Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

rundll32 & random tabs pop up


  • This topic is locked This topic is locked
36 replies to this topic

#1 cats_rule

cats_rule

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 29 April 2010 - 12:18 PM

had "rundll32.exe could not be found" error on winxp machine , managed to get malwarebytes to run and it found about 8 infections , cleaned them and restarted pc and have run avast boot time scan , malwarebytes again , super antispyware , spybot & a-squared and none of them now find anything.
However i get random tabs opening in both firefox and IE and also im unable to do windows update , wither from control panel or via the wbesite.
Any help much appreciated.

Attached Files



BC AdBot (Login to Remove)

 


#2 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:08:52 PM

Posted 03 May 2010 - 12:37 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


Shannon

#3 cats_rule

cats_rule
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 05 May 2010 - 03:03 PM

im not getting the rundll32 errors anymore but im still getting random tags opening up to various web addresses.
i have run scans with avast , spybot , a squared , super anti spyware & malwarebytes with nothing found except a few tracking cookies.

i have included all the logs for your viewing but have had a lot of trouble upload them so had to visit a friends pc just to be sure .

thanks

Attached Files



#4 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:08:52 PM

Posted 10 May 2010 - 01:16 PM

Hi, cats_rule-

Welcome to Bleeping Computer.

My name is Shannon and I will be working with you to remove the malware that is on your machine.

I apologize for the delay in replying to your post, but this forum is extremely busy.

There may be a delay in my response to your posts as I am still currently in training. I will be helping you with supervision of the teachers and they will approve every posts before I present them to you.

Please don't make any further changes or run any other tools unless instructed to. Additional changes may hinder the cleaning of your machine.

When asked to copy logs or reports into your reply, please copy them directly into your reply. Do not include them in quotes. Do not attach them unless asked to do so. In Notepad, please turn off Word Wrap under the Format menu.

Please Track this topic - On the top right on this tread, click on the Option button, and, in the drop-down list, click on 'Track this topic'. Under Subscription Information, click on 'Immediate Email Notification' and then click on the Proceed button at the bottom.

Please give me some time to look over your log. I will post the reply as soon as possible.

Shannon

#5 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:08:52 PM

Posted 10 May 2010 - 04:59 PM

Hi-

Again, I apologize for the delay.

I want to take another look at your system with a different scan.
  • Please download OTL from here:
  • Main Mirror
  • Save it to your desktop.
  • Double click on the icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Change the "Extra Registry" option to "Use SafeList"
  • Under the Custom Scan box paste in the contents of the CODE box.
    CODE
    netsvcs
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    /md5stop
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
  • Push the button.
  • Two reports will open, copy and paste them into your reply:
  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized

In your reply, copy in the two OTL reports directly. Do not attach them.

Thanks,
Shannon

#6 cats_rule

cats_rule
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 12 May 2010 - 01:40 PM

OTL Extras logfile created on: 12/05/2010 18:39:28 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\iestyn\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 56.00% Memory free
5.00 Gb Paging File | 3.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 186.30 Gb Total Space | 137.32 Gb Free Space | 73.71% Space Free | Partition Type: NTFS
Drive D: | 186.31 Gb Total Space | 163.96 Gb Free Space | 88.00% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 279.69 Gb Total Space | 105.41 Gb Free Space | 37.69% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: NV8
Current User Name: iestyn
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-220523388-1993962763-682003330-1003\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
jsfile [edit] -- "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"18584:TCP" = 18584:TCP:*:Enabled:port

