...
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\000272a1cbb4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\000272a1cbb4@001915727899 0xB4 0xA8 0x1D 0xBC ...
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\0003c92ac6e6 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\0003c92ac6e6@001915727899 0x46 0x93 0x72 0xF2 ...
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\001a7d0ac377 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\001a7d0ac377@00231265e2d4 0x8A 0xCB 0x04 0xA1 ...
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\001a7d0ac377@001a4506d102 0x36 0xFA 0x45 0x71 ...

---- EOF - GMER 1.0.15 ----

#5 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,202 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:01:24 AM

Posted 04 November 2009 - 06:49 AM

Hello Growat,

Lets try to repair first your logon problems, after that we will concentrate on other issues :(

BACKUP THE REGISTRY
---------------------------
Backup Your Registry with ERUNT
  • Please use the following link and scroll down to ERUNT and download it.
    http://aumha.org/freeware/freeware.php
  • For version with the Installer:
    Use the setup program to install ERUNT on your computer
  • For the zipped version:
    Unzip all the files into a folder of your choice.
Click Erunt.exe to backup your registry to the folder of your choice.

Note: to restore your registry, go to the folder and start ERDNT.exe


We need to execute an OTM script
  • Please download OTM by OldTimer and save it to your desktop.
  • Double click the Posted Image icon on your desktop.
  • Paste the following code under the Posted Image area. Do not include the word "Code".
    :Reg
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"="c:\progra~1\google\google~1\GOEC62~1.DLL"
    
    :commands
    [emptytemp]
    [reboot]
  • Push the large Posted Image button.
  • OTM may ask to reboot the machine. Please do so if asked.
  • Copy/Paste the contents under the Posted Image line here in your next reply.
  • If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
In your next reply, please include the following:
  • OTM log

Let me know if you can boot normally now.

Edited by elise025, 04 November 2009 - 06:50 AM.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#6 Growat

Growat
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 04 November 2009 - 02:48 PM

Hello,

I backed up my Registry and ran OTM. I was asked to reboot and when I did, I froze at the login screen again. On my next boot attempt, I choose "last known good configuration" and that allowed me to boot into windows. I attempted a second reboot of the computer and had the same result. I've also noted that my wireless network connection is now disabled on reboot. How can I adjust that?

Here's the OTM log. Thanks.

All processes killed
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows\\"AppInit_DLLs"|"c:\progra~1\google\google~1\GOEC62~1.DLL" /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 59964 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Graham Rowat
File delete failed. C:\Documents and Settings\Graham Rowat\Local Settings\Temp\clclean.0001.dir.0000\~df394b.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Graham Rowat\Local Settings\Temp\clclean.0001.dir.0000\~efe2.tmp scheduled to be deleted on reboot.
->Temp folder emptied: 2455147 bytes
->Temporary Internet Files folder emptied: 2732862 bytes
->Java cache emptied: 32283745 bytes
->FireFox cache emptied: 69937541 bytes
->Google Chrome cache emptied: 265196198 bytes
->Apple Safari cache emptied: 23733394 bytes

User: Kate Baldwin
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes
->FireFox cache emptied: 2684175 bytes

User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 132966 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 531159 bytes

%systemdrive% .tmp files removed: 0 bytes
C:\WINDOWS\msdownld.tmp folder deleted successfully.
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 107571876 bytes
Windows Temp folder emptied: 568985 bytes
RecycleBin emptied: 1827345341 bytes

Total Files Cleaned = -1868.90 mb


OTM by OldTimer - Version 3.0.0.6 log created on 11042009_122328

Files moved on Reboot...
C:\Documents and Settings\Graham Rowat\Local Settings\Temp\clclean.0001.dir.0000\~df394b.tmp moved successfully.
C:\Documents and Settings\Graham Rowat\Local Settings\Temp\clclean.0001.dir.0000\~efe2.tmp moved successfully.

Registry entries deleted on Reboot...

#7 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,202 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:01:24 AM

Posted 04 November 2009 - 03:42 PM

Hello Growat,

We have to try this a little different :(

BACKUP THE REGISTRY
---------------------------
Backup Your Registry with ERUNT
Click Erunt.exe to backup your registry to the folder of your choice.

Note: to restore your registry, go to the folder and start ERDNT.exe


We need to execute an OTM script
  • Please download OTM by OldTimer and save it to your desktop.
  • Double click the Posted Image icon on your desktop.
  • Paste the following code under the Posted Image area. Do not include the word "Code".
    :Reg
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=""
    
    :commands
    [reboot]
  • Push the large Posted Image button.
  • OTM may ask to reboot the machine. Please do so if asked.
  • Copy/Paste the contents under the Posted Image line here in your next reply.
  • If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
In your next reply, please include the following:
  • OTM log

Let me know if you can boot normally now.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#8 Growat

Growat
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 05 November 2009 - 01:39 PM

Still not booting normally I'm afraid. Freezing at log in, "last known good configuration" allowing me to boot normally.

OTM log:

========== REGISTRY ==========
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows\\"AppInit_DLLs"|"" /E : value set successfully!
========== COMMANDS ==========

OTM by OldTimer - Version 3.0.0.6 log created on 11052009_112635

#9 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,202 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:01:24 AM

Posted 05 November 2009 - 02:32 PM

Hello Growat,

We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
In your next reply, please include the following:
  • OTL report

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#10 Growat

Growat
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 05 November 2009 - 02:50 PM

Thanks for sticking with me Elise.

OTL Report:

OTL logfile created on: 11/5/2009 12:40:13 PM - Run 1
OTL by OldTimer - Version 3.1.3.3 Folder = C:\Documents and Settings\Graham Rowat\My Documents\Software Downloads\Malware adventures
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.98 Gb Available Physical Memory | 99.17% Memory free
4.00 Gb Paging File | 3.20 Gb Available in Paging File | 79.92% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 292.83 Gb Total Space | 111.93 Gb Free Space | 38.22% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 73.12 Gb Total Space | 35.55 Gb Free Space | 48.62% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 292.83 Gb Total Space | 111.93 Gb Free Space | 38.22% Space Free | Partition Type: FAT

Computer Name: XPSLAPTOP
Current User Name: Graham Rowat
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/11/05 12:39:48 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Graham Rowat\My Documents\Software Downloads\Malware adventures\OTL.exe
PRC - [2009/11/05 11:44:36 | 00,059,964 | ---- | M] (Macrovision Europe Ltd.) -- C:\Documents and Settings\Graham Rowat\Local Settings\Temp\clclean.0001
PRC - [2009/11/02 16:14:43 | 00,136,176 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe
PRC - [2009/10/29 10:41:58 | 00,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2009/10/23 22:48:17 | 01,217,808 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\steam.exe
PRC - [2009/10/22 21:18:22 | 01,171,784 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
PRC - [2009/10/09 11:24:55 | 00,919,024 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/10/09 11:24:55 | 00,919,024 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/10/09 11:24:55 | 00,919,024 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/10/09 11:24:55 | 00,919,024 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/10/09 11:24:55 | 00,919,024 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/10/09 11:24:55 | 00,919,024 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/10/09 11:24:55 | 00,919,024 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/10/09 11:24:55 | 00,919,024 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/10/09 11:24:55 | 00,919,024 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/10/09 11:24:55 | 00,919,024 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/10/09 11:24:55 | 00,919,024 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/10/09 11:24:55 | 00,919,024 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2009/08/22 01:26:07 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
PRC - [2009/08/22 01:26:07 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
PRC - [2009/07/09 09:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/07/02 12:15:36 | 00,425,984 | ---- | M] (hField Technologies, Inc.) -- C:\Program Files\hField Technologies, Inc\Wi-Fire Connection Manager\Wi-Fire Connection Manager.exe
PRC - [2009/06/10 03:57:36 | 00,431,384 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2009/03/11 11:24:48 | 24,095,528 | R--- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Phone\Skype.exe
PRC - [2009/02/06 03:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2009/01/30 06:12:00 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2008/12/12 08:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/11/21 12:54:31 | 00,168,432 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
PRC - [2008/09/02 04:26:16 | 01,448,576 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008/09/02 04:26:16 | 00,604,776 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008/09/02 04:26:16 | 00,346,720 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
PRC - [2008/05/02 00:44:08 | 00,805,392 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2008/05/02 00:40:56 | 00,076,304 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL2\KHALMNPR.exe
PRC - [2008/04/13 17:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/29 07:36:24 | 02,674,773 | ---- | M] (Jungle Tools LLC) -- C:\Program Files\JungleDisk\junglediskmonitor.exe
PRC - [2007/10/25 14:37:32 | 02,178,832 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2007/10/25 14:33:22 | 00,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2007/10/25 14:32:58 | 00,407,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2007/10/19 11:19:22 | 00,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2007/10/19 11:17:28 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2007/10/19 11:17:28 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2007/04/09 11:29:51 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2006/11/13 11:39:52 | 01,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006/11/13 11:39:34 | 00,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2006/10/23 05:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe
PRC - [2006/10/02 22:16:17 | 00,069,632 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
PRC - [2006/06/29 10:12:34 | 00,376,832 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2006/03/24 14:30:44 | 00,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/03/08 09:48:02 | 00,761,947 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2005/12/19 06:08:42 | 01,347,584 | ---- | M] (Dell Inc.) -- C:\WINDOWS\system32\WLTRAY.EXE
PRC - [2005/12/19 06:08:42 | 00,018,944 | ---- | M] () -- C:\WINDOWS\system32\WLTRYSVC.EXE
PRC - [2005/12/19 06:08:40 | 01,200,128 | ---- | M] (Dell Inc.) -- C:\WINDOWS\system32\BCMWLTRY.EXE
PRC - [2005/12/15 10:14:40 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehrecvr.exe
PRC - [2005/12/12 07:36:36 | 00,143,360 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe
PRC - [2005/10/31 08:51:52 | 00,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
PRC - [2005/10/05 01:12:00 | 00,094,208 | ---- | M] () -- C:\Program Files\Dell\Media Experience\DMXLauncher.exe
PRC - [2005/09/29 12:01:14 | 00,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehtray.exe
PRC - [2005/09/08 03:20:00 | 00,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005/08/05 11:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehSched.exe
PRC - [2005/08/05 11:56:28 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehmsas.exe
PRC - [2005/08/05 11:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe
PRC - [2004/07/27 14:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2003/06/22 13:38:28 | 01,297,920 | ---- | M] (Hagel Technologies) -- C:\Program Files\DU Meter\DUMeter.exe
PRC - [2003/06/19 20:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [1999/12/12 08:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE


========== Modules (SafeList) ==========

MOD - [2009/11/05 12:39:48 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Graham Rowat\My Documents\Software Downloads\Malware adventures\OTL.exe
MOD - [2009/08/22 01:26:04 | 00,419,696 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.5.2.11\asOEHook.dll
MOD - [2008/09/02 04:25:10 | 00,073,728 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\BtMmHook.dll
MOD - [2008/07/25 11:17:20 | 00,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
MOD - [2008/05/02 00:42:50 | 00,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll
MOD - [2008/05/02 00:38:54 | 00,064,016 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\GameHook.dll
MOD - [2008/04/13 17:12:51 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2008/04/13 17:12:00 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mslbui.dll
MOD - [2008/04/13 17:11:53 | 00,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2007/10/19 11:19:10 | 00,109,080 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcInj.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/10/29 10:41:58 | 00,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-093009-130223)
SRV - [2009/10/13 21:56:23 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/09/21 13:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/08/22 01:26:07 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe -- (N360)
SRV - [2009/07/09 09:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/06/10 03:57:36 | 00,431,384 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009/05/20 11:18:28 | 00,297,472 | ---- | M] (Amazon.com) -- C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe -- (Amazon Download Agent)
SRV - [2009/01/30 06:12:00 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2008/12/12 08:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/21 12:54:31 | 00,168,432 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/09/02 04:26:16 | 00,346,720 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2008/05/02 00:42:06 | 00,121,360 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2008/04/13 17:12:02 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nwwks.dll -- (NWCWorkstation)
SRV - [2008/04/13 17:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2007/10/19 11:21:16 | 00,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007/10/19 11:19:22 | 00,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007/10/19 11:17:28 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2006/10/23 05:50:35 | 00,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2006/10/18 18:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
SRV - [2006/10/02 22:16:17 | 00,069,632 | ---- | M] (Creative Labs) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2006/06/29 10:12:34 | 00,376,832 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2005/12/19 06:08:42 | 00,018,944 | ---- | M] () -- C:\WINDOWS\System32\WLTRYSVC.EXE -- (wltrysvc)
SRV - [2005/12/15 10:14:40 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2005/08/05 11:56:32 | 00,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehSched.exe -- (ehSched)
SRV - [2005/08/05 11:27:08 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe -- (McrdSvc)
SRV - [2004/10/22 01:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/08/10 03:00:00 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipxsap.dll -- (NwSapAgent)
SRV - [2003/07/28 09:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 20:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
SRV - [2002/08/01 10:22:40 | 00,065,536 | ---- | M] (HP) -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)
SRV - [1999/12/12 08:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE -- (Creative Service for CDROM Access)