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Macromedia\Dreamweaver 8\Dreamweaver.exe" = C:\Program Files\Macromedia\Dreamweaver 8\Dreamweaver.exe:*:Enabled:Dreamweaver 8 -- (Macromedia, Inc.)
"C:\Program Files\MusicBrainz Picard\picard.exe" = C:\Program Files\MusicBrainz Picard\picard.exe:*:Enabled:The next generation MusicBrainz tagger -- ()
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\SoulseekNS\slsk.exe" = C:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek -- ()
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\PKR\pkrpal.exe" = C:\Program Files\PKR\pkrpal.exe:*:Enabled:Start PKR Pal -- ()
"C:\Program Files\GFI\LANguard 9.0\languard.exe" = C:\Program Files\GFI\LANguard 9.0\languard.exe:*:Enabled:languard -- ()
"C:\Program Files\Microsoft Visual Studio\COMMON\Tools\VS-Ent98\Vanalyzr\VARPC.EXE" = C:\Program Files\Microsoft Visual Studio\COMMON\Tools\VS-Ent98\Vanalyzr\VARPC.EXE:*:Enabled:Microsoft ® Visual Studio VSA RPC Event Creator -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.0.0 (r181)
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05A6F765-D749-45E6-A157-2E5ADE8F8FF0}" = sensorsamples
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{085AC6CC-3716-4C62-8965-FF94296BCC26}" = vistalibs_x64fre
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{091DDD71-FA98-4FF6-8E6F-07C9D09E29B8}" = wdftools_ia64fre
"{0A026ED9-D774-4008-B62C-7565E5626371}" = networklibraries_ia64fre
"{0A049327-DE93-4098-B573-AAC71E0E6FA4}" = toastermetadatapackagesample
"{0A68FF18-07E3-4D28-BFDC-8F51ECE8A011}" = infsample_x64fre
"{0AD94592-05F9-4E96-9418-D50FEE317342}" = networklibraries_x86fre
"{1231849C-2D95-46C5-BC1B-A7A4481A279F}" = dsfsamples
"{1321CC95-FB73-4437-8F77-B179432F8857}" = setupsamples
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{17349339-D8E7-4394-805E-E2346C19BA82}" = setuptools_x64fre
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{197AB90B-2CE8-4098-B8DC-A8C7ACBBEAD9}" = imagingtools_x86fre
"{198C0A8A-5E8D-4CF5-BE66-9D0E1FFBC217}" = pnptools_x64fre
"{1A0D2EFC-C4FC-446A-8BC3-57A54CE5EADD}" = Opera 10.53
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1E8FC55E-F212-4B80-A0F7-A0D178C2FE4A}" = powermanagement_ia64fre
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F20DE69-167B-4F69-8D99-10DA59D92D10}" = headers
"{1FCC574F-AFA2-4432-9EF1-79CA7BA73431}_is1" = Webroot AntiVirus with Spy Sweeper
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 19
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{28E0E806-0461-4E12-B272-465766FF94FB}" = bluetoothsamples
"{290790FE-0D04-4E3D-B1C9-6CDCF64B1E04}" = wdtfbinaries_x64fre
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2ADD318F-B560-4D64-9A2B-0196FCF103BD}" = audiosamples
"{315A928B-2B99-4E22-A066-14CD901F9C0B}" = generaltools_ia64fre
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{329335E6-0A4B-42B9-9230-5CAC83B04649}" = vistalibs_ia64fre
"{32A3A4F4-B792-11D6-A78A-00B0D0160200}" = Java™ SE Development Kit 6 Update 20
"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook
"{34600C75-5EF7-476C-A897-531078A304C3}" = buildtools_x86fre
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35546EB8-2D2F-4AAD-9FE5-9574520F4AD8}" = offreg_ia64fre
"{37E0996B-CD8D-46C9-A801-9EE67276DF9A}" = tracingtool_x64fre
"{384DB786-E488-45CC-AB4A-E6ABE11B0905}" = tools_ia64fre
"{38AD20B9-0433-45D5-86D6-C76BAE151892}" = printtools_ia64fre
"{3A2F0C18-0F0B-44BF-80F0-CB4204565573}" = printtools_x64fre
"{3B31D97A-7CF4-4ED2-8593-535AE7C0FB92}" = toolindex
"{3C9E736F-8436-41D2-87F3-1468A59CA866}" = tracingtool_ia64fre
"{3ECC5DE9-FF75-4EDD-8D46-6E4A59603E16}" = debugfiles_win7
"{3F5B6210-0903-4DC6-8034-8F488AA3A782}" = Spy Sweeper Core
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4077C73A-C623-40B9-8D0A-B9D501AF3046}" = tracingtool_x86fre
"{4649A430-BC01-4C9E-9846-50FC56A9D00E}" = generalsamples
"{48402841-6F46-464D-8FA1-3A4460C8399D}" = toastersample
"{4908FC86-4753-40EB-99CD-1F1EB30E6F84}" = fireflysample
"{493028C3-0EC5-4FBF-B3D3-F4A934AB8801}" = eventsample
"{49B35B72-04FF-478D-842E-DBC7A5E68285}" = biometricsamples
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C3B13F6-7CA2-47FD-9A47-C542BA730EF7}" = libs_x64fre
"{4C9C47E8-C79E-4A3B-BD87-5088916F67BC}" = imagingtools_ia64fre
"{4DD3FE4D-1D81-44F4-9FCC-BB8F861C6E21}" = pfd_x64fre
"{4DD6CC58-ED0B-46F1-8A23-4661D7DA60DD}" = wnetlibs_x64fre
"{4DF9AF39-93A8-45BD-AB41-6577969C4AE0}" = cancelsample
"{4FBF748A-AF57-487E-8A74-A32710938A7C}" = bluetoothtools_x64fre
"{5008655B-381C-4C45-BF2F-E1998DDED2C5}" = chkinftool_x86fre
"{502A382B-6A1F-41C3-A370-A085182EEA91}" = wdftools_x86fre
"{5058FE9A-CF62-48B5-9AA2-48C536827880}" = sideshowsamples
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{5193B1FC-FC33-4CBA-9B9F-85F3D8F7CD87}" = readme
"{53C53D37-CA3C-4C32-B1B5-3BCC594144C2}" = networksamples
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.79
"{5B66B4F6-D913-4D8D-B997-2E208ABECA73}" = portiosample
"{5B86F724-E2A0-47B6-805A-88D873175EFB}" = biometrictools_x86fre
"{5BE72DAD-15B7-4B1D-808D-9C66DF8E691D}" = storagesamples
"{5BF31BC3-EA1C-4905-9FF1-0FFBE5C4099B}" = bussamples
"{5E38A4B3-E50B-4E05-AC66-CDA806B12D10}" = smartcardsamples
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{62BEC6D1-0287-4272-BFC4-C7C1A422B718}" = avstreamtools_x86fre
"{63B405FD-A763-4F88-8844-1673AA5F00AB}" = wnetlibs_ia64fre
"{65B89385-7BC3-4B25-A2A7-A621D149D298}" = wdtfbinaries_ia64fre
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66D6D87F-D616-408F-9AD1-70D4D744DC29}" = irsamples
"{670CAF31-78EA-4A8B-9F8D-32EC018B1345}" = pnptools_x86fre
"{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}" = Microsoft Document Explorer 2008
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6F1B3EC0-1182-4AA6-9E08-C4D7A05E1B7C}" = streammediasamples
"{6F9AD5EF-EF6A-4548-B797-2543F0D1F28F}" = offreg_x86fre
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{71E96A45-FE54-4AF6-B208-A3F860EF1063}" = usbsamples
"{725943A7-97C3-4E7D-841E-7E6FBAABF64B}" = drvtools_ia64fre
"{734BB64A-5A3D-4624-867D-6358B7068496}" = Sound Blaster Live! 24-bit
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.8.0.193j
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7CA89ADF-C212-4D5A-85EC-79BAA250A656}" = infsample_x86fre
"{7DD52F48-C19E-4FD8-8B25-429F96321003}" = Microsoft Windows Driver Kit Documentation 7600.091201
"{7ED7AA72-49BE-40FB-89C4-F1DBAAC16F01}" = dfx_ia64fre
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{80CFB54B-2C2C-4513-9B90-923F7F850074}" = evntdrvsample
"{82B341CB-D57D-4286-BE54-FB86BAAD23EB}" = pfd_x86fre
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85701256-4CFE-4144-A831-4D03DB2C830A}" = wpdtools_x86fre
"{86DE5D5D-7F44-4D9E-803C-4298732C16A3}" = dfx_x86fre
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AFD8D85-FF4D-4DA7-B1A0-14C6A1BA1F59}" = setuptools_x86fre
"{8B62890F-E903-42BA-B1F7-7868432BCC4A}" = tools_x64fre
"{8BF161B5-1065-4457-8C7C-76366914033A}" = drvtools_x86fre
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9096B2CA-170B-4696-AB43-AF5DD8D539E6}" = hid_inputsamples
"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007
"{9269E4BE-0607-488B-9BFD-9E54FEADB17B}" = ioctlsample
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9645A95A-CEF9-4B9A-A34C-60D226576CF5}" = Diskeeper Home Edition
"{984AD1E9-A775-40F8-9A43-70908593B247}" = hidsampleinput
"{984E6987-6A7E-4F2D-AF7F-68BBB3BD68AD}" = dfx_x64fre
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9936A6C2-0C21-49D8-8AB1-92384259D214}" = powermanagement_x86fre
"{99870CAE-4D57-42F2-9427-AC88F33FC8C3}" = buildsamples
"{9A444847-CF56-404A-8815-2E41259CB224}" = wdtfbinaries_x86fre
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D668C99-AEED-472A-98C0-65D8865150F6}" = wxplibs_x86fre
"{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = DVD-RAM Driver
"{9E6C6A09-A71E-45A4-8DBE-68C64DFC451B}" = generaltools_x64fre
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A072218B-9353-4FAA-A969-64E64568B431}" = umdfsamples
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A541122D-7159-40B6-991D-A8A89006DB91}" = displaysamples
"{A74123D0-28F2-431A-8C9A-864CD6F2F900}" = infsample_ia64fre
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AB99CA8E-0BA0-4AE7-A9AF-26D97D70A570}" = bluetoothtools_x86fre
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACAF97EB-7C5B-4C13-84E2-656FD8F2AE08}" = imagingtools_x64fre
"{AEDC22CF-1590-4095-8053-4B724A5BA7A8}" = wsdtool_x86fre
"{B086FEC7-E6B5-4E03-B7DC-60D5D0787174}" = drvtools_x64fre
"{B121B2B4-867E-4389-AC58-0AEC72C37F47}" = wpdsamples
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2B60AF9-E82A-453D-AB79-B4103614FF7E}" = setuptools_ia64fre
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4665EAE-6733-4978-8757-629C7D8DD6A5}" = powermanagement_x64fre
"{B533A27C-3B5D-42AB-B397-A817F154CC22}" = printtools_x86fre
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{B66819C1-8FA4-4456-A12C-E8C6555DC2E2}" = libs_x86fre
"{B66D9EAC-DDAE-4477-93B2-A946438D97B6}" = wmisamples
"{B875D436-48A7-42CE-A105-23A7F65B9A60}" = avstreamtools_ia64fre
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BD33DB46-D5EE-4529-8854-7161F4A87720}" = avstreamtools_x64fre
"{BEC25D5C-2CD4-4518-8061-4D97D61C710F}" = pnpportssample
"{BFBDD199-81A2-4BFA-9581-D2EA1716B546}" = DSF-KitSetup
"{C0742F98-1E35-4755-A32D-9F9DAE97CBF3}" = ifssamples
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C1620364-5718-43DD-B6B7-104A0A41EACC}" = swtuner
"{C521D5BA-BAE4-43E7-9250-6436E0502948}" = hidsamples
"{C7966AB3-A8D9-48D5-B7DF-922674C40098}" = Device Simulation Framework 1.0.1
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBE08674-3776-4578-9992-46FAEF528F15}" = oacr_x86fre
"{CBE19707-CF6D-4819-9574-3DFD568960FA}" = GFI LANguard 9.0
"{CC2FB3DD-C2DD-4D35-911C-042F3532EE79}" = tools_x86fre
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D058CD28-634C-4EF1-A47D-669FD6BE0C55}" = generaltools_x86fre
"{D09605BE-5587-4B0C-86C8-69B5092CB80F}" = Debugging Tools for Windows (x86)
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1ABCCBA-5525-48B2-9D13-F6D4B6CE4749}" = buildtools_ia64fre
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D4E7A54A-4124-49A7-835B-F3BB3B501475}" = libs_ia64fre
"{D721152B-35EB-44F3-AB58-D0AE8882813F}" = sdv
"{D80B8A95-3DC7-428C-B216-70251A4296DD}" = wnetlibs_x86fre
"{D982C565-EE25-4E1D-8581-95ABDF637032}" = pfd_ia64fre
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DC0B9B4B-3198-4F0F-8A2D-1235ED539D53}" = biometrictools_x64fre
"{DC6B7F7C-20F7-4D40-9735-957752CE5F53}" = pnptools_ia64fre
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E1423BD0-AAAE-4291-B220-863AEDF873D7}" = printsamples
"{E35466C4-2C85-4718-801E-761E18ACDD91}" = avstreamsamples
"{E5052212-DAF0-4BD2-A28E-EF9B9A1D3D81}" = buildtools_x64fre
"{E6343838-6EFE-4528-90ED-8D9258CA4584}" = installhelp
"{E6847FF6-C825-4739-814D-8758A9B30A9A}" = modemtools
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6E836AB-EC50-48EA-9208-374A982F28F2}" = bluetoothtools_ia64fre
"{E754BD2E-5F64-4D38-A1C6-8B8143A09985}" = offreg_x64fre
"{E761E173-81A4-4C12-A28D-322952C4F31B}" = wpdtools_x64fre
"{EBD729CC-602A-4D12-896B-4FBEBE1B6C4F}" = wcoinstallers
"{EDE33D47-848D-4BAE-8399-01D4457D8F64}" = wsdtool_ia64fre
"{EE1E82F8-E538-4B5A-952B-6252DEFA5D06}" = wsdtool_x64fre
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F573FC3C-4149-4FE7-B189-7E5DD3281927}" = networklibraries_x64fre
"{F5F16DEF-5F74-46C8-95E3-AC2FEB04A9DD}" = wdftools_x64fre
"{FB2EEF6E-00A7-4863-A44A-227EB927A589}" = vistalibs_x86fre
"{FCFE5318-77F7-4661-A526-418C431A48B5}" = wpdtools_ia64fre
"{FDAA0CD7-930D-4E16-B3A2-66FAA2EEF3AD}" = pcidrvsample
"Active@ Boot Disk 4.0 Suite" = Active@ Boot Disk 4.0 Suite
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"a-squared Free_is1" = a-squared Free 4.5
"avast5" = avast! Free Antivirus
"Belarc Advisor" = Belarc Advisor 8.1
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Cool MP3 Splitter" = Cool MP3 Splitter
"CToolbar_UNINSTALL" = Crawler Toolbar with Web Security Guard
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"Dziobas Rar Player_is1" = Dziobas Rar Player 0.009.39
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fast AVI MPEG Joiner_is1" = Fast AVI MPEG Joiner 1.1.2
"FILE RECOVERY for WindowsNSIS" = FILE RECOVERY for Windows
"FileZilla Client" = FileZilla Client 3.3.2.1
"Free Easy Burner_is1" = Free Easy Burner V 4.0
"Google Chrome" = Google Chrome
"Handy CD Ripper_is1" = Handy CD Ripper version 2.5.3
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"Image Grabber II" = Image Grabber II
"InstallShield_{CBE19707-CF6D-4819-9574-3DFD568960FA}" = GFI LANguard 9.0
"KitSetup Registration {B4285279-1846-49B4-B8FD-B9EAF0FF17DA}:{68656B6B-555E-5459-5E5D-6363635E5F61}" = Microsoft Windows Driver Kit 7.1.0.7600
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Document Explorer 2008" = Microsoft Document Explorer 2008
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Mozilla Thunderbird (3.0.4)" = Mozilla Thunderbird (3.0.4)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MsJavaVM" = Microsoft VM for Java
"MusicBrainz Picard" = MusicBrainz Picard 0.11
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PKR" = PKR
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.0
"Soulseek2" = SoulSeek 157 NS 13c
"SpeedFan" = SpeedFan (remove only)
"Spyware Terminator_is1" = Spyware Terminator
"SpywareBlaster_is1" = SpywareBlaster 4.3
"SystemRequirementsLab" = System Requirements Lab
"Test My Hardware_is1" = Test My Hardware 3.0
"The Cleaner_is1" = The Cleaner 2011
"TomTom HOME" = TomTom HOME 2.7.3.1894
"Visual Studio 6.0 Enterprise Edition" = Microsoft Visual Studio 6.0 Enterprise Edition
"VLC media player" = VLC media player 1.0.5
"WebPost" = Microsoft Web Publishing Wizard 1.53
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid_is1" = Xvid 1.1.3 final uninstall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-220523388-1993962763-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FolderLock6" = Folder Lock
"uTorrent" = µTorrent
"Winamp Detect" = Winamp Application Detect

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 07/01/2010 17:15:20 | Computer Name = NV8 | Source = avast! | ID = 33554522
Description =

Error - 07/01/2010 17:18:53 | Computer Name = NV8 | Source = avast! | ID = 33554522
Description =

Error - 18/01/2010 05:43:38 | Computer Name = NV8 | Source = avast! | ID = 33554522
Description =

Error - 18/01/2010 06:13:35 | Computer Name = NV8 | Source = avast! | ID = 33554522
Description =

Error - 11/02/2010 08:55:53 | Computer Name = NV8 | Source = avast! | ID = 33554522
Description =

Error - 11/03/2010 04:35:59 | Computer Name = NV8 | Source = avast! | ID = 33554522
Description =

Error - 11/03/2010 04:37:39 | Computer Name = NV8 | Source = avast! | ID = 33554522
Description =

Error - 11/03/2010 04:41:39 | Computer Name = NV8 | Source = avast! | ID = 33554522
Description =

Error - 20/04/2010 02:24:25 | Computer Name = NV8 | Source = avast! | ID = 33554522
Description =

Error - 20/04/2010 02:29:30 | Computer Name = NV8 | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 09/05/2010 08:10:10 | Computer Name = NV8 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 09/05/2010 12:21:15 | Computer Name = NV8 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.3743, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 09/05/2010 12:53:00 | Computer Name = NV8 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The connection with the server was terminated abnormally

Error - 09/05/2010 12:53:01 | Computer Name = NV8 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 09/05/2010 15:17:12 | Computer Name = NV8 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 09/05/2010 15:19:41 | Computer Name = NV8 | Source = Application Hang | ID = 1002
Description = Hanging application Spywareterminator.exe, version 2.7.1.623, hang
module hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 10/05/2010 05:52:21 | Computer Name = NV8 | Source = Application Hang | ID = 1002
Description = Hanging application SUPERAntiSpyware.exe, version 4.35.0.1002, hang
module hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 10/05/2010 06:08:26 | Computer Name = NV8 | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 10/05/2010 06:08:43 | Computer Name = NV8 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The connection with the server was terminated abnormally

Error - 10/05/2010 06:08:43 | Computer Name = NV8 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

[ Application Events ]
Error - 09/05/2010 08:10:10 | Computer Name = NV8 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 09/05/2010 12:21:15 | Computer Name = NV8 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.2.3743, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 09/05/2010 12:53:00 | Computer Name = NV8 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The connection with the server was terminated abnormally

Error - 09/05/2010 12:53:01 | Computer Name = NV8 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 09/05/2010 15:17:12 | Computer Name = NV8 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 09/05/2010 15:19:41 | Computer Name = NV8 | Source = Application Hang | ID = 1002
Description = Hanging application Spywareterminator.exe, version 2.7.1.623, hang
module hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 10/05/2010 05:52:21 | Computer Name = NV8 | Source = Application Hang | ID = 1002
Description = Hanging application SUPERAntiSpyware.exe, version 4.35.0.1002, hang
module hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 10/05/2010 06:08:26 | Computer Name = NV8 | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 10/05/2010 06:08:43 | Computer Name = NV8 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The connection with the server was terminated abnormally

Error - 10/05/2010 06:08:43 | Computer Name = NV8 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

[ System Events ]
Error - 10/05/2010 05:31:29 | Computer Name = NV8 | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 10/05/2010 05:32:58 | Computer Name = NV8 | Source = Service Control Manager | ID = 7000
Description = The Maxtor Scheduler2 Service service failed to start due to the following
error: %%3

Error - 10/05/2010 06:10:57 | Computer Name = NV8 | Source = Service Control Manager | ID = 7000
Description = The Lbd service failed to start due to the following error: %%87

Error - 12/05/2010 10:26:42 | Computer Name = NV8 | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.

Error - 12/05/2010 10:26:42 | Computer Name = NV8 | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 12/05/2010 10:29:11 | Computer Name = NV8 | Source = Service Control Manager | ID = 7023
Description = The Diskeeper service terminated with the following error: %%1920

Error - 12/05/2010 10:29:11 | Computer Name = NV8 | Source = Service Control Manager | ID = 7000
Description = The Maxtor Scheduler2 Service service failed to start due to the following
error: %%3

Error - 12/05/2010 10:44:54 | Computer Name = NV8 | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.

Error - 12/05/2010 10:44:54 | Computer Name = NV8 | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 12/05/2010 10:46:35 | Computer Name = NV8 | Source = Service Control Manager | ID = 7000
Description = The Maxtor Scheduler2 Service service failed to start due to the following
error: %%3

[ System Events ]
Error - 10/05/2010 05:31:29 | Computer Name = NV8 | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 10/05/2010 05:32:58 | Computer Name = NV8 | Source = Service Control Manager | ID = 7000
Description = The Maxtor Scheduler2 Service service failed to start due to the following
error: %%3

Error - 10/05/2010 06:10:57 | Computer Name = NV8 | Source = Service Control Manager | ID = 7000
Description = The Lbd service failed to start due to the following error: %%87

Error - 12/05/2010 10:26:42 | Computer Name = NV8 | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.

Error - 12/05/2010 10:26:42 | Computer Name = NV8 | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 12/05/2010 10:29:11 | Computer Name = NV8 | Source = Service Control Manager | ID = 7023
Description = The Diskeeper service terminated with the following error: %%1920

Error - 12/05/2010 10:29:11 | Computer Name = NV8 | Source = Service Control Manager | ID = 7000
Description = The Maxtor Scheduler2 Service service failed to start due to the following
error: %%3

Error - 12/05/2010 10:44:54 | Computer Name = NV8 | Source = Ftdisk | ID = 262189
Description = The system could not sucessfully load the crash dump driver.

Error - 12/05/2010 10:44:54 | Computer Name = NV8 | Source = Ftdisk | ID = 262193
Description = Configuring the Page file for crash dump failed. Make sure there is
a page file on the boot partition and that is large enough to contain all physical
memory.