========== Driver Services (SafeList) ==========

DRV - [2009/10/28 15:37:22 | 00,329,592 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091102.002\IDSXpx86.sys -- (IDSxpx86)
DRV - [2009/09/19 13:29:35 | 00,279,712 | ---- | M] () -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009/09/19 13:29:31 | 00,025,888 | ---- | M] () -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009/08/30 01:00:00 | 00,371,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/08/30 01:00:00 | 00,102,448 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/08/28 16:42:52 | 00,040,448 | ---- | M] (Apple, Inc.) -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/08/25 01:00:00 | 01,323,568 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091105.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2009/08/25 01:00:00 | 00,084,912 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091105.003\NAVENG.SYS -- (NAVENG)
DRV - [2009/08/22 01:26:08 | 00,482,432 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\N360\0305020.00B\ccHPx86.sys -- (ccHP)
DRV - [2009/08/22 01:26:08 | 00,310,320 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\N360\0305020.00B\SYMEFA.SYS -- (SymEFA)
DRV - [2009/08/22 01:26:08 | 00,308,272 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\N360\0305020.00B\SRTSP.SYS -- (SRTSP)
DRV - [2009/08/22 01:26:08 | 00,259,632 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\N360\0305020.00B\BHDrvx86.sys -- (BHDrvx86)
DRV - [2009/08/22 01:26:08 | 00,217,136 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\N360\0305020.00B\SYMTDI.SYS -- (SYMTDI)
DRV - [2009/08/22 01:26:08 | 00,089,904 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\N360\0305020.00B\SYMFW.SYS -- (SYMFW)
DRV - [2009/08/22 01:26:08 | 00,043,696 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\N360\0305020.00B\SRTSPX.SYS -- (SRTSPX)
DRV - [2009/08/22 01:26:08 | 00,036,400 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\N360\0305020.00B\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2009/08/22 01:26:08 | 00,033,072 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\N360\0305020.00B\SYMIDS.SYS -- (SYMIDS)
DRV - [2009/08/20 08:11:24 | 00,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/08/20 08:10:44 | 00,026,600 | R--- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/08/18 12:59:23 | 00,441,760 | ---- | M] (Acronis) -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2009/08/18 12:59:23 | 00,044,384 | ---- | M] (Acronis) -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009/08/18 12:59:01 | 00,132,480 | ---- | M] (Acronis) -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2009/08/18 12:58:36 | 00,368,480 | ---- | M] (Acronis) -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV - [2009/08/18 12:20:55 | 00,036,400 | R--- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2009/08/18 12:20:55 | 00,036,400 | R--- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2009/01/30 06:12:00 | 06,250,848 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/11/20 12:19:06 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/08/19 19:16:36 | 00,991,656 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/08/19 19:16:28 | 00,047,272 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/07/24 14:37:10 | 00,156,816 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/05/30 08:46:12 | 00,534,568 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/04/13 11:56:06 | 00,088,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 11:46:20 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008/04/13 11:46:20 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008/04/13 11:46:09 | 00,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008/04/13 11:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio)
DRV - [2008/04/13 11:36:39 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 11:36:39 | 00,040,960 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 11:34:12 | 00,163,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwrdr.sys -- (NWRDR)
DRV - [2008/04/13 09:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/03/10 15:18:42 | 00,057,384 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2008/02/29 01:13:46 | 00,028,944 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2008/02/29 01:13:24 | 00,036,880 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008/02/29 01:13:16 | 00,035,344 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008/02/04 14:57:44 | 00,037,160 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008/02/04 14:57:30 | 00,037,032 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2007/11/13 03:25:53 | 00,020,480 | R--- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2007/10/19 11:16:30 | 02,109,976 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2007/10/11 19:01:06 | 00,023,832 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2007/10/11 19:00:54 | 03,647,384 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2007/10/11 19:00:42 | 00,041,752 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/10/11 18:59:12 | 01,920,920 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2007/10/11 16:59:24 | 00,025,624 | ---- | M] () -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007/10/11 16:59:02 | 02,142,488 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2006/11/06 16:04:56 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wceusbsh.sys -- (wceusbsh)
DRV - [2006/08/24 10:44:16 | 00,477,696 | ---- | M] (ZyDAS Technology Corporation) -- C:\WINDOWS\system32\drivers\ZD1211BU.sys -- (ZD1211BU(ZyDAS)
DRV - [2006/03/24 14:34:30 | 01,156,648 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/03/08 09:35:10 | 00,191,872 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/01/10 10:07:58 | 00,004,864 | ---- | M] (GTek Technologies Ltd.) -- C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/01/03 22:41:48 | 01,389,056 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2005/11/30 22:40:56 | 00,936,960 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2005/11/30 22:40:12 | 00,192,512 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2005/11/30 22:40:08 | 00,669,696 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2005/11/10 07:25:14 | 00,142,720 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005/11/02 10:24:34 | 00,424,320 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005/10/04 19:57:08 | 00,012,544 | ---- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2005/09/12 01:30:00 | 00,089,264 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2005/09/08 03:20:00 | 00,094,332 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 03:20:00 | 00,087,036 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 03:20:00 | 00,086,524 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 03:20:00 | 00,025,628 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 03:20:00 | 00,014,684 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 03:20:00 | 00,006,364 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 03:20:00 | 00,002,496 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 10:16:52 | 00,005,628 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 10:16:16 | 00,022,684 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/12 15:50:46 | 00,016,128 | ---- | M] (Dell Inc) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/08/12 03:20:00 | 00,040,544 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2005/07/22 21:41:46 | 00,026,112 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe)
DRV - [2005/07/22 21:41:42 | 00,068,864 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2005/07/14 14:58:14 | 00,028,544 | ---- | M] (REDC) -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/07/14 13:28:38 | 00,307,968 | ---- | M] (REDC) -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/07/12 15:00:30 | 00,051,328 | ---- | M] (REDC) -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/05/25 00:34:00 | 00,158,464 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctusfsyn.sys -- (CTUSFSYN)
DRV - [2005/05/13 13:27:56 | 00,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)
DRV - [2005/01/10 01:15:00 | 00,138,752 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2005/01/10 01:15:00 | 00,106,496 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2004/08/10 03:00:00 | 00,063,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/10 03:00:00 | 00,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/08/10 03:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2003/01/10 14:13:04 | 00,033,588 | R--- | M] (America Online, Inc.) -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)
DRV - [2001/08/17 12:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 12:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 12:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 12:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 12:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 11:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 11:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 11:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 11:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 11:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 11:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 11:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 11:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 11:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 11:51:54 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001/08/17 10:12:10 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\e100b325.sys -- (E100B)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5061003
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5061003


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5061003
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5061003
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1161533016-824089320-3721352659-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5061003
IE - HKU\S-1-5-21-1161533016-824089320-3721352659-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1161533016-824089320-3721352659-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-1161533016-824089320-3721352659-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-1161533016-824089320-3721352659-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1161533016-824089320-3721352659-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1161533016-824089320-3721352659-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IE - HKU\S-1-5-21-1161533016-824089320-3721352659-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&cl...amp;ibd=5061003
IE - HKU\S-1-5-21-1161533016-824089320-3721352659-1005\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1161533016-824089320-3721352659-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1161533016-824089320-3721352659-1005\S-1-5-21-1161533016-824089320-3721352659-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1161533016-824089320-3721352659-1005\S-1-5-21-1161533016-824089320-3721352659-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - prefs.js..extensions.enabledItems: {fce36c1e-58d8-498a-b2a5-66ad1cedebbb}:0.72
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.3
FF - prefs.js..extensions.enabledItems: {E0B8C461-F8FB-49b4-8373-FE32E9252800}:3.0.0.126
FF - prefs.js..extensions.enabledItems: firegestures@xuldev.org:1.1.4
FF - prefs.js..extensions.enabledItems: {77b819fa-95ad-4f2c-ac7c-486b356188a9}:1.5.20080823
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07
FF - prefs.js..extensions.enabledItems: {a7101e54-830c-4d33-a3ed-bedc17ec44da}:1.0.1
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.07103010
FF - prefs.js..extensions.enabledItems: browserhighlighter@ebay.com:1.0.13966
FF - prefs.js..extensions.enabledItems: {340c2bbc-ce74-4362-90b5-7c26312808ef}:0.2.6
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.3
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20080809

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/02 07:59:24 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/10/27 01:02:01 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/31 16:40:24 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/28 11:16:32 | 00,000,000 | ---D | M]

[2008/06/21 23:20:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Graham Rowat\Application Data\Mozilla\Extensions
[2008/06/21 23:20:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Graham Rowat\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/08/19 10:51:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Graham Rowat\Application Data\Mozilla\Firefox\Profiles\34giujfk.default\extensions
[2008/08/31 22:51:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Graham Rowat\Application Data\Mozilla\Firefox\Profiles\34giujfk.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}
[2007/10/17 09:05:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Graham Rowat\Application Data\Mozilla\Firefox\Profiles\34giujfk.default\extensions\{4649c7bb-2665-40f9-be48-fa9db9fdeb6c}
[2007/10/17 09:05:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Graham Rowat\Application Data\Mozilla\Firefox\Profiles\34giujfk.default\extensions\{670a77c5-010e-4476-a8ce-d09171318839}
[2008/08/31 22:51:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Graham Rowat\Application Data\Mozilla\Firefox\Profiles\34giujfk.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2008/09/19 21:38:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Graham Rowat\Application Data\Mozilla\Firefox\Profiles\34giujfk.default\extensions\{a7101e54-830c-4d33-a3ed-bedc17ec44da}
[2007/11/23 10:04:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Graham Rowat\Application Data\Mozilla\Firefox\Profiles\34giujfk.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2008/06/21 23:30:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Graham Rowat\Application Data\Mozilla\Firefox\Profiles\34giujfk.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2008/07/03 19:57:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Graham Rowat\Application Data\Mozilla\Firefox\Profiles\34giujfk.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2007/07/19 16:11:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Graham Rowat\Application Data\Mozilla\Firefox\Profiles\34giujfk.default\extensions\browserstate@google.com
[2008/08/31 22:51:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Graham Rowat\Application Data\Mozilla\Firefox\Profiles\34giujfk.default\extensions\firegestures@xuldev.org
[2007/10/17 09:08:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Graham Rowat\Application Data\Mozilla\Firefox\Profiles\34giujfk.default\extensions\locationbar2@design-noir.de
[2008/08/26 19:06:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Graham Rowat\Application Data\Mozilla\Firefox\Profiles\34giujfk.default\extensions\moveplayer@movenetworks.com
[2008/09/26 21:42:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Graham Rowat\Application Data\Mozilla\Firefox\Profiles\34giujfk.default\extensions\nasanightlaunch@example.com
[2009/06/26 18:22:33 | 00,002,345 | ---- | M] () -- C:\Documents and Settings\Graham Rowat\Application Data\Mozilla\Firefox\Profiles\34giujfk.default\searchplugins\google-video-youtube.xml
[2009/06/26 18:22:33 | 00,001,031 | ---- | M] () -- C:\Documents and Settings\Graham Rowat\Application Data\Mozilla\Firefox\Profiles\34giujfk.default\searchplugins\playbill.xml
[2008/06/21 23:11:21 | 00,001,108 | ---- | M] () -- C:\Documents and Settings\Graham Rowat\Application Data\Mozilla\Firefox\Profiles\34giujfk.default\searchplugins\wikipedia-en.xml
[2009/11/05 11:44:48 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/09/26 23:07:38 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/09/27 01:07:02 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/10/27 01:02:29 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/08/20 07:57:29 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\browserhighlighter@ebay.com
[2008/09/26 23:07:30 | 00,023,040 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2008/09/26 23:07:30 | 00,134,656 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009/10/29 10:41:58 | 00,119,808 | ---- | M] (Google) -- C:\Program Files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
[2007/04/10 15:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2009/10/27 01:01:59 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2004/05/13 14:37:00 | 00,364,544 | ---- | M] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\Program Files\Mozilla Firefox\plugins\npdsplay.dll
[2008/09/26 23:07:31 | 00,065,536 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2003/07/14 19:56:52 | 00,013,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
[2007/05/10 19:52:34 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009/09/14 09:38:57 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009/09/14 09:38:57 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009/09/14 09:38:57 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009/09/14 09:38:57 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009/09/14 09:38:58 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009/09/14 09:38:58 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009/09/14 09:38:58 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2008/09/10 11:49:12 | 06,583,016 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSibelius.dll
[2008/08/26 20:15:33 | 00,221,184 | ---- | M] (CNN) -- C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
[2007/01/12 07:55:11 | 00,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npwmsdrm.dll
[2007/03/09 16:16:44 | 00,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
[2008/09/10 11:49:14 | 05,817,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\ScorchPDFWrapper.dll
[2008/05/29 07:24:14 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2008/05/29 07:24:14 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2008/05/29 07:24:14 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2008/05/29 07:24:14 | 00,002,642 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2008/05/29 07:24:14 | 00,001,706 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/10/29 10:42:00 | 00,002,020 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\googledesktop.xml
[2009/08/20 08:14:31 | 00,002,221 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\SafeSearch.xml
[2008/05/29 07:24:14 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2008/05/29 07:24:14 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: (736 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.5.2.11\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-1161533016-824089320-3721352659-1005\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-1161533016-824089320-3721352659-1005\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1161533016-824089320-3721352659-1005\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.EXE (Dell Inc.)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe (Hagel Technologies)
O4 - HKLM..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MBMon] C:\WINDOWS\System32\CTMBHA.DLL ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-1161533016-824089320-3721352659-1005..\Run: [Creative MediaSource Go] C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-1161533016-824089320-3721352659-1005..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1161533016-824089320-3721352659-1005..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe (IGN Entertainment)
O4 - HKU\S-1-5-21-1161533016-824089320-3721352659-1005..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1161533016-824089320-3721352659-1005..\Run: [SetDefaultMIDI] C:\WINDOWS\MIDIDEF.EXE (Creative Technology Ltd)
O4 - HKU\S-1-5-21-1161533016-824089320-3721352659-1005..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-1161533016-824089320-3721352659-1005..\Run: [Windows Live Sync] C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wi-Fire Connection Manager.lnk = C:\Program Files\hField Technologies, Inc\Wi-Fire Connection Manager\Wi-Fire Connection Manager.exe (hField Technologies, Inc.)
O4 - Startup: C:\Documents and Settings\Graham Rowat\Start Menu\Programs\Startup\AutorunsDisabled [2007/11/26 18:16:09 | 00,000,000 | -H-D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1161533016-824089320-3721352659-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1161533016-824089320-3721352659-1005\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-1161533016-824089320-3721352659-1005\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1161533016-824089320-3721352659-1005\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-1161533016-824089320-3721352659-1005\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1219371888171 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logitech\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 02:43:04 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{1333cd7a-672c-11dc-aa1d-00038a000015}\Shell\AutoRun\command - "" = E:\launch.bat -- File not found
O33 - MountPoints2\{24daa806-8cf8-11de-a40c-00038a000015}\Shell\AutoRun\command - "" = E:\PortableApps\PortableAppsMenu\PortableAppsMenu.exe -- File not found
O33 - MountPoints2\{2d154082-5ad1-11db-a9bc-0016cffee0fe}\Shell\AutoRun\command - "" = G:\setupSNK.exe -- File not found
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O33 - MountPoints2\{48001674-68be-11dc-aa1f-00038a000015}\Shell\AutoRun\command - "" = E:\PortableApps\PortableAppsMenu\PortableAppsMenu.exe -- File not found
O33 - MountPoints2\{9560b81b-9852-11dc-aa30-00038a000015}\Shell\AutoRun\command - "" = E:\PortableApps\PortableAppsMenu\PortableAppsMenu.exe -- File not found
O33 - MountPoints2\{b4521041-4b96-11dd-aa74-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{b4521041-4b96-11dd-aa74-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b4521041-4b96-11dd-aa74-00038a000015}\Shell\AutoRun\command - "" = E:\WINDOWS\IronKey.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/11/04 18:26:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Graham Rowat\My Documents\Mom
[2009/11/04 12:53:32 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2009/11/04 12:32:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2009/11/04 12:23:28 | 00,000,000 | ---D | C] -- C:\_OTM
[2009/11/04 12:22:35 | 00,408,064 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Graham Rowat\Desktop\OTM.exe
[2009/11/04 12:22:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/11/04 12:21:21 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/11/03 17:44:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\LastGood.Tmp
[2009/10/28 23:30:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Graham Rowat\My Documents\Facebook
[2009/10/28 00:19:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Graham Rowat\Application Data\Malwarebytes
[2009/10/28 00:19:19 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/10/28 00:19:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/10/28 00:19:17 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/10/28 00:19:17 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/10/27 22:44:32 | 00,000,000 | ---D | C] -- C:\VundoFix Backups
[2009/10/27 16:50:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Graham Rowat\My Documents\Registry backup
[2009/10/27 16:39:52 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/10/27 16:36:32 | 00,000,000 | ---D | C] -- C:\Program Files\Norton Support
[2009/10/27 16:36:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\Symantec
[2009/10/27 01:02:26 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009/10/27 01:02:26 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/10/27 01:02:26 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/10/27 01:02:26 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/10/27 00:37:07 | 00,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2009/10/27 00:37:03 | 00,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2009/10/27 00:36:54 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2009/10/27 00:35:03 | 00,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2009/10/27 00:34:57 | 00,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2009/10/27 00:34:51 | 00,019,455 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys
[2009/10/27 00:34:24 | 00,012,063 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys
[2009/10/27 00:28:18 | 00,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiacpi.sys
[2009/10/27 00:28:11 | 00,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2009/10/27 00:28:08 | 00,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2009/10/27 00:27:56 | 00,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2009/10/27 00:27:50 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2009/10/27 00:27:46 | 00,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2009/10/27 00:27:44 | 00,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2009/10/27 00:27:44 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2009/10/27 00:27:39 | 00,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys
[2009/10/27 00:27:38 | 00,023,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys
[2009/10/27 00:27:34 | 00,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2009/10/27 00:27:29 | 00,033,599 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys
[2009/10/27 00:27:28 | 00,019,551 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys
[2009/10/27 00:27:27 | 00,029,311 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys
[2009/10/27 00:27:26 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2009/10/27 00:27:25 | 00,011,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys
[2009/10/27 00:27:24 | 00,012,127 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys
[2009/10/27 00:27:23 | 00,012,415 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys
[2009/10/27 00:27:18 | 00,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2009/10/27 00:27:14 | 00,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2009/10/27 00:27:11 | 00,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2009/10/27 00:27:10 | 00,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2009/10/27 00:27:10 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2009/10/27 00:27:09 | 00,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2009/10/27 00:27:08 | 00,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2009/10/27 00:27:04 | 00,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2009/10/27 00:27:00 | 00,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2009/10/27 00:26:55 | 00,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2009/10/27 00:26:51 | 00,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2009/10/27 00:26:47 | 00,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys
[2009/10/27 00:26:37 | 00,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2009/10/27 00:26:33 | 00,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2009/10/27 00:26:27 | 00,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2009/10/27 00:26:24 | 00,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2009/10/27 00:26:18 | 00,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2009/10/27 00:26:14 | 00,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2009/10/27 00:26:11 | 00,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2009/10/27 00:26:07 | 00,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2009/10/27 00:26:05 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2009/10/27 00:26:03 | 00,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbohci.sys
[2009/10/27 00:26:00 | 00,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2009/10/27 00:25:52 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll
[2009/10/27 00:25:49 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2009/10/27 00:25:46 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2009/10/27 00:25:42 | 00,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll
[2009/10/27 00:25:39 | 00,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2009/10/27 00:25:35 | 00,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2009/10/27 00:25:31 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2009/10/27 00:25:28 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2009/10/27 00:25:24 | 00,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2009/10/27 00:25:21 | 00,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2009/10/27 00:25:15 | 00,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys
[2009/10/27 00:25:13 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2009/10/27 00:25:06 | 00,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2009/10/27 00:25:03 | 00,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2009/10/27 00:24:59 | 00,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2009/10/27 00:24:56 | 00,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2009/10/27 00:24:52 | 00,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2009/10/27 00:24:49 | 00,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2009/10/27 00:24:44 | 00,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys
[2009/10/27 00:24:41 | 00,042,496 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll
[2009/10/27 00:24:40 | 00,082,944 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4mon.exe
[2009/10/27 00:24:36 | 00,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll
[2009/10/27 00:24:31 | 00,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys
[2009/10/27 00:24:27 | 00,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys
[2009/10/27 00:24:23 | 00,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys
[2009/10/27 00:24:17 | 00,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2009/10/27 00:24:14 | 00,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2009/10/27 00:24:11 | 00,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2009/10/27 00:24:07 | 00,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2009/10/27 00:24:06 | 00,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2009/10/27 00:24:03 | 00,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2009/10/27 00:24:00 | 00,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2009/10/27 00:23:57 | 00,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2009/10/27 00:23:56 | 00,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2009/10/27 00:23:55 | 00,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2009/10/27 00:23:49 | 00,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys
[2009/10/27 00:23:43 | 00,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2009/10/27 00:23:40 | 00,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2009/10/27 00:23:37 | 00,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2009/10/27 00:23:26 | 00,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2009/10/27 00:23:23 | 00,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2009/10/27 00:23:20 | 00,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2009/10/27 00:23:16 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2009/10/27 00:23:13 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2009/10/27 00:23:09 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2009/10/27 00:23:06 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2009/10/27 00:23:01 | 00,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2009/10/27 00:22:58 | 00,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2009/10/27 00:22:54 | 00,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2009/10/27 00:22:50 | 00,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2009/10/27 00:22:49 | 00,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2009/10/27 00:22:42 | 00,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2009/10/27 00:22:38 | 00,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2009/10/27 00:22:38 | 00,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2009/10/27 00:22:31 | 00,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2009/10/27 00:22:24 | 00,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2009/10/27 00:22:21 | 00,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2009/10/27 00:22:16 | 00,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2009/10/27 00:22:13 | 00,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys
[2009/10/27 00:22:10 | 00,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll
[2009/10/27 00:22:07 | 00,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys
[2009/10/27 00:22:04 | 00,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2009/10/27 00:22:03 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys
[2009/10/27 00:22:02 | 00,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2009/10/27 00:21:58 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2009/10/27 00:21:58 | 00,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2009/10/27 00:21:57 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2009/10/27 00:21:54 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2009/10/27 00:21:53 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2009/10/27 00:21:50 | 00,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2009/10/27 00:21:50 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2009/10/27 00:21:49 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2009/10/27 00:21:46 | 00,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2009/10/27 00:21:43 | 00,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2009/10/27 00:21:40 | 00,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2009/10/27 00:21:37 | 00,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2009/10/27 00:21:34 | 00,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys
[2009/10/27 00:21:33 | 00,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys
[2009/10/27 00:21:32 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2009/10/27 00:21:32 | 00,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys
[2009/10/27 00:21:29 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll
[2009/10/27 00:21:26 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll
[2009/10/27 00:21:25 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2009/10/27 00:21:22 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2009/10/27 00:21:22 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll
[2009/10/27 00:21:22 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2009/10/27 00:21:21 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2009/10/27 00:21:18 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2009/10/27 00:21:18 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll
[2009/10/27 00:21:18 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2009/10/27 00:21:18 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2009/10/27 00:21:17 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2009/10/27 00:21:17 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2009/10/27 00:21:17 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2009/10/27 00:21:17 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2009/10/27 00:21:17 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2009/10/27 00:21:12 | 00,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2009/10/27 00:21:09 | 00,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2009/10/27 00:21:06 | 00,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2009/10/27 00:21:03 | 00,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll
[2009/10/27 00:21:00 | 00,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys
[2009/10/27 00:20:59 | 00,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2009/10/27 00:20:56 | 00,238,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrv.dll
[2009/10/27 00:20:52 | 00,104,064 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrp.sys
[2009/10/27 00:20:49 | 00,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll
[2009/10/27 00:20:46 | 00,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys
[2009/10/27 00:20:43 | 00,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll
[2009/10/27 00:20:40 | 00,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys
[2009/10/27 00:20:39 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2009/10/27 00:20:28 | 00,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2009/10/27 00:20:26 | 00,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2009/10/27 00:20:23 | 00,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2009/10/27 00:20:20 | 00,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2009/10/27 00:20:16 | 00,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys
[2009/10/27 00:20:09 | 00,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2009/10/27 00:20:06 | 00,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys
[2009/10/27 00:20:05 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2009/10/27 00:20:00 | 00,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys
[2009/10/27 00:19:58 | 00,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys
[2009/10/27 00:19:55 | 00,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys
[2009/10/27 00:19:54 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2009/10/27 00:19:50 | 00,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2009/10/27 00:19:47 | 00,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys
[2009/10/27 00:19:43 | 00,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2009/10/27 00:19:40 | 00,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2009/10/27 00:19:38 | 00,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys
[2009/10/27 00:19:35 | 00,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll
[2009/10/27 00:19:29 | 00,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys
[2009/10/27 00:19:26 | 00,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll
[2009/10/27 00:19:23 | 00,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2009/10/27 00:19:20 | 00,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2009/10/27 00:19:17 | 00,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2009/10/27 00:19:14 | 00,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2009/10/27 00:19:11 | 00,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2009/10/27 00:19:08 | 00,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2009/10/27 00:19:05 | 00,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2009/10/27 00:19:02 | 00,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2009/10/27 00:18:59 | 00,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2009/10/27 00:18:56 | 00,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2009/10/27 00:18:51 | 00,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2009/10/27 00:18:48 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2009/10/27 00:18:48 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2009/10/27 00:18:48 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2009/10/27 00:18:47 | 00,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2009/10/27 00:18:46 | 00,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2009/10/27 00:18:42 | 00,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8139.sys
[2009/10/27 00:18:40 | 00,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2009/10/27 00:18:37 | 00,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys
[2009/10/27 00:18:30 | 00,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2009/10/27 00:18:26 | 00,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys
[2009/10/27 00:18:21 | 00,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2009/10/27 00:18:17 | 00,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2009/10/27 00:18:13 | 00,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2009/10/27 00:18:10 | 00,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2009/10/27 00:18:10 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2009/10/27 00:17:58 | 00,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys
[2009/10/27 00:17:52 | 00,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2009/10/27 00:17:49 | 00,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2009/10/27 00:17:45 | 00,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2009/10/27 00:17:42 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2009/10/27 00:17:42 | 00,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[2009/10/27 00:17:41 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2009/10/27 00:17:36 | 00,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys
[2009/10/27 00:17:30 | 00,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2009/10/27 00:17:27 | 00,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2009/10/27 00:17:24 | 00,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2009/10/27 00:17:23 | 00,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll
[2009/10/27 00:17:20 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll
[2009/10/27 00:17:16 | 00,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll
[2009/10/27 00:17:12 | 00,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2009/10/27 00:17:05 | 00,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys
[2009/10/27 00:17:02 | 00,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys
[2009/10/27 00:17:01 | 00,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys
[2009/10/27 00:16:56 | 00,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2009/10/27 00:16:56 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys
[2009/10/27 00:16:55 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2009/10/27 00:16:55 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2009/10/27 00:16:48 | 00,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll
[2009/10/27 00:16:45 | 00,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys
[2009/10/27 00:16:42 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys
[2009/10/27 00:16:39 | 00,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys
[2009/10/27 00:16:36 | 00,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys
[2009/10/27 00:16:33 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll
[2009/10/27 00:16:30 | 00,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax
[2009/10/27 00:16:30 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2009/10/27 00:16:29 | 00,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll
[2009/10/27 00:16:28 | 00,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll
[2009/10/27 00:16:28 | 00,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys
[2009/10/27 00:16:27 | 00,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys
[2009/10/27 00:16:23 | 00,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2009/10/27 00:16:20 | 00,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2009/10/27 00:16:17 | 00,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys
[2009/10/27 00:16:14 | 00,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys
[2009/10/27 00:16:11 | 00,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[2009/10/27 00:16:08 | 00,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2009/10/27 00:16:07 | 00,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2009/10/27 00:16:04 | 00,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2009/10/27 00:16:01 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2009/10/27 00:16:00 | 00,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2009/10/27 00:16:00 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2009/10/27 00:15:55 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll
[2009/10/27 00:15:53 | 00,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll
[2009/10/27 00:15:50 | 00,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys
[2009/10/27 00:15:47 | 00,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe
[2009/10/27 00:15:44 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll
[2009/10/27 00:15:41 | 00,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys
[2009/10/27 00:15:38 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll
[2009/10/27 00:15:35 | 00,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys
[2009/10/27 00:15:32 | 00,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys
[2009/10/27 00:15:30 | 00,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys
[2009/10/27 00:15:27 | 00,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys
[2009/10/27 00:15:22 | 00,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2009/10/27 00:15:19 | 00,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2009/10/27 00:15:16 | 00,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2009/10/27 00:15:13 | 00,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2009/10/27 00:14:42 | 00,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys
[2009/10/27 00:14:40 | 00,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll
[2009/10/27 00:14:29 | 00,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2009/10/27 00:14:29 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2009/10/27 00:14:24 | 00,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys
[2009/10/27 00:14:21 | 00,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys
[2009/10/27 00:14:20 | 00,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys
[2009/10/27 00:13:31 | 00,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2009/10/27 00:13:28 | 00,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2009/10/27 00:13:24 | 00,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2009/10/27 00:13:23 | 00,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2009/10/27 00:13:23 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2009/10/27 00:13:16 | 00,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys
[2009/10/27 00:13:11 | 00,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2009/10/27 00:13:08 | 00,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2009/10/27 00:13:05 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys
[2009/10/27 00:12:57 | 00,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2009/10/27 00:12:55 | 00,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2009/10/27 00:12:52 | 00,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2009/10/27 00:12:49 | 00,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2009/10/27 00:12:46 | 00,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2009/10/27 00:12:44 | 00,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2009/10/27 00:12:41 | 00,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys
[2009/10/27 00:12:38 | 00,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys
[2009/10/27 00:12:35 | 00,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2009/10/27 00:12:32 | 00,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2009/10/27 00:12:30 | 00,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2009/10/27 00:12:27 | 00,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2009/10/27 00:12:24 | 00,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2009/10/27 00:12:24 | 00,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2009/10/27 00:12:21 | 00,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2009/10/27 00:12:04 | 00,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2009/10/27 00:12:04 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2009/10/27 00:11:57 | 00,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys
[2009/10/27 00:11:44 | 00,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmpu401.sys
[2009/10/27 00:11:42 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys
[2009/10/27 00:11:41 | 01,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2009/10/27 00:11:41 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2009/10/27 00:11:29 | 00,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys
[2009/10/27 00:11:26 | 00,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys
[2009/10/27 00:11:05 | 00,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2009/10/27 00:10:59 | 00,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys
[2009/10/27 00:10:50 | 00,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys
[2009/10/27 00:10:48 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migisol.exe
[2009/10/27 00:10:44 | 00,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys
[2009/10/27 00:10:41 | 00,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll
[2009/10/27 00:10:41 | 00,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2009/10/27 00:10:41 | 00,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2009/10/27 00:10:39 | 00,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys
[2009/10/27 00:10:37 | 00,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll
[2009/10/27 00:10:34 | 00,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys
[2009/10/27 00:10:33 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2009/10/27 00:10:30 | 00,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2009/10/27 00:10:23 | 00,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys
[2009/10/27 00:10:22 | 00,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2009/10/27 00:10:19 | 00,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys
[2009/10/27 00:10:16 | 00,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll
[2009/10/27 00:10:14 | 00,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll
[2009/10/27 00:10:11 | 00,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys
[2009/10/27 00:10:10 | 00,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys
[2009/10/27 00:10:07 | 00,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2009/10/27 00:10:04 | 00,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2009/10/27 00:10:04 | 00,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys
[2009/10/27 00:10:03 | 00,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2009/10/27 00:10:01 | 00,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2009/10/27 00:10:00 | 00,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2009/10/27 00:09:58 | 00,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2009/10/27 00:09:53 | 00,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys
[2009/10/27 00:09:52 | 00,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2009/10/27 00:09:46 | 00,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2009/10/27 00:09:44 | 00,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2009/10/27 00:09:41 | 00,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2009/10/27 00:09:38 | 00,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2009/10/27 00:09:36 | 00,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2009/10/27 00:09:32 | 00,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2009/10/27 00:09:29 | 00,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2009/10/27 00:09:24 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2009/10/27 00:09:24 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2009/10/27 00:09:21 | 00,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll
[2009/10/27 00:09:20 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll
[2009/10/27 00:09:19 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2009/10/27 00:09:12 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2009/10/27 00:09:12 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2009/10/27 00:09:12 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2009/10/27 00:09:06 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2009/10/27 00:09:03 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2009/10/27 00:08:48 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2009/10/27 00:08:46 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2009/10/27 00:08:42 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2009/10/27 00:08:40 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2009/10/27 00:08:40 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2009/10/27 00:08:39 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2009/10/27 00:08:38 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2009/10/27 00:08:36 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2009/10/27 00:08:33 | 00,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys
[2009/10/27 00:08:31 | 00,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2009/10/27 00:08:28 | 00,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2009/10/27 00:08:27 | 00,088,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys
[2009/10/27 00:08:17 | 00,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2009/10/27 00:08:14 | 00,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll
[2009/10/27 00:08:12 | 00,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys
[2009/10/27 00:08:08 | 00,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys
[2009/10/27 00:08:07 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2009/10/27 00:08:02 | 00,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2009/10/27 00:08:01 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2009/10/27 00:08:00 | 00,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2009/10/27 00:07:59 | 00,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2009/10/27 00:07:57 | 00,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2009/10/27 00:07:57 | 00,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2009/10/27 00:07:57 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2009/10/27 00:07:54 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2009/10/27 00:07:54 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2009/10/27 00:07:54 | 00,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2009/10/27 00:07:53 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2009/10/27 00:07:41 | 00,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2009/10/27 00:07:38 | 00,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys
[2009/10/27 00:07:35 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll
[2009/10/27 00:07:33 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll
[2009/10/27 00:07:31 | 00,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2009/10/27 00:07:28 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2009/10/27 00:07:26 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2009/10/27 00:07:24 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2009/10/27 00:07:21 | 00,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2009/10/27 00:07:19 | 00,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2009/10/27 00:07:16 | 00,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys
[2009/10/27 00:07:14 | 00,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys
[2009/10/27 00:07:12 | 00,009,216 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[2009/10/27 00:07:09 | 00,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys
[2009/10/27 00:07:05 | 00,161,020 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys
[2009/10/27 00:07:04 | 00,702,845 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll
[2009/10/27 00:07:02 | 00,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys
[2009/10/27 00:06:59 | 00,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll
[2009/10/27 00:06:58 | 10,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2009/10/27 00:06:54 | 10,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2009/10/27 00:06:49 | 00,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys
[2009/10/27 00:06:47 | 00,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys
[2009/10/27 00:06:44 | 00,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys
[2009/10/27 00:06:42 | 00,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys
[2009/10/27 00:06:40 | 00,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys
[2009/10/27 00:06:37 | 00,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys
[2009/10/27 00:06:35 | 00,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys
[2009/10/27 00:06:32 | 00,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll
[2009/10/27 00:06:30 | 00,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys
[2009/10/27 00:06:28 | 00,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys
[2009/10/27 00:06:26 | 00,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys
[2009/10/27 00:06:23 | 00,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys
[2009/10/27 00:06:21 | 00,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys
[2009/10/27 00:06:18 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2009/10/27 00:06:15 | 00,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2009/10/27 00:06:13 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2009/10/27 00:06:11 | 00,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2009/10/27 00:06:09 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2009/10/27 00:06:06 | 00,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2009/10/27 00:06:02 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2009/10/27 00:05:58 | 00,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2009/10/27 00:05:53 | 00,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2009/10/27 00:05:48 | 00,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2009/10/27 00:05:44 | 00,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2009/10/27 00:05:40 | 00,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2009/10/27 00:05:37 | 00,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2009/10/27 00:05:36 | 00,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2009/10/27 00:05:31 | 00,907,456 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys
[2009/10/27 00:05:30 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2009/10/27 00:05:29 | 00,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2009/10/27 00:05:26 | 00,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2009/10/27 00:05:22 | 00,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2009/10/27 00:05:18 | 00,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys
[2009/10/27 00:05:18 | 00,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2009/10/27 00:05:15 | 00,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys
[2009/10/27 00:05:13 | 01,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll
[2009/10/27 00:05:11 | 00,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys
[2009/10/27 00:05:09 | 00,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll
[2009/10/27 00:05:07 | 00,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2009/10/27 00:05:00 | 00,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2009/10/27 00:04:58 | 00,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2009/10/27 00:04:56 | 00,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2009/10/27 00:04:54 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2009/10/27 00:04:53 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2009/10/27 00:04:49 | 00,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2009/10/27 00:04:46 | 00,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2009/10/27 00:04:45 | 00,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2009/10/27 00:04:43 | 00,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2009/10/27 00:04:40 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2009/10/27 00:04:39 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2009/10/27 00:04:35 | 00,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2009/10/27 00:04:30 | 00,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys
[2009/10/27 00:04:28 | 00,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2009/10/27 00:04:25 | 00,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2009/10/27 00:04:24 | 00,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys
[2009/10/27 00:04:22 | 00,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2009/10/27 00:04:20 | 00,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2009/10/27 00:04:14 | 00,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2009/10/27 00:04:13 | 00,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys
[2009/10/27 00:04:04 | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2009/10/27 00:04:04 | 00,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2009/10/27 00:04:02 | 00,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2009/10/27 00:04:00 | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2009/10/27 00:04:00 | 00,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2009/10/27 00:03:58 | 00,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2009/10/27 00:03:53 | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2009/10/27 00:03:51 | 00,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys
[2009/10/27 00:03:51 | 00,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2009/10/27 00:03:49 | 00,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2009/10/27 00:03:36 | 00,347,550 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2009/10/27 00:03:34 | 00,594,238 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys
[2009/10/27 00:03:32 | 00,595,647 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2009/10/27 00:03:30 | 00,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2009/10/27 00:03:28 | 00,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2009/10/27 00:03:26 | 00,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2009/10/27 00:03:24 | 00,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2009/10/27 00:03:22 | 00,061,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2009/10/27 00:03:06 | 00,051,200 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2009/10/27 00:03:04 | 00,053,248 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2009/10/27 00:03:02 | 00,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2009/10/27 00:02:55 | 00,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2009/10/27 00:02:53 | 00,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2009/10/27 00:02:51 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2009/10/27 00:02:50 | 00,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys
[2009/10/27 00:02:45 | 00,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2009/10/27 00:02:44 | 00,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2009/10/27 00:02:43 | 00,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2009/10/27 00:02:42 | 00,171,520 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2009/10/27 00:02:40 | 00,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2009/10/27 00:02:39 | 00,455,199 | ---- | C] (3Com Corporation.) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2009/10/27 00:02:38 | 00,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2009/10/27 00:02:36 | 00,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2009/10/27 00:02:35 | 00,241,206 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2009/10/27 00:02:34 | 00,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2009/10/27 00:02:33 | 00,634,134 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2009/10/27 00:02:31 | 00,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2009/10/27 00:02:20 | 00,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2009/10/27 00:02:19 | 00,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2009/10/27 00:02:17 | 00,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2009/10/27 00:02:16 | 00,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2009/10/27 00:02:15 | 00,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2009/10/27 00:02:14 | 00,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2009/10/27 00:02:11 | 00,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2009/10/27 00:02:06 | 00,050,719 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2009/10/27 00:01:47 | 00,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2009/10/27 00:01:40 | 00,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2009/10/27 00:01:38 | 00,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2009/10/27 00:01:29 | 00,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2009/10/27 00:01:28 | 00,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2009/10/27 00:01:27 | 00,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2009/10/27 00:01:25 | 00,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2009/10/27 00:01:21 | 00,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2009/10/27 00:01:20 | 00,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2009/10/27 00:01:19 | 00,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2009/10/27 00:01:18 | 00,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2009/10/27 00:00:59 | 00,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2009/10/27 00:00:58 | 00,614,429 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2009/10/27 00:00:57 | 00,042,432 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2009/10/27 00:00:56 | 00,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2009/10/27 00:00:55 | 00,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2009/10/27 00:00:53 | 00,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2009/10/27 00:00:52 | 00,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2009/10/27 00:00:51 | 00,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2009/10/27 00:00:50 | 00,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2009/10/27 00:00:49 | 00,090,525 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2009/10/27 00:00:47 | 00,103,044 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2009/10/27 00:00:46 | 00,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2009/10/27 00:00:45 | 00,037,735 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2009/10/27 00:00:44 | 00,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2009/10/27 00:00:39 | 00,419,357 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2009/10/27 00:00:38 | 00,029,531 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2009/10/27 00:00:36 | 00,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2009/10/27 00:00:35 | 00,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2009/10/27 00:00:34 | 00,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe
[2009/10/27 00:00:33 | 00,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll
[2009/10/27 00:00:31 | 00,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2009/10/27 00:00:30 | 00,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2009/10/27 00:00:28 | 00,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2009/10/27 00:00:26 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2009/10/27 00:00:25 | 00,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2009/10/27 00:00:24 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2009/10/27 00:00:23 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2009/10/27 00:00:16 | 00,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2009/10/27 00:00:15 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2009/10/27 00:00:14 | 00,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2009/10/27 00:00:13 | 00,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2009/10/27 00:00:12 | 00,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2009/10/27 00:00:11 | 00,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2009/10/27 00:00:10 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2009/10/27 00:00:09 | 00,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2009/10/27 00:00:08 | 00,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2009/10/27 00:00:07 | 00,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2009/10/27 00:00:06 | 00,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2009/10/27 00:00:05 | 00,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2009/10/27 00:00:04 | 00,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2009/10/27 00:00:02 | 00,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2009/10/27 00:00:01 | 00,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2009/10/27 00:00:00 | 00,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2009/10/26 23:59:59 | 00,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll
[2009/10/26 23:59:58 | 00,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2009/10/26 23:59:57 | 00,096,256 | ---- | C] (Copyright © Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2009/10/26 23:59:56 | 00,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2009/10/26 23:59:55 | 00,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys
[2009/10/26 23:59:52 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll
[2009/10/26 23:59:50 | 00,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2009/10/26 23:59:49 | 00,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2009/10/26 23:59:49 | 00,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2009/10/26 23:59:48 | 00,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2009/10/26 23:59:47 | 00,021,533 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2009/10/26 23:59:45 | 00,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2009/10/26 23:59:44 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2009/10/26 23:59:43 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2009/10/26 23:59:36 | 00,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2009/10/26 23:59:35 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2009/10/26 23:59:30 | 00,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2009/10/26 23:59:28 | 00,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2009/10/26 23:59:27 | 00,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2009/10/26 23:59:26 | 00,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2009/10/26 23:59:26 | 00,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2009/10/26 23:59:24 | 00,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2009/10/26 23:59:22 | 00,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2009/10/26 23:59:21 | 00,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2009/10/26 23:59:19 | 01,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2009/10/26 23:59:19 | 00,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2009/10/26 23:59:17 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2009/10/26 23:59:16 | 00,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2009/10/26 23:59:16 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2009/10/26 23:59:15 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2009/10/26 23:59:15 | 00,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2009/10/26 23:59:12 | 00,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2009/10/26 23:59:11 | 00,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2009/10/26 23:59:11 | 00,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2009/10/26 23:59:10 | 00,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2009/10/26 23:59:10 | 00,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2009/10/26 23:59:06 | 00,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2009/10/26 23:59:05 | 00,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2009/10/26 23:59:04 | 00,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2009/10/26 23:59:03 | 00,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2009/10/26 23:59:01 | 00,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2009/10/26 23:59:00 | 00,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2009/10/26 23:58:59 | 00,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2009/10/26 23:58:59 | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2009/10/26 23:58:58 | 00,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2009/10/26 23:58:57 | 00,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2009/10/26 23:58:57 | 00,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2009/10/26 23:58:56 | 00,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2009/10/26 23:58:55 | 00,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2009/10/26 23:58:55 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2009/10/26 23:58:54 | 00,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2009/10/26 23:58:54 | 00,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2009/10/26 23:58:52 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2009/10/26 23:58:51 | 00,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2009/10/26 23:58:24 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2009/10/26 23:58:22 | 00,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2009/10/26 23:58:21 | 00,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2009/10/26 23:58:20 | 00,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2009/10/26 23:58:20 | 00,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2009/10/26 23:58:19 | 00,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2009/10/26 23:58:19 | 00,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2009/10/26 23:58:18 | 00,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2009/10/26 23:58:17 | 00,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2009/10/26 23:58:15 | 00,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2009/10/26 23:58:14 | 00,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2009/10/26 23:58:14 | 00,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2009/10/26 23:58:13 | 00,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2009/10/26 23:58:12 | 00,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2009/10/26 23:58:12 | 00,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2009/10/26 23:58:11 | 00,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2009/10/26 23:58:10 | 00,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2009/10/26 23:58:10 | 00,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2009/10/26 23:58:09 | 00,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2009/10/26 23:58:09 | 00,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2009/10/26 23:58:08 | 00,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2009/10/26 23:58:05 | 00,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2009/10/26 23:58:04 | 00,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2009/10/26 23:58:04 | 00,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2009/10/26 23:58:03 | 00,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2009/10/26 23:58:02 | 00,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys
[2009/10/26 23:58:02 | 00,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2009/10/26 23:58:01 | 00,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys
[2009/10/26 23:57:59 | 00,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2009/10/26 23:57:59 | 00,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2009/10/26 23:57:58 | 00,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2009/10/26 23:57:58 | 00,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2009/10/26 23:57:56 | 00,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2009/10/26 23:57:55 | 00,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2009/10/26 23:57:55 | 00,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2009/10/26 23:57:52 | 00,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2009/10/26 23:57:51 | 00,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2009/10/26 23:57:50 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2009/10/26 23:57:39 | 00,070,528 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys
[2009/10/26 23:57:38 | 00,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll
[2009/10/26 23:57:36 | 00,281,600 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys
[2009/10/26 23:57:35 | 00,075,136 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys
[2009/10/26 23:57:34 | 00,289,664 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys
[2009/10/26 23:57:34 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2009/10/26 23:57:33 | 00,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll
[2009/10/26 23:57:33 | 00,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll
[2009/10/26 23:57:32 | 00,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll
[2009/10/26 23:57:28 | 00,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2009/10/26 23:57:28 | 00,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2009/10/26 23:57:26 | 00,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2009/10/26 23:57:26 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2009/10/26 23:57:25 | 00,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2009/10/26 23:57:22 | 00,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2009/10/26 23:57:20 | 00,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2009/10/26 23:57:19 | 00,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2009/10/26 23:57:18 | 00,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2009/10/26 23:57:17 | 00,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys
[2009/10/26 23:57:17 | 00,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys
[2009/10/26 23:57:07 | 00,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2009/10/26 23:57:02 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2009/10/26 23:57:01 | 00,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2009/10/26 23:57:01 | 00,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2009/10/26 23:57:00 | 00,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2009/10/26 23:57:00 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2009/10/26 23:56:59 | 00,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2009/10/26 23:56:58 | 00,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2009/10/26 23:56:58 | 00,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2009/10/26 23:56:58 | 00,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2009/10/26 23:56:57 | 00,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2009/10/26 23:56:55 | 00,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2009/10/26 23:56:54 | 00,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2009/10/26 23:56:54 | 00,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2009/10/26 23:56:53 | 00,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2009/10/26 23:56:52 | 00,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2009/10/26 23:56:52 | 00,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2009/10/26 23:56:51 | 00,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2009/10/26 23:56:50 | 00,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2009/10/26 23:56:50 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2009/10/26 23:56:49 | 00,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2009/10/26 23:56:49 | 00,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2009/10/26 23:56:49 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2009/10/26 17:27:42 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2009/10/26 17:27:27 | 00,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2009/10/26 17:27:08 | 00,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2009/10/26 17:27:08 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2009/10/26 17:27:07 | 00,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2009/10/26 17:27:06 | 00,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2009/10/26 17:27:06 | 00,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2009/10/26 17:27:05 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2009/10/26 17:26:52 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2009/10/25 22:39:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Graham Rowat\My Documents\Games
[2009/10/22 10:14:10 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Graham Rowat\IECompatCache