Error - 12/05/2010 10:46:35 | Computer Name = NV8 | Source = Service Control Manager | ID = 7000
Description = The Maxtor Scheduler2 Service service failed to start due to the following
error: %%3


< End of report >


OTL logfile created on: 12/05/2010 18:39:28 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\iestyn\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 56.00% Memory free
5.00 Gb Paging File | 3.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 186.30 Gb Total Space | 137.32 Gb Free Space | 73.71% Space Free | Partition Type: NTFS
Drive D: | 186.31 Gb Total Space | 163.96 Gb Free Space | 88.00% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 279.69 Gb Total Space | 105.41 Gb Free Space | 37.69% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: NV8
Current User Name: iestyn
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/05/12 15:57:47 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\iestyn\Desktop\OTL.exe
PRC - [2010/05/09 17:56:55 | 003,037,696 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2010/05/09 17:56:53 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2010/05/09 17:56:52 | 002,176,512 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
PRC - [2010/05/06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/05/06 18:21:43 | 001,201,640 | ---- | M] (Webroot Software, Inc. ) -- C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
PRC - [2010/04/30 07:08:52 | 002,367,336 | ---- | M] (Crawler.com) -- C:\Program Files\Crawler\Toolbar\CToolbar.exe
PRC - [2010/04/15 08:25:20 | 001,872,320 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2service.exe
PRC - [2010/04/12 23:46:36 | 001,135,912 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/04/10 18:55:16 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/11/13 12:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009/11/06 15:19:44 | 006,515,784 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
PRC - [2009/11/06 12:00:22 | 004,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
PRC - [2009/11/06 12:00:22 | 000,165,232 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\WebrootSecurity\SSU.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/11/23 08:58:04 | 000,765,952 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
PRC - [2003/05/23 06:38:26 | 000,106,496 | ---- | M] (Matsubleepa Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
PRC - [1998/05/29 00:00:00 | 000,119,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MDM.EXE


========== Modules (SafeList) ==========

MOD - [2010/05/12 15:57:47 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\iestyn\Desktop\OTL.exe
MOD - [2009/07/12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009/07/11 19:41:02 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
MOD - [2009/03/06 04:33:26 | 000,961,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll
MOD - [2009/02/12 15:19:38 | 000,178,040 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
MOD - [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
MOD - [2008/10/25 11:44:34 | 000,022,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveNew.dll
MOD - [2008/05/13 10:13:36 | 000,077,824 | ---- | M] (SuperAdBlocker.com) -- C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
MOD - [2008/04/14 01:11:50 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2008/04/14 01:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008/04/13 18:37:57 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Unknown | Stopped] -- -- (Pml Driver HPZ12)
SRV - File not found [Auto | Stopped] -- -- (NMSAccess)
SRV - File not found [Auto | Stopped] -- -- (MaxSch2Svc)
SRV - File not found [Disabled | Stopped] -- -- (FLEXnet Licensing Service)
SRV - [2010/05/10 11:09:36 | 001,285,864 | ---- | M] (Lavasoft) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/05/09 17:56:53 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010/05/06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/05/06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/05/06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/05/06 18:21:43 | 001,201,640 | ---- | M] (Webroot Software, Inc. ) [Auto | Running] -- C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe -- (WRConsumerService)
SRV - [2010/04/15 08:25:20 | 001,872,320 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\a-squared Free\a2service.exe -- (a2free)
SRV - [2010/03/29 20:22:26 | 000,813,056 | ---- | M] (MooSoft Development LLC) [Auto | Stopped] -- C:\Program Files\The Cleaner\mhelper.exe -- (moohelp)
SRV - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/11/13 12:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009/11/06 12:00:22 | 004,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Auto | Running] -- C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe -- (WebrootSpySweeperService)
SRV - [2005/11/23 08:58:04 | 000,765,952 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2003/05/23 06:38:26 | 000,106,496 | ---- | M] (Matsubleepa Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)
SRV - [1998/06/06 00:00:00 | 000,034,036 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio\COMMON\Tools\VS-Ent98\Vanalyzr\VARPC.EXE -- (Visual Studio Analyzer RPC bridge)


========== Driver Services (SafeList) ==========

DRV - [2010/05/09 17:56:53 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010/05/09 17:11:45 | 000,033,920 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\Drivers\fsbts.sys -- (fsbts)
DRV - [2010/05/06 21:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/05/06 21:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/05/06 21:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/05/06 21:33:59 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/05/06 21:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/05/06 21:33:29 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/02/17 11:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 11:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 11:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/02/08 22:53:06 | 000,103,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hrmports.sys -- (HRMPORTS)
DRV - [2010/02/08 22:52:56 | 000,092,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hrmcfgspc.sys -- (HRMCFGSPC)
DRV - [2010/02/08 22:52:56 | 000,089,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hrmints.sys -- (HRMINTS)
DRV - [2010/02/08 22:52:54 | 000,479,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dsfksvcs.sys -- (DSFKSVCS)
DRV - [2010/02/08 22:52:54 | 000,031,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dsfroot.sys -- (dsfroot)
DRV - [2010/02/04 16:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/01/12 05:03:33 | 010,276,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009/11/11 15:20:22 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2009/11/11 15:20:22 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009/11/06 12:00:36 | 000,176,752 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ssidrv.sys -- (ssidrv)
DRV - [2009/11/06 12:00:36 | 000,023,152 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sshrmd.sys -- (sshrmd)
DRV - [2009/11/06 12:00:34 | 000,029,808 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ssfs0bbc.sys -- (ssfs0bbc)
DRV - [2008/11/04 09:52:38 | 000,114,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2008/11/04 09:52:38 | 000,108,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2008/11/04 09:52:38 | 000,086,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2008/11/04 09:52:38 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2008/11/04 09:52:38 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008/11/04 09:52:36 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2008/11/04 09:52:36 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2008/08/18 19:54:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2008/07/08 14:54:02 | 000,148,496 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\44839809.sys -- (is-UF9UVdrv)
DRV - [2008/07/08 14:54:02 | 000,148,496 | ---- | M] (Kaspersky Lab) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\44327414.sys -- (is-H0M7Fdrv)
DRV - [2008/07/08 14:54:02 | 000,148,496 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\10881677.sys -- (is-9A1TMdrv)
DRV - [2008/07/08 14:54:02 | 000,148,496 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\88486341.sys -- (is-3SD78drv)
DRV - [2008/04/13 19:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 19:45:34 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)
DRV - [2008/04/13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007/06/29 09:59:34 | 000,083,208 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716bus.sys -- (s716bus) Sony Ericsson Device 716 driver (WDM)
DRV - [2007/06/15 03:47:26 | 001,127,936 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2007/04/04 12:43:38 | 000,098,952 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716unic.sys -- (s716unic) Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM)
DRV - [2007/04/04 12:43:36 | 000,098,568 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716obex.sys -- (s716obex)
DRV - [2007/04/04 12:43:36 | 000,023,176 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716nd5.sys -- (s716nd5) Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS)
DRV - [2007/04/04 12:43:34 | 000,108,552 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mdm.sys -- (s716mdm)
DRV - [2007/04/04 12:43:34 | 000,100,360 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mgmt.sys -- (s716mgmt) Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM)
DRV - [2007/04/04 12:43:32 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mdfl.sys -- (s716mdfl)
DRV - [2006/09/24 14:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006/04/24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006/04/14 21:09:06 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/04/14 21:09:04 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/07/26 08:01:56 | 000,415,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA® nForce™
DRV - [2005/07/26 07:58:30 | 000,053,376 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA® nForce™
DRV - [2005/01/10 11:15:30 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005/01/10 11:15:24 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004/12/22 12:58:14 | 000,008,704 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Pfmodnt.sys -- (PfModNT)
DRV - [2004/11/17 12:05:38 | 002,297,664 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/08/13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004/08/03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/05/08 10:21:44 | 000,035,840 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2003/12/08 12:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2003/12/08 12:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2003/12/05 10:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/11/07 10:50:00 | 000,070,798 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2003/11/07 10:50:00 | 000,051,486 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042PR2.SYS -- (L8042PR2)
DRV - [2003/11/07 10:50:00 | 000,037,884 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidUsb.sys -- (LHidUsb)
DRV - [2003/11/07 10:50:00 | 000,025,502 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFlt2.Sys -- (LHidFlt2)
DRV - [2003/11/07 10:50:00 | 000,014,092 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LCcfltr.sys -- (LCcfltr)
DRV - [2003/10/24 06:53:14 | 000,090,416 | ---- | M] (Matsubleepa Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2001/08/17 15:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-220523388-1993962763-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-220523388-1993962763-682003330-1003\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
IE - HKU\S-1-5-21-220523388-1993962763-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "MyWebSearch"
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.9
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.21
FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3
FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=EZfox000&ptb=4vV27RpM03z25TiZ2DdA5Q&psa=&ind=2010031713&ptnrS=EZfox000&si=&st=kwd&n=77cea661&searchfor="


FF - HKLM\software\mozilla\Firefox\extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ [2010/05/09 18:15:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/28 18:19:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/10 11:08:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/04/22 20:37:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/05/10 11:08:02 | 000,000,000 | ---D | M]