[2009/10/16 20:03:09 | 00,090,112 | RHS- | C] (-) -- C:\WINDOWS\System32\TTADSSplitter.ax
[2009/10/16 20:03:09 | 00,090,112 | RHS- | C] (-) -- C:\WINDOWS\System32\TTADSDecoder.ax
[2009/10/16 20:03:08 | 00,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\WINDOWS\System32\nbDX.dll
[2009/10/16 20:03:08 | 00,169,472 | RHS- | C] (Gabest) -- C:\WINDOWS\System32\MatroskaDX.ax
[2009/10/16 20:03:08 | 00,163,328 | RHS- | C] (Gabest) -- C:\WINDOWS\System32\flvDX.dll
[2009/10/16 20:03:08 | 00,161,792 | RHS- | C] (Gabest) -- C:\WINDOWS\System32\RealMediaDX.ax
[2009/10/16 20:03:08 | 00,123,904 | RHS- | C] (CoreCodec) -- C:\WINDOWS\System32\AVCDX.ax
[2009/10/16 20:03:08 | 00,031,232 | RHS- | C] (Hans Mayerl) -- C:\WINDOWS\System32\msfDX.dll
[2009/10/16 19:54:31 | 00,000,000 | ---D | C] -- C:\Program Files\Witcobber
[2009/10/16 19:49:59 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2009/10/14 08:35:58 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Graham Rowat\My Documents\Adobe
[2009/10/14 07:54:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Graham Rowat\My Documents\Updater5
[2009/10/14 07:42:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2009/10/13 22:46:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Control Panels
[2009/10/13 22:43:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ALM
[2009/10/13 22:34:39 | 00,190,696 | ---- | C] (Adobe Systems, Inc.) -- C:\WINDOWS\System32\NPSWF32_FlashUtil.exe
[2009/10/13 21:56:23 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2009/10/08 19:14:17 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Graham Rowat\Application Data\ImgBurn
[2009/10/08 19:03:09 | 00,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2009/10/07 22:54:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Graham Rowat\Desktop\AdobeCS3
[2009/10/07 20:01:04 | 00,000,000 | ---D | C] -- C:\Program Files\WinZip
[34 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/11/05 12:19:02 | 00,001,006 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1161533016-824089320-3721352659-1005UA.job
[2009/11/05 11:45:13 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/11/05 11:44:55 | 00,160,835 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2009/11/05 11:44:36 | 00,196,974 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/11/05 11:44:30 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/11/05 11:44:28 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/11/05 11:44:10 | 32,196,11648 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/05 11:43:57 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2009/11/05 11:43:52 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2009/11/05 11:41:28 | 06,553,600 | ---- | M] () -- C:\Documents and Settings\Graham Rowat\ntuser.dat
[2009/11/05 11:33:58 | 00,000,588 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2009/11/05 11:33:58 | 00,000,588 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2009/11/05 00:10:30 | 00,040,960 | ---- | M] () -- C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/05 00:10:30 | 00,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/11/04 23:23:19 | 00,160,835 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2009/11/04 12:22:37 | 00,408,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Graham Rowat\Desktop\OTM.exe
[2009/11/04 12:21:22 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Graham Rowat\Desktop\ERUNT.lnk
[2009/11/03 22:14:30 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/11/03 17:45:52 | 00,528,020 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/11/03 17:45:52 | 00,445,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/11/03 17:45:52 | 00,072,978 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/11/03 16:19:03 | 00,000,954 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1161533016-824089320-3721352659-1005Core.job
[2009/11/03 11:31:48 | 00,291,328 | ---- | M] () -- C:\Documents and Settings\Graham Rowat\Desktop\5i0wg1vt.exe
[2009/10/31 16:43:39 | 00,000,943 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Desktop.lnk
[2009/10/31 16:38:10 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Graham Rowat\ntuser.ini
[2009/10/28 00:45:49 | 03,294,230 | -H-- | M] () -- C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\IconCache.db
[2009/10/28 00:19:24 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/27 16:39:53 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Graham Rowat\Desktop\CCleaner.lnk
[2009/10/27 01:01:58 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2009/10/27 01:01:58 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2009/10/27 01:01:58 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2009/10/27 01:01:58 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2009/10/27 01:01:57 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2009/10/25 22:39:05 | 00,001,744 | -H-- | M] () -- C:\WINDOWS\System32\gavopiya
[2009/10/25 22:24:36 | 00,196,664 | ---- | M] () -- C:\Documents and Settings\Graham Rowat\My Documents\zombie-cat.bmp
[2009/10/25 22:16:18 | 00,030,684 | ---- | M] () -- C:\Documents and Settings\Graham Rowat\My Documents\zombie-cat.jpg
[2009/10/22 02:19:04 | 05,939,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll
[2009/10/22 02:19:04 | 05,939,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2009/10/21 20:32:05 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/10/20 16:22:03 | 00,093,304 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/10/16 22:28:38 | 00,018,334 | ---- | M] () -- C:\Documents and Settings\Graham Rowat\Desktop\zoom.gif
[2009/10/16 20:03:12 | 00,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPER © Uninstall.lnk
[2009/10/16 20:03:11 | 00,001,665 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPER ©.lnk
[2009/10/16 19:54:32 | 00,000,821 | ---- | M] () -- C:\Documents and Settings\Graham Rowat\Desktop\Super Video Converter.lnk
[2009/10/15 19:32:45 | 00,000,800 | ---- | M] () -- C:\WINDOWS\win.ini
[2009/10/15 19:32:45 | 00,000,246 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/10/15 19:32:45 | 00,000,209 | -HS- | M] () -- C:\boot.ini
[2009/10/15 08:45:10 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/10/14 07:53:46 | 00,132,160 | ---- | M] () -- C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/10/14 07:38:49 | 01,700,496 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/14 00:03:50 | 00,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Acrobat 8 Professional.lnk
[2009/10/13 20:17:36 | 00,002,337 | ---- | M] () -- C:\Documents and Settings\Graham Rowat\Desktop\Google Chrome.lnk
[2009/10/12 19:32:23 | 00,196,664 | ---- | M] () -- C:\Documents and Settings\Graham Rowat\My Documents\sarah-palin-zombie.bmp
[2009/10/12 19:31:34 | 00,037,111 | ---- | M] () -- C:\Documents and Settings\Graham Rowat\My Documents\sarah-palin-zombie.jpg
[2009/10/12 19:27:20 | 00,023,032 | ---- | M] () -- C:\Documents and Settings\Graham Rowat\My Documents\Shat Rifle.jpg
[2009/10/08 19:03:16 | 00,001,528 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ImgBurn.lnk
[2009/10/07 20:01:25 | 00,000,736 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\WinZip.lnk
[34 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/11/04 12:21:22 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Graham Rowat\Desktop\ERUNT.lnk
[2009/11/03 11:31:47 | 00,291,328 | ---- | C] () -- C:\Documents and Settings\Graham Rowat\Desktop\5i0wg1vt.exe
[2009/10/31 16:40:40 | 32,196,11648 | -HS- | C] () -- C:\hiberfil.sys
[2009/10/30 03:43:50 | 06,553,600 | ---- | C] () -- C:\Documents and Settings\Graham Rowat\ntuser.dat
[2009/10/29 10:41:04 | 00,000,943 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Desktop.lnk
[2009/10/28 00:19:24 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/27 16:39:53 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Graham Rowat\Desktop\CCleaner.lnk
[2009/10/27 00:37:02 | 00,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2009/10/27 00:36:58 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2009/10/27 00:35:02 | 00,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2009/10/27 00:17:06 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2009/10/27 00:17:06 | 00,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2009/10/27 00:09:28 | 00,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2009/10/27 00:09:24 | 01,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2009/10/27 00:07:56 | 00,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2009/10/27 00:06:04 | 00,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2009/10/27 00:06:00 | 00,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2009/10/27 00:05:55 | 00,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2009/10/27 00:05:51 | 00,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2009/10/27 00:05:46 | 00,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2009/10/27 00:05:30 | 00,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2009/10/27 00:01:24 | 00,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2009/10/27 00:01:23 | 00,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2009/10/27 00:01:22 | 00,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2009/10/26 23:58:50 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2009/10/26 23:58:49 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2009/10/26 23:58:48 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2009/10/26 23:58:48 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2009/10/26 23:58:46 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2009/10/26 23:58:46 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2009/10/26 23:58:44 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2009/10/26 23:58:43 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2009/10/26 23:58:42 | 00,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2009/10/26 23:58:42 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2009/10/26 23:58:42 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2009/10/26 23:58:42 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2009/10/26 23:58:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2009/10/26 23:58:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2009/10/26 23:58:41 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2009/10/26 23:58:40 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2009/10/26 23:58:40 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2009/10/26 23:58:40 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2009/10/26 23:58:40 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2009/10/26 23:58:39 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2009/10/26 23:58:39 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2009/10/26 23:58:39 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2009/10/26 23:58:39 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2009/10/26 23:58:38 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2009/10/26 23:58:38 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2009/10/26 23:58:38 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2009/10/26 23:58:38 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2009/10/26 23:58:38 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2009/10/26 23:58:37 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2009/10/26 23:58:37 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2009/10/26 23:58:36 | 00,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2009/10/26 23:58:36 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2009/10/26 23:58:36 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2009/10/26 23:58:36 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2009/10/26 23:58:35 | 00,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2009/10/26 23:58:35 | 00,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2009/10/26 23:58:35 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2009/10/26 23:58:35 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2009/10/26 23:58:34 | 00,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2009/10/26 23:58:34 | 00,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2009/10/26 23:58:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2009/10/26 23:58:32 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2009/10/26 23:58:31 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2009/10/26 23:58:31 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2009/10/26 23:58:31 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2009/10/26 23:58:31 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2009/10/26 23:58:30 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2009/10/26 23:58:30 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2009/10/26 23:58:30 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2009/10/26 23:58:30 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2009/10/26 23:58:29 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2009/10/26 23:58:28 | 00,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2009/10/26 23:58:28 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2009/10/26 23:58:27 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2009/10/26 23:58:27 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2009/10/26 23:58:26 | 00,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2009/10/26 23:58:26 | 00,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2009/10/26 23:58:25 | 00,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2009/10/26 23:58:08 | 00,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2009/10/26 23:58:05 | 00,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2009/10/26 23:57:43 | 00,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2009/10/26 23:57:43 | 00,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2009/10/26 23:57:42 | 00,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2009/10/26 23:57:41 | 00,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2009/10/26 23:57:41 | 00,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2009/10/26 23:57:40 | 00,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2009/10/26 23:57:40 | 00,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2009/10/26 23:57:39 | 00,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2009/10/26 23:57:38 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2009/10/26 23:57:32 | 00,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2009/10/25 22:24:34 | 00,196,664 | ---- | C] () -- C:\Documents and Settings\Graham Rowat\My Documents\zombie-cat.bmp
[2009/10/25 22:16:18 | 00,030,684 | ---- | C] () -- C:\Documents and Settings\Graham Rowat\My Documents\zombie-cat.jpg
[2009/10/22 09:01:01 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/10/16 22:28:38 | 00,018,334 | ---- | C] () -- C:\Documents and Settings\Graham Rowat\Desktop\zoom.gif
[2009/10/16 20:03:12 | 00,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPER © Uninstall.lnk
[2009/10/16 20:03:11 | 00,001,665 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPER ©.lnk
[2009/10/16 20:03:08 | 00,120,832 | RHS- | C] () -- C:\WINDOWS\System32\MPCDx.ax
[2009/10/16 20:03:08 | 00,107,520 | RHS- | C] () -- C:\WINDOWS\System32\RLMPCDec.ax
[2009/10/16 20:03:08 | 00,097,280 | RHS- | C] () -- C:\WINDOWS\System32\FLACDX.ax
[2009/10/16 20:03:08 | 00,070,656 | RHS- | C] () -- C:\WINDOWS\System32\RLAPEDec.ax
[2009/10/16 20:03:07 | 00,227,328 | RHS- | C] () -- C:\WINDOWS\System32\ac3DX.ax
[2009/10/16 19:54:32 | 00,000,821 | ---- | C] () -- C:\Documents and Settings\Graham Rowat\Desktop\Super Video Converter.lnk
[2009/10/14 00:03:49 | 00,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Acrobat 8 Professional.lnk
[2009/10/13 22:34:39 | 02,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2009/10/12 19:32:21 | 00,196,664 | ---- | C] () -- C:\Documents and Settings\Graham Rowat\My Documents\sarah-palin-zombie.bmp
[2009/10/12 19:28:57 | 00,037,111 | ---- | C] () -- C:\Documents and Settings\Graham Rowat\My Documents\sarah-palin-zombie.jpg
[2009/10/12 19:27:20 | 00,023,032 | ---- | C] () -- C:\Documents and Settings\Graham Rowat\My Documents\Shat Rifle.jpg
[2009/10/08 19:03:16 | 00,001,528 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ImgBurn.lnk
[2009/10/07 20:01:25 | 00,000,736 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\WinZip.lnk
[2009/09/19 13:29:34 | 00,279,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009/09/19 13:29:31 | 00,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009/08/19 09:51:26 | 00,000,760 | ---- | C] () -- C:\Documents and Settings\Graham Rowat\Application Data\setup_ldm.iss
[2009/07/25 22:39:03 | 00,000,000 | -HS- | C] () -- C:\WINDOWS\System32\yahafazo.dll
[2009/07/25 22:39:03 | 00,000,000 | -HS- | C] () -- C:\WINDOWS\System32\sapahado.dll
[2009/07/14 14:15:00 | 00,178,432 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009/06/05 21:02:55 | 00,018,998 | ---- | C] () -- C:\WINDOWS\hplj1010.ini
[2008/10/07 06:13:30 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 06:13:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 06:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 06:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 06:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 06:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 06:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 06:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 06:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 06:13:20 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/09/02 04:25:26 | 02,854,912 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008/02/03 15:58:01 | 00,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2008/02/03 15:47:50 | 00,059,500 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007/12/13 08:41:56 | 00,013,008 | ---- | C] () -- C:\Documents and Settings\Graham Rowat\Application Data\Comma Separated Values (DOS).CAL
[2007/11/15 17:45:46 | 00,000,000 | ---- | C] () -- C:\WINDOWS\MovieEdit.INI
[2007/11/15 15:05:10 | 00,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2007/11/15 13:22:06 | 00,002,607 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2007/10/11 16:59:24 | 00,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2007/01/13 07:48:00 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2007/01/13 07:47:35 | 00,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2007/01/13 07:45:30 | 00,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007/01/13 07:40:42 | 00,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7Q.DLL
[2006/12/25 15:57:15 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2006/12/08 09:39:24 | 00,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/10/23 10:46:53 | 00,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/10/18 18:50:30 | 00,002,528 | ---- | C] () -- C:\Documents and Settings\Graham Rowat\Application Data\$_hpcst$.hpc
[2006/10/12 17:00:19 | 00,018,444 | ---- | C] () -- C:\Documents and Settings\Graham Rowat\Application Data\wklnhst.dat
[2006/10/09 18:53:31 | 00,040,960 | ---- | C] () -- C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/10/09 18:46:30 | 00,132,160 | ---- | C] () -- C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2006/10/09 18:33:28 | 00,000,083 | ---- | C] () -- C:\WINDOWS\gbsaver.ini
[2006/10/09 16:05:17 | 03,294,230 | -H-- | C] () -- C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\IconCache.db
[2006/10/09 16:05:17 | 00,000,135 | ---- | C] () -- C:\Documents and Settings\Graham Rowat\Local Settings\Application Data\fusioncache.dat
[2006/10/09 16:05:17 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Graham Rowat\Application Data\desktop.ini
[2006/10/02 22:34:37 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/10/02 22:22:29 | 00,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/10/02 22:21:03 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/10/02 22:16:41 | 00,010,820 | ---- | C] () -- C:\WINDOWS\System32\CTSBMB.INI
[2006/10/02 22:16:19 | 00,000,040 | ---- | C] () -- C:\WINDOWS\System32\mes2046.dll
[2006/10/02 22:16:02 | 00,022,629 | ---- | C] () -- C:\WINDOWS\System32\CiFilter.ini
[2006/10/02 22:14:41 | 00,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2006/10/02 21:47:17 | 01,355,042 | ---- | C] () -- C:\WINDOWS\System32\CTMBHA.DLL
[2006/10/02 21:46:56 | 01,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/02 21:46:56 | 01,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/02 21:46:55 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/10/02 21:46:54 | 01,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/10/02 21:46:37 | 00,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/10/02 21:46:22 | 00,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2006/10/02 21:46:18 | 00,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2006/10/02 21:45:23 | 00,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006/06/29 14:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
[2006/06/29 14:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/27 08:24:24 | 00,408,576 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2006/04/18 15:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/04/18 15:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/01/26 05:51:57 | 00,647,168 | ---- | C] () -- C:\WINDOWS\System32\pqdvdb.dll
[2006/01/26 05:51:56 | 00,110,080 | ---- | C] () -- C:\WINDOWS\System32\nlame.dll
[2005/11/09 23:56:34 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/16 02:37:24 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 02:33:24 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2005/08/16 02:18:43 | 00,000,800 | ---- | C] () -- C:\WINDOWS\win.ini
[2005/08/16 02:18:41 | 00,000,246 | ---- | C] () -- C:\WINDOWS\system.ini
[2005/08/05 12:01:54 | 00,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/07/14 10:31:20 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2005/06/21 20:37:42 | 00,045,568 | RHS- | C] () -- C:\WINDOWS\System32\cygz.dll
[2005/02/17 09:41:32 | 00,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005/02/17 09:41:30 | 00,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2003/01/07 12:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/11/14 10:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2001/07/31 11:17:12 | 00,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
< End of report >



And the Extras.txt



OTL Extras logfile created on: 11/5/2009 12:40:13 PM - Run 1
OTL by OldTimer - Version 3.1.3.3 Folder = C:\Documents and Settings\Graham Rowat\My Documents\Software Downloads\Malware adventures
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.98 Gb Available Physical Memory | 99.17% Memory free
4.00 Gb Paging File | 3.20 Gb Available in Paging File | 79.92% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 292.83 Gb Total Space | 111.93 Gb Free Space | 38.22% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 73.12 Gb Total Space | 35.55 Gb Free Space | 48.62% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 292.83 Gb Total Space | 111.93 Gb Free Space | 38.22% Space Free | Partition Type: FAT

Computer Name: XPSLAPTOP
Current User Name: Graham Rowat
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-1161533016-824089320-3721352659-1005\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Smilebox\SmileboxStarter.exe" = C:\Program Files\Smilebox\SmileboxStarter.exe:*:Enabled:Smilebox -- (Smilebox, Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\FolderShare\FolderShare.exe" = C:\Program Files\FolderShare\FolderShare.exe:*:Enabled:FolderShare -- ()
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Disabled:AOL -- (AOL, LLC.)
"C:\Program Files\Common Files\aol\acs\AOLDial.exe" = C:\Program Files\Common Files\aol\acs\AOLDial.exe:*:Disabled:AOL Connectivity Service Dialer -- (AOL LLC)
"C:\Program Files\Common Files\aol\Loader\aolload.exe" = C:\Program Files\Common Files\aol\Loader\aolload.exe:*:Disabled:AOL Loader -- (America Online, Inc.)
"C:\Program Files\Common Files\aol\1182951802\ee\aolsoftware.exe" = C:\Program Files\Common Files\aol\1182951802\ee\aolsoftware.exe:*:Disabled:AOL Shared Components -- (America Online, Inc.)
"C:\Program Files\Sony\Media Manager for PSP 2.5\MediaManager.exe" = C:\Program Files\Sony\Media Manager for PSP 2.5\MediaManager.exe:*:Enabled:Media Manager for PSP 2.5 -- (Sony Creative Software Inc.)
"C:\Program Files\Steam\steamapps\common\peggle deluxe\Peggle.exe" = C:\Program Files\Steam\steamapps\common\peggle deluxe\Peggle.exe:*:Enabled:Peggle Deluxe -- ()
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Eidos\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe" = C:\Program Files\Eidos\Batman Arkham Asylum\Binaries\ShippingPC-BmGame.exe:*:Enabled:Batman: Arkham Asylum -- (Rocksteady Studios Ltd)
"C:\Program Files\Steam\steamapps\common\left 4 dead\left4dead.exe" = C:\Program Files\Steam\steamapps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead -- ()
"C:\Program Files\Steam\steamapps\common\trine\trine_launcher.exe" = C:\Program Files\Steam\steamapps\common\trine\trine_launcher.exe:*:Enabled:Trine -- ()
"C:\Program Files\Steam\steamapps\common\torchlight\Torchlight.exe" = C:\Program Files\Steam\steamapps\common\torchlight\Torchlight.exe:*:Enabled:Torchlight - Demo -- (Runic Games, Inc.)
"C:\Program Files\Steam\steamapps\common\borderlands\Binaries\Borderlands.exe" = C:\Program Files\Steam\steamapps\common\borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands -- (Take-Two Interactive Software, Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0CEC06EF-5052-4CE8-8256-74AE363A4238}" = Adobe Creative Suite 3 Master Collection
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1DDB76B6-9B33-47DE-8577-78EBFD3E2FF3}" = Adobe Setup
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 16
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2C65AEAA-EDF4-42E0-AA43-D74A5362CA02}" = Adobe Setup
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}" = Batman: Arkham Asylum
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{522DAB8E-9ED2-4737-9557-E4DE8E7191F7}" = Windows Live Sync
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{62F02B00-7AF5-44D2-9940-788496C853C8}_is1" = Sid Meier's Civilization 4 Complete
"{67E9E6C6-ECEF-4195-B719-8788754297C6}" = inSSIDer
"{6833245E-DD86-479A-882A-8360D62C8194}" = NVIDIA PhysX
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052B-02A4-4627-81F2-1818DA5D550D}" = Microsoft Visual C++ 2005 Redistributable
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = IOGEAR Bluetooth Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3
"{A79C80DA-9DC7-497D-839A-7625272E19D2}" = Wi-Fire Connection Manager
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B45FABE7-D101-4D99-A671-E16DA40AF7F0}" = Microsoft Games for Windows - LIVE
"{B578C85A-A84C-4230-A177-C5B2AF565B8C}" = Microsoft Games for Windows - LIVE Redistributable
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C21538F7-60A8-4BAA-8603-1E6F0D51F9BA}" = Wi-Fire Connection Manager
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Acronis True Image WD Edition
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E40CE517-0D42-4198-96B4-C8232B257EB5}" = Data Lifeguard Diagnostic for Windows
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_5ac697db6c6103f6f8b5198d25f73f7" = Add or Remove Adobe Creative Suite 3 Master Collection
"Adobe_71c180716438072ebd356ce2549df41" = Adobe Premiere Pro CS3 Third Party Content
"Amazon Games & Software Downloader_is1" = Amazon Games & Software Downloader
"CCleaner" = CCleaner
"Download Manager" = Download Manager 2.3.9
"ERUNT_is1" = ERUNT 1.1j
"Google Desktop" = Google Desktop
"HDD Capacity Restore_is1" = HDD Capacity Restore 1.2
"HijackThis" = HijackThis 2.0.2
"ImgBurn" = ImgBurn
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"N360" = Norton 360
"NVIDIA Drivers" = NVIDIA Drivers
"Steam App 26800" = Braid
"Steam App 35700" = Trine
"Steam App 41510" = Torchlight - Demo
"Steam App 500" = Left 4 Dead
"Steam App 8980" = Borderlands
"SUPER ©" = SUPER © Version 2009.bld.36 (June 10, 2009)
"Super Video Converter_is1" = Super Video Converter 5.8
"Tales of Monkey Island Chapter 1_is1" = Tales of Monkey Island Chapter 1
"WinX DVD Ripper Platinum_is1" = WinX DVD Ripper Platinum 5.1.1
"WinZip" = WinZip

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1161533016-824089320-3721352659-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"Steam App 3480" = Peggle Deluxe
"Steam App 4590" = Titan Quest Demo
"Steam App 6100" = Eets
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/25/2009 1:44:45 AM | Computer Name = XPSLAPTOP | Source = Application Error | ID = 1000
Description = Faulting application left4dead.exe, version 0.0.0.0, faulting module
studiorender.dll, version 0.0.0.0, fault address 0x00005a9d.