[2010/04/22 20:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iestyn\Application Data\Mozilla\Extensions
[2010/04/22 20:37:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\iestyn\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009/05/30 14:11:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iestyn\Application Data\Mozilla\Extensions\home2@tomtom.com
[2010/05/12 15:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iestyn\Application Data\Mozilla\Firefox\Profiles\ktshiytm.default\extensions
[2010/04/30 05:26:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\iestyn\Application Data\Mozilla\Firefox\Profiles\ktshiytm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/10 17:36:39 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\iestyn\Application Data\Mozilla\Firefox\Profiles\ktshiytm.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010/05/09 17:21:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\iestyn\Application Data\Mozilla\Firefox\Profiles\ktshiytm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010/04/10 17:36:38 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\iestyn\Application Data\Mozilla\Firefox\Profiles\ktshiytm.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/03/17 18:09:25 | 000,010,017 | ---- | M] () -- C:\Documents and Settings\iestyn\Application Data\Mozilla\Firefox\Profiles\ktshiytm.default\searchplugins\mywebsearch.xml
[2010/05/12 15:56:34 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/08 18:29:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/05/08 18:28:23 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/13 23:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010/03/24 11:05:11 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/03/24 11:05:11 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2009/09/21 11:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010/03/24 11:05:11 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2009/09/26 07:41:18 | 000,002,405 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\queryservice113.xml
[2010/03/24 11:05:11 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2010/05/10 09:54:31 | 000,392,355 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 13576 more lines...
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKU\S-1-5-21-220523388-1993962763-682003330-1003\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SpySweeper] C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe (Webroot Software, Inc.)
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKU\S-1-5-21-220523388-1993962763-682003330-1003..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKU\S-1-5-21-220523388-1993962763-682003330-1003..\Run: [tcactive] C:\Program Files\The Cleaner\tcap.exe (MooSoft Development Inc)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LoginPrompt = B7ACA694839985829EDEDDDDDB
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-220523388-1993962763-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-220523388-1993962763-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-220523388-1993962763-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-220523388-1993962763-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-220523388-1993962763-682003330-1003\..Trusted Domains: microsoft.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-220523388-1993962763-682003330-1003\..Trusted Domains: microsoft.com ([update] https in Trusted sites)
O15 - HKU\S-1-5-21-220523388-1993962763-682003330-1003\..Trusted Domains: microsoft.com ([windowsupdate] https in Trusted sites)
O15 - HKU\S-1-5-21-220523388-1993962763-682003330-1003\..Trusted Domains: microsoft.com ([www.update] https in Trusted sites)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/09/22 19:49:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (SsiEfr.exe) - C:\WINDOWS\System32\SsiEfr.exe ()
O34 - HKLM BootExecute: (SsiEfr.exe) - C:\WINDOWS\System32\SsiEfr.exe ()
O34 - HKLM BootExecute: (SsiEfr.exe) - C:\WINDOWS\System32\SsiEfr.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-220523388-1993962763-682003330-1003\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/05/12 16:27:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2010/05/12 16:26:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\iestyn\Recent
[2010/05/12 15:57:28 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\iestyn\Desktop\OTL.exe
[2010/05/10 11:10:13 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/05/10 11:10:08 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/05/10 11:10:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/05/10 11:05:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\Local Settings\Application Data\Temp
[2010/05/10 11:05:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/05/10 11:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\Local Settings\Application Data\Google
[2010/05/10 11:04:46 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/05/10 11:04:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/05/10 11:04:10 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/05/10 11:04:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010/05/10 10:59:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010/05/10 10:52:33 | 097,364,760 | ---- | C] (Lavasoft ) -- C:\Documents and Settings\iestyn\Desktop\Ad-AwareInstaller.exe
[2010/05/10 09:58:30 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/05/10 09:53:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/05/10 09:40:11 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010/05/10 09:29:31 | 000,157,712 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2010/05/09 18:28:22 | 000,000,000 | ---D | C] -- C:\Program Files\WinClamAVShield
[2010/05/09 18:09:20 | 000,000,000 | ---D | C] -- C:\Program Files\Crawler
[2010/05/09 17:56:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\Application Data\Spyware Terminator
[2010/05/09 17:56:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2010/05/09 17:55:53 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2010/05/09 17:21:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\Application Data\QuickScan
[2010/05/08 18:29:40 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/05/08 18:29:40 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/05/08 18:29:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/05/08 18:29:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/05/08 18:29:40 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/05/07 09:54:25 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010/05/07 08:47:09 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/05/07 08:45:33 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/05/07 08:45:33 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/05/07 08:45:33 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/05/07 08:45:33 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/05/07 08:44:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/05/07 08:44:05 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/05/07 06:17:40 | 000,000,000 | ---D | C] -- C:\Avenger
[2010/05/07 06:15:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\Desktop\avenger
[2010/05/06 18:20:55 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\capicom.dll
[2010/05/06 18:19:44 | 000,000,000 | ---D | C] -- C:\Program Files\MSSOAP
[2010/05/06 18:18:45 | 001,563,008 | ---- | C] (Webroot Software, Inc.) -- C:\WINDOWS\WRSetup.dll
[2010/05/06 18:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\Webroot
[2010/05/06 18:18:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\Application Data\Webroot
[2010/05/06 18:18:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Webroot
[2010/04/30 10:15:27 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2010/04/30 10:15:24 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2010/04/30 10:15:16 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2010/04/30 10:14:56 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2010/04/30 10:14:51 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2010/04/30 10:14:50 | 000,019,455 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys
[2010/04/30 10:14:48 | 000,012,063 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys
[2010/04/30 10:14:46 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2010/04/30 10:14:24 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiacpi.sys
[2010/04/30 10:14:15 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2010/04/30 10:14:11 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2010/04/30 10:14:04 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2010/04/30 10:14:00 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2010/04/30 10:13:57 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2010/04/30 10:13:57 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010/04/30 10:13:56 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010/04/30 10:13:53 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys
[2010/04/30 10:13:52 | 000,023,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys
[2010/04/30 10:13:51 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys
[2010/04/30 10:13:48 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2010/04/30 10:13:46 | 000,033,599 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys
[2010/04/30 10:13:45 | 000,019,551 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys
[2010/04/30 10:13:44 | 000,029,311 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys
[2010/04/30 10:13:44 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2010/04/30 10:13:42 | 000,012,127 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys
[2010/04/30 10:13:42 | 000,011,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys
[2010/04/30 10:13:41 | 000,012,415 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys
[2010/04/30 10:13:37 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2010/04/30 10:13:34 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2010/04/30 10:13:31 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2010/04/30 10:13:30 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2010/04/30 10:13:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2010/04/30 10:13:30 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2010/04/30 10:13:29 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010/04/30 10:13:26 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2010/04/30 10:13:22 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2010/04/30 10:13:18 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2010/04/30 10:13:15 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2010/04/30 10:13:12 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys
[2010/04/30 10:13:11 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viaide.sys
[2010/04/30 10:13:06 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2010/04/30 10:13:03 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2010/04/30 10:12:59 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2010/04/30 10:12:56 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2010/04/30 10:12:52 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2010/04/30 10:12:49 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2010/04/30 10:12:45 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2010/04/30 10:12:42 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2010/04/30 10:12:41 | 000,020,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbuhci.sys
[2010/04/30 10:12:40 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2010/04/30 10:12:39 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2010/04/30 10:12:38 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2010/04/30 10:12:33 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll
[2010/04/30 10:12:30 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2010/04/30 10:12:27 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2010/04/30 10:12:24 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll
[2010/04/30 10:12:21 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2010/04/30 10:12:18 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2010/04/30 10:12:15 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2010/04/30 10:12:12 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2010/04/30 10:12:08 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2010/04/30 10:12:05 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2010/04/30 10:12:02 | 000,036,736 | ---- | C] (Promise Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ultra.sys
[2010/04/30 10:11:58 | 000,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys
[2010/04/30 10:11:57 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010/04/30 10:11:53 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2010/04/30 10:11:50 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2010/04/30 10:11:47 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2010/04/30 10:11:44 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2010/04/30 10:11:41 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2010/04/30 10:11:38 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2010/04/30 10:11:34 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys
[2010/04/30 10:11:31 | 000,042,496 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll
[2010/04/30 10:11:30 | 000,082,944 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4mon.exe
[2010/04/30 10:11:27 | 000,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll
[2010/04/30 10:11:22 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\toside.sys
[2010/04/30 10:11:19 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys
[2010/04/30 10:11:16 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys
[2010/04/30 10:11:13 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys
[2010/04/30 10:11:09 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2010/04/30 10:11:07 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2010/04/30 10:11:04 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2010/04/30 10:11:01 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2010/04/30 10:11:00 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2010/04/30 10:11:00 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010/04/30 10:10:57 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2010/04/30 10:10:54 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2010/04/30 10:10:54 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010/04/30 10:10:53 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010/04/30 10:10:50 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys
[2010/04/30 10:10:47 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2010/04/30 10:10:44 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2010/04/30 10:10:41 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2010/04/30 10:10:36 | 000,032,640 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\symc8xx.sys
[2010/04/30 10:10:33 | 000,016,256 | ---- | C] (Symbios Logic Inc.) -- C:\WINDOWS\System32\dllcache\symc810.sys
[2010/04/30 10:10:30 | 000,030,688 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_u3.sys
[2010/04/30 10:10:28 | 000,028,384 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_hi.sys
[2010/04/30 10:10:25 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2010/04/30 10:10:22 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2010/04/30 10:10:19 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2010/04/30 10:10:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2010/04/30 10:10:14 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2010/04/30 10:10:11 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2010/04/30 10:10:08 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2010/04/30 10:10:05 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2010/04/30 10:10:02 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2010/04/30 10:09:59 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2010/04/30 10:09:56 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2010/04/30 10:09:55 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2010/04/30 10:09:50 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2010/04/30 10:09:47 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010/04/30 10:09:47 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2010/04/30 10:09:42 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2010/04/30 10:09:39 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2010/04/30 10:09:36 | 000,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2010/04/30 10:09:33 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2010/04/30 10:09:30 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2010/04/30 10:09:27 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys
[2010/04/30 10:09:25 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll
[2010/04/30 10:09:22 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys
[2010/04/30 10:09:19 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2010/04/30 10:09:18 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010/04/30 10:09:18 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys
[2010/04/30 10:09:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010/04/30 10:09:15 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2010/04/30 10:09:14 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010/04/30 10:09:12 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010/04/30 10:09:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010/04/30 10:09:09 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2010/04/30 10:09:09 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010/04/30 10:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010/04/30 10:09:06 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2010/04/30 10:09:03 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2010/04/30 10:09:00 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2010/04/30 10:08:57 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2010/04/30 10:08:55 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys
[2010/04/30 10:08:54 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys
[2010/04/30 10:08:53 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010/04/30 10:08:53 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys
[2010/04/30 10:08:50 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll
[2010/04/30 10:08:47 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll
[2010/04/30 10:08:47 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010/04/30 10:08:44 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010/04/30 10:08:44 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll
[2010/04/30 10:08:44 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010/04/30 10:08:44 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010/04/30 10:08:41 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll
[2010/04/30 10:08:41 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010/04/30 10:08:40 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010/04/30 10:08:40 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010/04/30 10:08:40 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010/04/30 10:08:40 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010/04/30 10:08:39 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010/04/30 10:08:39 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010/04/30 10:08:39 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010/04/30 10:08:37 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2010/04/30 10:08:34 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2010/04/30 10:08:32 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2010/04/30 10:08:29 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll
[2010/04/30 10:08:26 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys
[2010/04/30 10:08:25 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2010/04/30 10:08:22 | 000,238,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrv.dll
[2010/04/30 10:08:20 | 000,104,064 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrp.sys
[2010/04/30 10:08:17 | 000,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll
[2010/04/30 10:08:14 | 000,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys
[2010/04/30 10:08:11 | 000,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll
[2010/04/30 10:08:08 | 000,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys
[2010/04/30 10:08:08 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010/04/30 10:08:01 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2010/04/30 10:07:59 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2010/04/30 10:07:56 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2010/04/30 10:07:53 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2010/04/30 10:07:50 | 000,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys
[2010/04/30 10:07:46 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2010/04/30 10:07:43 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys
[2010/04/30 10:07:39 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys
[2010/04/30 10:07:38 | 000,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys
[2010/04/30 10:07:35 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010/04/30 10:07:35 | 000,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys
[2010/04/30 10:07:32 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2010/04/30 10:07:29 | 000,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys
[2010/04/30 10:07:26 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2010/04/30 10:07:23 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2010/04/30 10:07:22 | 000,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys
[2010/04/30 10:07:19 | 000,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll
[2010/04/30 10:07:15 | 000,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys
[2010/04/30 10:07:12 | 000,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll
[2010/04/30 10:07:09 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2010/04/30 10:07:07 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2010/04/30 10:07:04 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2010/04/30 10:07:01 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2010/04/30 10:06:58 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2010/04/30 10:06:56 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2010/04/30 10:06:53 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2010/04/30 10:06:50 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2010/04/30 10:06:48 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2010/04/30 10:06:45 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2010/04/30 10:06:42 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2010/04/30 10:06:39 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2010/04/30 10:06:39 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/04/30 10:06:39 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/04/30 10:06:38 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2010/04/30 10:06:37 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2010/04/30 10:06:33 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2010/04/30 10:06:30 | 000,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys
[2010/04/30 10:06:27 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2010/04/30 10:06:24 | 000,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys
[2010/04/30 10:06:22 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2010/04/30 10:06:20 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2010/04/30 10:06:17 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2010/04/30 10:06:16 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010/04/30 10:06:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010/04/30 10:06:11 | 000,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys
[2010/04/30 10:06:08 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2010/04/30 10:06:05 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2010/04/30 10:06:02 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2010/04/30 10:05:59 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010/04/30 10:05:59 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010/04/30 10:05:59 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[2010/04/30 10:05:54 | 000,049,024 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1280.sys
[2010/04/30 10:05:52 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql1240.sys
[2010/04/30 10:05:49 | 000,045,312 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql12160.sys
[2010/04/30 10:05:46 | 000,033,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql10wnt.sys
[2010/04/30 10:05:44 | 000,040,320 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1080.sys
[2010/04/30 10:05:43 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys
[2010/04/30 10:05:38 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2010/04/30 10:05:36 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2010/04/30 10:05:33 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2010/04/30 10:05:32 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll
[2010/04/30 10:05:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll
[2010/04/30 10:05:26 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll
[2010/04/30 10:05:23 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2010/04/30 10:05:20 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys
[2010/04/30 10:05:18 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys
[2010/04/30 10:05:17 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys
[2010/04/30 10:05:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys
[2010/04/30 10:05:13 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010/04/30 10:05:13 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010/04/30 10:05:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010/04/30 10:05:08 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll
[2010/04/30 10:05:05 | 000,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys
[2010/04/30 10:05:03 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys
[2010/04/30 10:05:00 | 000,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys
[2010/04/30 10:04:58 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys
[2010/04/30 10:04:55 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll
[2010/04/30 10:04:52 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax
[2010/04/30 10:04:52 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2010/04/30 10:04:51 | 000,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll
[2010/04/30 10:04:51 | 000,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys
[2010/04/30 10:04:50 | 000,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll
[2010/04/30 10:04:49 | 000,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys
[2010/04/30 10:04:46 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2hib.sys
[2010/04/30 10:04:44 | 000,027,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2.sys
[2010/04/30 10:04:42 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2010/04/30 10:04:40 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2010/04/30 10:04:37 | 000,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys
[2010/04/30 10:04:35 | 000,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys
[2010/04/30 10:04:32 | 000,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[2010/04/30 10:04:29 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2010/04/30 10:04:28 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2010/04/30 10:04:26 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2010/04/30 10:04:25 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2010/04/30 10:04:25 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010/04/30 10:04:24 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010/04/30 10:04:21 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll
[2010/04/30 10:04:18 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll
[2010/04/30 10:04:16 | 000,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys
[2010/04/30 10:04:13 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe
[2010/04/30 10:04:11 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll
[2010/04/30 10:04:08 | 000,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys
[2010/04/30 10:04:06 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll
[2010/04/30 10:04:03 | 000,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys
[2010/04/30 10:04:00 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys
[2010/04/30 10:03:58 | 000,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys
[2010/04/30 10:03:55 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys
[2010/04/30 10:03:53 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2010/04/30 10:03:50 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2010/04/30 10:03:47 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2010/04/30 10:03:45 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2010/04/30 10:03:41 | 000,061,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ohci1394.sys
[2010/04/30 10:03:35 | 000,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys
[2010/04/30 10:03:33 | 000,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll
[2010/04/30 10:03:27 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2010/04/30 10:03:27 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010/04/30 10:03:23 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys
[2010/04/30 10:03:21 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys
[2010/04/30 10:03:20 | 000,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys
[2010/04/30 10:03:16 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2010/04/30 10:03:14 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2010/04/30 10:03:10 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2010/04/30 10:03:10 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2010/04/30 10:03:09 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2010/04/30 10:03:05 | 000,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys
[2010/04/30 10:03:02 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2010/04/30 10:03:00 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2010/04/30 10:02:57 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys
[2010/04/30 10:02:54 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2010/04/30 10:02:51 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2010/04/30 10:02:49 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2010/04/30 10:02:47 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2010/04/30 10:02:44 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2010/04/30 10:02:42 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2010/04/30 10:02:39 | 000,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys
[2010/04/30 10:02:37 | 000,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys
[2010/04/30 10:02:34 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2010/04/30 10:02:32 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2010/04/30 10:02:29 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2010/04/30 10:02:27 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2010/04/30 10:02:24 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010/04/30 10:02:24 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2010/04/30 10:02:21 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2010/04/30 10:02:14 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2010/04/30 10:02:10 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys
[2010/04/30 10:02:04 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010/04/30 10:02:04 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010/04/30 10:02:04 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys
[2010/04/30 10:01:55 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys
[2010/04/30 10:01:53 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys
[2010/04/30 10:01:52 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2010/04/30 10:01:47 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2010/04/30 10:01:43 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2010/04/30 10:01:38 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys
[2010/04/30 10:01:32 | 000,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys
[2010/04/30 10:01:30 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migisol.exe