Error - 10/27/2009 3:04:00 AM | Computer Name = XPSLAPTOP | Source = Application Hang | ID = 1002
Description = Hanging application taskmgr.exe, version 5.1.2600.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 10/27/2009 3:04:11 AM | Computer Name = XPSLAPTOP | Source = Application Hang | ID = 1002
Description = Hanging application autorun.exe, version 0.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 10/28/2009 6:43:25 PM | Computer Name = XPSLAPTOP | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module esent.dll, version 5.1.2600.5512, fault address 0x0001baf4.

Error - 11/2/2009 1:31:12 AM | Computer Name = XPSLAPTOP | Source = Application Hang | ID = 1002
Description = Hanging application Skype.exe, version 4.0.0.215, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 11/3/2009 7:19:09 PM | Computer Name = XPSLAPTOP | Source = Google Update | ID = 20
Description =

Error - 11/3/2009 8:19:07 PM | Computer Name = XPSLAPTOP | Source = Google Update | ID = 20
Description =

Error - 11/3/2009 8:23:07 PM | Computer Name = XPSLAPTOP | Source = Media Center Extender Services | ID = 36866
Description = ERROR: Device Service Listener - The listener loop unexpectedly ended.
Error code 0x80072747.

Error - 11/3/2009 8:23:12 PM | Computer Name = XPSLAPTOP | Source = Media Center Extender Services | ID = 36865
Description = ERROR: Device Service Listener - UDP networking failed. Error code
0x80072747.

Error - 11/5/2009 2:19:06 PM | Computer Name = XPSLAPTOP | Source = Google Update | ID = 20
Description =


< End of report >

#11 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,202 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:01:24 AM

Posted 05 November 2009 - 04:05 PM

First of all, two questions.

You mention, after you deleted the fonohamo.dll file, the error message was gone. After deleting that file, have you ever been able to boot normally?

You mention you can use system restore to set things a day back. Can you please give me some details on that? Did you do a system restore using the Last Known Good Configuration?

A third question, can you use safe mode?

Can you pleas re-run dDS and post me attach.txt?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#12 Growat

Growat
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 05 November 2009 - 04:17 PM

I have not been able to boot normally since removing fonohamo.dll.

For the last few days, "boot to last known good configuration" is what I've needed to get windows fully booted. On two occasions, that did not get me past the login freeze, so I booted to safe mode and selected system restore. I then chose the most recent restore point possible, which was typically the day before. On those two occasions, the system restore to the most recent restore point allowed windows to boot fully.

Safe mode functions fine.

Here is Attach.txt from fresh DDS:


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-10-26.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 10/9/2006 3:55:04 PM
System Uptime: 11/5/2009 12:43:30 PM (2 hours ago)

Motherboard: Dell Inc. | | 0CF456
Processor: Intel® Core™2 CPU T7200 @ 2.00GHz | Microprocessor | 1997/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 293 GiB total, 111.844 GiB free.
D: is CDROM ()
F: is FIXED (NTFS) - 73 GiB total, 35.547 GiB free.
J: is NetworkDisk (FAT) - 293 GiB total, 111.844 GiB free.

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Dell Wireless 1390 WLAN Mini-Card
Device ID: PCI\VEN_14E4&DEV_4311&SUBSYS_00071028&REV_01\4&360A6DE&0&00E1
Manufacturer: Broadcom
Name: Dell Wireless 1390 WLAN Mini-Card
PNP Device ID: PCI\VEN_14E4&DEV_4311&SUBSYS_00071028&REV_01\4&360A6DE&0&00E1
Service: BCM43XX

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Broadcom NetXtreme 57xx Gigabit Controller
Device ID: PCI\VEN_14E4&DEV_1600&SUBSYS_01CE1028&REV_02\4&378EDFA4&0&00E2
Manufacturer: Broadcom
Name: Broadcom NetXtreme 57xx Gigabit Controller
PNP Device ID: PCI\VEN_14E4&DEV_1600&SUBSYS_01CE1028&REV_02\4&378EDFA4&0&00E2
Service: b57w2k

Class GUID: {EB781AAF-9C70-4523-A5DF-642A87ECA567}
Description:
Device ID: ROOT\LIBUSBDEVICES\0000
Manufacturer:
Name:
PNP Device ID: ROOT\LIBUSBDEVICES\0000
Service:

==== System Restore Points ===================

RP505: 9/24/2009 10:49:59 AM - Installed Batman: Arkham Asylum
RP506: 9/24/2009 11:14:15 AM - Installed DirectX
RP507: 9/24/2009 11:16:07 AM - Installed NVIDIA PhysX
RP508: 9/24/2009 11:16:39 AM - Removed NVIDIA PhysX
RP509: 9/24/2009 11:19:28 AM - Installed DirectX
RP510: 9/24/2009 11:36:36 AM - Software Distribution Service 3.0
RP511: 9/26/2009 2:39:13 PM - System Checkpoint
RP512: 9/28/2009 9:44:54 AM - Software Distribution Service 3.0
RP513: 9/30/2009 11:04:36 AM - System Checkpoint
RP514: 10/4/2009 8:42:34 AM - System Checkpoint
RP515: 10/5/2009 6:34:43 PM - Software Distribution Service 3.0
RP516: 10/5/2009 9:16:22 PM - Software Distribution Service 3.0
RP517: 10/6/2009 9:53:48 AM - Software Distribution Service 3.0
RP518: 10/7/2009 9:58:03 AM - System Checkpoint
RP519: 10/8/2009 9:24:10 AM - Software Distribution Service 3.0
RP520: 10/8/2009 10:32:43 PM - Software Distribution Service 3.0
RP521: 10/8/2009 10:55:49 PM - Software Distribution Service 3.0
RP522: 10/9/2009 3:00:18 AM - Software Distribution Service 3.0
RP523: 10/10/2009 5:43:52 PM - System Checkpoint
RP524: 10/11/2009 11:17:18 AM - Software Distribution Service 3.0
RP525: 10/12/2009 11:43:49 AM - System Checkpoint
RP526: 10/14/2009 1:05:12 AM - Printer Driver Adobe PDF Converter Installed
RP527: 10/14/2009 3:00:20 AM - Software Distribution Service 3.0
RP528: 10/15/2009 9:35:26 AM - Software Distribution Service 3.0
RP529: 10/15/2009 5:57:05 PM - Software Distribution Service 3.0
RP530: 10/15/2009 8:27:44 PM - Software Distribution Service 3.0
RP531: 10/17/2009 9:40:03 AM - Software Distribution Service 3.0
RP532: 10/21/2009 10:34:02 AM - System Checkpoint
RP533: 10/22/2009 12:02:20 PM - System Checkpoint
RP534: 10/23/2009 5:47:06 PM - System Checkpoint
RP535: 10/25/2009 1:07:07 PM - System Checkpoint
RP536: 10/26/2009 5:14:59 PM - Norton 360 Registry Clean
RP537: 10/26/2009 6:38:19 PM - Software Distribution Service 3.0
RP538: 10/27/2009 1:50:22 AM - Restore Operation
RP539: 10/27/2009 1:56:06 AM - Restore Operation
RP540: 10/27/2009 2:01:50 AM - Installed Java™ 6 Update 16
RP541: 10/27/2009 2:23:11 AM - Software Distribution Service 3.0
RP542: 10/27/2009 3:01:57 AM - Software Distribution Service 3.0
RP543: 10/28/2009 3:00:30 AM - Software Distribution Service 3.0
RP544: 10/28/2009 11:03:27 AM - Restore Operation
RP545: 10/29/2009 3:00:31 AM - Software Distribution Service 3.0
RP546: 10/30/2009 4:44:06 AM - System Checkpoint
RP547: 10/31/2009 5:38:07 PM - Restore Operation
RP548: 10/31/2009 6:20:46 PM - Software Distribution Service 3.0
RP549: 11/1/2009 7:42:36 PM - System Checkpoint
RP550: 11/3/2009 2:40:37 AM - System Checkpoint
RP551: 11/3/2009 11:57:05 PM - System Checkpoint
RP552: 11/4/2009 11:37:58 AM - Software Distribution Service 3.0
RP553: 11/4/2009 1:52:59 PM - Removed Windows Live Sync
RP554: 11/4/2009 1:53:27 PM - Installed Windows Live Sync
RP555: 11/5/2009 11:55:16 AM - Software Distribution Service 3.0
RP556: 11/5/2009 12:28:17 PM - Software Distribution Service 3.0
RP557: 11/5/2009 12:40:18 PM - Software Distribution Service 3.0

==== Installed Programs ======================

µTorrent
Acronis True Image WD Edition
Add or Remove Adobe Creative Suite 3 Master Collection
Adobe Acrobat 8 Professional
Adobe After Effects CS3
Adobe After Effects CS3 Presets
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Creative Suite 3 Master Collection
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Encore CS3
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Illustrator CS3
Adobe InDesign CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe MotionPicture Color Files
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Premiere Pro CS3
Adobe Premiere Pro CS3 Functional Content
Adobe Premiere Pro CS3 Third Party Content
Adobe Setup
Adobe SING CS3
Adobe Soundbooth CS3
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe Video Profiles
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP DVA Panels CS3
Adobe XMP Panels CS3
AHV content for Acrobat and Flash
Amazon Games & Software Downloader
Apple Application Support
Apple Mobile Device Support
Batman: Arkham Asylum
Bonjour
Borderlands
Braid
CCleaner
Data Lifeguard Diagnostic for Windows
Download Manager 2.3.9
Eets
ERUNT 1.1j
Google Chrome
Google Desktop
HDD Capacity Restore 1.2
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
ImgBurn
inSSIDer
IOGEAR Bluetooth Software
iPhone Configuration Utility
iTunes
Java™ 6 Update 16
Left 4 Dead
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
MobileMe Control Panel
Move Networks Media Player for Internet Explorer
Norton 360
NVIDIA Drivers
NVIDIA PhysX
PDF Settings
Peggle Deluxe
QuickTime
SeaTools for Windows
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Sid Meier's Civilization 4 Complete
Skype™ 4.0
SUPER © Version 2009.bld.36 (June 10, 2009)
Super Video Converter 5.8
Tales of Monkey Island Chapter 1
Titan Quest Demo
Torchlight - Demo
Trine
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows XP (KB968389)
Wi-Fire Connection Manager
Windows Live Sync
Windows XP Media Center Edition 2005 KB973768
WinX DVD Ripper Platinum 5.1.1
WinZip

==== End Of File ===========================

#13 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,202 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:01:24 AM

Posted 06 November 2009 - 03:51 AM

Okay, just to check I am understanding everything here... After you did the system restore, you were able to boot normally. But after one reboot, you had login problems yet again (that is, without you changing anything important after you did the system restore).

Please try the following. Go to Start > Control Panel > User Accounts

Click on your own user account.

Click Create a password (or, if you have a password set, change password).
Create a new password and try to restart now. You should get prompted for your password.

Let me know what happens.

Note, you are free to remove the password afterwards, just make sure you remember it for the steps above :(

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#14 Growat

Growat
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 06 November 2009 - 03:19 PM

"After you did the system restore, you were able to boot normally. But after one reboot, you had login problems yet again (that is, without you changing anything important after you did the system restore)."

That's correct. As I mentioned, I tried the system restore route twice when "Use last good configuration" didn't work. For the past week though "Use last good configuration" has allowed me to boot fully into windows after I've gotten the login freeze.

I created a password, but the computer still froze at the login prompt, before I had a chance to enter it. The cursor in the password prompt flashed twice then froze, as is typical as of late.

#15 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,202 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:01:24 AM

Posted 06 November 2009 - 03:54 PM

This is a long shot, but I might have found a cause for your trouble. In your system restore points Norton 360 registry Clean shows up. This might have done some damage to your registry that caused these problems.

Therefore we are gonna try to restore your system to BEFORE this event.

Go to Start > Programs > Accessories > System Tools and click "System Restore".

Make sure Restore my computer to an earlier time is checked and click next

Select the date 25 october 2009 in the calender, in the right panel you should see now 1.07.07 PM System Checkpoint. Click Next

Follow the prompts and allow your system to be restored back to specified date. You should now be able to boot normally.


If you can boot normally after doing this, please continue, otherwise, report back to me WITHOUT CONTINUING


COMBOFIX
---------------
Please download ComboFix from one of these locations:Bleepingcomputer
ForoSpyware
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users