[2010/04/30 10:01:27 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys
[2010/04/30 10:01:25 | 000,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll
[2010/04/30 10:01:24 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010/04/30 10:01:24 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010/04/30 10:01:23 | 000,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys
[2010/04/30 10:01:21 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll
[2010/04/30 10:01:18 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2010/04/30 10:01:18 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys
[2010/04/30 10:01:15 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2010/04/30 10:01:11 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010/04/30 10:01:11 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys
[2010/04/30 10:01:09 | 000,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys
[2010/04/30 10:01:06 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll
[2010/04/30 10:01:04 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll
[2010/04/30 10:01:01 | 000,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys
[2010/04/30 10:01:01 | 000,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys
[2010/04/30 10:00:58 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2010/04/30 10:00:56 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2010/04/30 10:00:55 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2010/04/30 10:00:55 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys
[2010/04/30 10:00:53 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2010/04/30 10:00:52 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2010/04/30 10:00:50 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2010/04/30 10:00:47 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2010/04/30 10:00:47 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys
[2010/04/30 10:00:43 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2010/04/30 10:00:41 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2010/04/30 10:00:38 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2010/04/30 10:00:36 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2010/04/30 10:00:35 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2010/04/30 10:00:32 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2010/04/30 10:00:30 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2010/04/30 10:00:27 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010/04/30 10:00:27 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2010/04/30 10:00:26 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll
[2010/04/30 10:00:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll
[2010/04/30 10:00:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2010/04/30 10:00:22 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010/04/30 10:00:22 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010/04/30 10:00:22 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010/04/30 10:00:19 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2010/04/30 10:00:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2010/04/30 10:00:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2010/04/30 10:00:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2010/04/30 10:00:07 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010/04/30 10:00:07 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2010/04/30 10:00:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010/04/30 10:00:06 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2010/04/30 10:00:04 | 000,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys
[2010/04/30 10:00:02 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2010/04/30 10:00:01 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll
[2010/04/30 09:59:59 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2010/04/30 09:59:58 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2010/04/30 09:59:58 | 000,088,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys
[2010/04/30 09:59:54 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2010/04/30 09:59:52 | 000,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll
[2010/04/30 09:59:50 | 000,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys
[2010/04/30 09:59:49 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\intelide.sys
[2010/04/30 09:59:47 | 000,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys
[2010/04/30 09:59:45 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ini910u.sys
[2010/04/30 09:59:44 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2010/04/30 09:59:42 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010/04/30 09:59:41 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010/04/30 09:59:40 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010/04/30 09:59:39 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010/04/30 09:59:37 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010/04/30 09:59:37 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010/04/30 09:59:37 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010/04/30 09:59:36 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2010/04/30 09:59:35 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2010/04/30 09:59:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2010/04/30 09:59:35 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2010/04/30 09:59:25 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2010/04/30 09:59:23 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys
[2010/04/30 09:59:21 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll
[2010/04/30 09:59:19 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll
[2010/04/30 09:59:17 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2010/04/30 09:59:15 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2010/04/30 09:59:13 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2010/04/30 09:59:11 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2010/04/30 09:59:08 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2010/04/30 09:59:06 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2010/04/30 09:59:04 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys
[2010/04/30 09:59:02 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys
[2010/04/30 09:59:00 | 000,009,216 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[2010/04/30 09:58:58 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys
[2010/04/30 09:58:57 | 000,161,020 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys
[2010/04/30 09:58:56 | 000,702,845 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll
[2010/04/30 09:58:54 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys
[2010/04/30 09:58:52 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll
[2010/04/30 09:58:52 | 000,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omp.sys
[2010/04/30 09:58:51 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2010/04/30 09:58:49 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010/04/30 09:58:40 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010/04/30 09:58:35 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys
[2010/04/30 09:58:33 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys
[2010/04/30 09:58:31 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys
[2010/04/30 09:58:29 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys
[2010/04/30 09:58:27 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys
[2010/04/30 09:58:25 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys
[2010/04/30 09:58:23 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys
[2010/04/30 09:58:21 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll
[2010/04/30 09:58:19 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys
[2010/04/30 09:58:17 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys
[2010/04/30 09:58:15 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys
[2010/04/30 09:58:13 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys
[2010/04/30 09:58:11 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys
[2010/04/30 09:58:07 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2010/04/30 09:58:05 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2010/04/30 09:58:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2010/04/30 09:58:01 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2010/04/30 09:57:59 | 000,025,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpn.sys
[2010/04/30 09:57:57 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2010/04/30 09:57:55 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2010/04/30 09:57:51 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2010/04/30 09:57:48 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2010/04/30 09:57:44 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2010/04/30 09:57:40 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2010/04/30 09:57:36 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2010/04/30 09:57:33 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2010/04/30 09:57:31 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2010/04/30 09:57:30 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2010/04/30 09:57:27 | 000,907,456 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys
[2010/04/30 09:57:26 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010/04/30 09:57:25 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2010/04/30 09:57:23 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2010/04/30 09:57:21 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2010/04/30 09:57:17 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys
[2010/04/30 09:57:15 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys
[2010/04/30 09:57:13 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll
[2010/04/30 09:57:11 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys
[2010/04/30 09:57:10 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll
[2010/04/30 09:57:08 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2010/04/30 09:57:05 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010/04/30 09:57:05 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010/04/30 09:57:02 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010/04/30 09:57:02 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010/04/30 09:57:00 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2010/04/30 09:56:58 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2010/04/30 09:56:56 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2010/04/30 09:56:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2010/04/30 09:56:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2010/04/30 09:56:53 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2010/04/30 09:56:51 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2010/04/30 09:56:49 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2010/04/30 09:56:48 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2010/04/30 09:56:46 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2010/04/30 09:56:46 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010/04/30 09:56:44 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2010/04/30 09:56:39 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010/04/30 09:56:39 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys
[2010/04/30 09:56:37 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2010/04/30 09:56:35 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys
[2010/04/30 09:56:33 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2010/04/30 09:56:32 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2010/04/30 09:56:29 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2010/04/30 09:56:27 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys
[2010/04/30 09:56:26 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/04/30 09:56:26 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010/04/30 09:56:24 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2010/04/30 09:56:22 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/04/30 09:56:22 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2010/04/30 09:56:21 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2010/04/30 09:56:21 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/04/30 09:56:19 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys
[2010/04/30 09:56:19 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2010/04/30 09:56:17 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2010/04/30 09:56:15 | 000,347,550 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2010/04/30 09:56:13 | 000,594,238 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys
[2010/04/30 09:56:11 | 000,595,647 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2010/04/30 09:56:10 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2010/04/30 09:56:08 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2010/04/30 09:56:07 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2010/04/30 09:56:05 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2010/04/30 09:56:04 | 000,061,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2010/04/30 09:56:02 | 000,051,200 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2010/04/30 09:56:00 | 000,053,248 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2010/04/30 09:55:59 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2010/04/30 09:55:57 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2010/04/30 09:55:56 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2010/04/30 09:55:55 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2010/04/30 09:55:53 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\enum1394.sys
[2010/04/30 09:55:52 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys
[2010/04/30 09:55:49 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2010/04/30 09:55:48 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2010/04/30 09:55:47 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2010/04/30 09:55:46 | 000,171,520 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2010/04/30 09:55:45 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2010/04/30 09:55:43 | 000,455,199 | ---- | C] (3Com Corporation.) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2010/04/30 09:55:42 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2010/04/30 09:55:41 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2010/04/30 09:55:40 | 000,241,206 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2010/04/30 09:55:39 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2010/04/30 09:55:38 | 000,634,134 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2010/04/30 09:55:37 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2010/04/30 09:55:36 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2010/04/30 09:55:35 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2010/04/30 09:55:34 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2010/04/30 09:55:33 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2010/04/30 09:55:31 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2010/04/30 09:55:31 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2010/04/30 09:55:30 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2010/04/30 09:55:29 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100b325.sys
[2010/04/30 09:55:28 | 000,050,719 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2010/04/30 09:55:23 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2010/04/30 09:55:21 | 000,020,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpti2o.sys
[2010/04/30 09:55:19 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2010/04/30 09:55:18 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2010/04/30 09:55:17 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2010/04/30 09:55:16 | 000,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys
[2010/04/30 09:55:16 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2010/04/30 09:55:12 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2010/04/30 09:55:12 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2010/04/30 09:55:11 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2010/04/30 09:55:10 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2010/04/30 09:55:06 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2010/04/30 09:55:05 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2010/04/30 09:55:04 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2010/04/30 09:55:03 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2010/04/30 09:55:02 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2010/04/30 09:55:01 | 000,614,429 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2010/04/30 09:55:00 | 000,042,432 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2010/04/30 09:54:59 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2010/04/30 09:54:58 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2010/04/30 09:54:57 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2010/04/30 09:54:56 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2010/04/30 09:54:55 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2010/04/30 09:54:54 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2010/04/30 09:54:53 | 000,090,525 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2010/04/30 09:54:52 | 000,103,044 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2010/04/30 09:54:51 | 000,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2010/04/30 09:54:51 | 000,037,735 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2010/04/30 09:54:50 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2010/04/30 09:54:48 | 000,419,357 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2010/04/30 09:54:47 | 000,029,531 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2010/04/30 09:54:46 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2010/04/30 09:54:45 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2010/04/30 09:54:44 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe
[2010/04/30 09:54:43 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll
[2010/04/30 09:54:42 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2010/04/30 09:54:41 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2010/04/30 09:54:40 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2010/04/30 09:54:39 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2010/04/30 09:54:38 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2010/04/30 09:54:37 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2010/04/30 09:54:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2010/04/30 09:54:34 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dac960nt.sys
[2010/04/30 09:54:33 | 000,179,584 | ---- | C] (Mylex Corporation) -- C:\WINDOWS\System32\dllcache\dac2w2k.sys
[2010/04/30 09:54:30 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2010/04/30 09:54:29 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2010/04/30 09:54:28 | 000,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2010/04/30 09:54:27 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2010/04/30 09:54:27 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2010/04/30 09:54:26 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2010/04/30 09:54:25 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2010/04/30 09:54:24 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2010/04/30 09:54:23 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2010/04/30 09:54:23 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2010/04/30 09:54:22 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2010/04/30 09:54:21 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2010/04/30 09:54:20 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2010/04/30 09:54:19 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2010/04/30 09:54:19 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2010/04/30 09:54:18 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2010/04/30 09:54:17 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll
[2010/04/30 09:54:16 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2010/04/30 09:54:15 | 000,096,256 | ---- | C] (Copyright © Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2010/04/30 09:54:15 | 000,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2010/04/30 09:54:14 | 000,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys
[2010/04/30 09:54:12 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll
[2010/04/30 09:54:11 | 000,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2010/04/30 09:54:10 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2010/04/30 09:54:10 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2010/04/30 09:54:09 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2010/04/30 09:54:09 | 000,021,533 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2010/04/30 09:54:08 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cpqarray.sys
[2010/04/30 09:54:07 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2010/04/30 09:54:07 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2010/04/30 09:54:07 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2010/04/30 09:54:03 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compbatt.sys
[2010/04/30 09:54:02 | 000,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2010/04/30 09:54:01 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2010/04/30 09:53:59 | 000,006,656 | ---- | C] (CMD Technology, Inc.) -- C:\WINDOWS\System32\dllcache\cmdide.sys
[2010/04/30 09:53:58 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2010/04/30 09:53:58 | 000,013,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmbatt.sys
[2010/04/30 09:53:57 | 000,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2010/04/30 09:53:56 | 000,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2010/04/30 09:53:56 | 000,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2010/04/30 09:53:55 | 000,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2010/04/30 09:53:55 | 000,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2010/04/30 09:53:53 | 000,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2010/04/30 09:53:51 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2010/04/30 09:53:49 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010/04/30 09:53:49 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010/04/30 09:53:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010/04/30 09:53:47 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010/04/30 09:53:47 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010/04/30 09:53:47 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010/04/30 09:53:47 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2010/04/30 09:53:45 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2010/04/30 09:53:45 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2010/04/30 09:53:44 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2010/04/30 09:53:44 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2010/04/30 09:53:43 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2010/04/30 09:53:41 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cd20xrnt.sys
[2010/04/30 09:53:40 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2010/04/30 09:53:40 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2010/04/30 09:53:39 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2010/04/30 09:53:39 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2010/04/30 09:53:37 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2010/04/30 09:53:37 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2010/04/30 09:53:36 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2010/04/30 09:53:36 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/04/30 09:53:35 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2010/04/30 09:53:35 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2010/04/30 09:53:34 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2010/04/30 09:53:34 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2010/04/30 09:53:33 | 000,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2010/04/30 09:53:33 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2010/04/30 09:53:32 | 000,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2010/04/30 09:53:32 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2010/04/30 09:53:31 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2010/04/30 09:53:31 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010/04/30 09:53:07 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2010/04/30 09:53:06 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2010/04/30 09:53:06 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2010/04/30 09:53:05 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2010/04/30 09:53:05 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2010/04/30 09:53:04 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2010/04/30 09:53:04 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2010/04/30 09:53:03 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2010/04/30 09:53:03 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2010/04/30 09:53:01 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2010/04/30 09:53:00 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2010/04/30 09:53:00 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2010/04/30 09:53:00 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2010/04/30 09:52:59 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2010/04/30 09:52:59 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2010/04/30 09:52:58 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2010/04/30 09:52:58 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2010/04/30 09:52:57 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2010/04/30 09:52:57 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2010/04/30 09:52:56 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2010/04/30 09:52:56 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2010/04/30 09:52:49 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2010/04/30 09:52:48 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2010/04/30 09:52:48 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2010/04/30 09:52:47 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2010/04/30 09:52:47 | 000,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys
[2010/04/30 09:52:47 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2010/04/30 09:52:46 | 000,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys
[2010/04/30 09:52:45 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\battc.sys
[2010/04/30 09:52:44 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2010/04/30 09:52:44 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2010/04/30 09:52:43 | 000,096,640 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys
[2010/04/30 09:52:43 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2010/04/30 09:52:42 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2010/04/30 09:52:41 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2010/04/30 09:52:41 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2010/04/30 09:52:40 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2010/04/30 09:52:39 | 000,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2010/04/30 09:52:39 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2010/04/30 09:52:37 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2010/04/30 09:52:34 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2010/04/30 09:52:28 | 000,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll
[2010/04/30 09:52:28 | 000,070,528 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys
[2010/04/30 09:52:26 | 000,289,664 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys
[2010/04/30 09:52:26 | 000,281,600 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys
[2010/04/30 09:52:26 | 000,075,136 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys
[2010/04/30 09:52:25 | 000,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll
[2010/04/30 09:52:25 | 000,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll
[2010/04/30 09:52:25 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2010/04/30 09:52:24 | 000,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll
[2010/04/30 09:52:21 | 000,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2010/04/30 09:52:21 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2010/04/30 09:52:20 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2010/04/30 09:52:20 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2010/04/30 09:52:20 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2010/04/30 09:52:19 | 000,014,848 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc3550.sys
[2010/04/30 09:52:18 | 000,026,496 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc.sys
[2010/04/30 09:52:18 | 000,022,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asc3350p.sys
[2010/04/30 09:52:15 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2010/04/30 09:52:15 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2010/04/30 09:52:14 | 000,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\amsint.sys
[2010/04/30 09:52:13 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys
[2010/04/30 09:52:13 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2010/04/30 09:52:13 | 000,005,248 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\aliide.sys
[2010/04/30 09:52:12 | 000,056,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78xx.sys
[2010/04/30 09:52:12 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys
[2010/04/30 09:52:11 | 000,055,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78u2.sys
[2010/04/30 09:52:11 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aha154x.sys
[2010/04/30 09:52:07 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2010/04/30 09:52:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010/04/30 09:52:05 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adpu160m.sys
[2010/04/30 09:52:05 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2010/04/30 09:52:04 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2010/04/30 09:52:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2010/04/30 09:52:03 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2010/04/30 09:52:03 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2010/04/30 09:52:02 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2010/04/30 09:52:02 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2010/04/30 09:52:02 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2010/04/30 09:52:01 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2010/04/30 09:52:01 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2010/04/30 09:52:00 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2010/04/30 09:52:00 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2010/04/30 09:51:59 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2010/04/30 09:51:59 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2010/04/30 09:51:59 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\abp480n5.sys
[2010/04/30 09:51:58 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2010/04/30 09:51:58 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2010/04/30 09:51:57 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2010/04/30 09:51:57 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2010/04/30 09:51:57 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2010/04/30 09:51:56 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2010/04/30 09:51:56 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2010/04/30 09:51:56 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2010/04/30 09:51:55 | 000,053,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394bus.sys
[2010/04/30 09:51:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2010/04/30 09:51:41 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2010/04/30 09:51:24 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2010/04/30 09:51:23 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2010/04/30 09:51:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2010/04/30 09:51:22 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2010/04/30 09:51:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2010/04/30 09:51:21 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2010/04/30 09:51:13 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2010/04/30 07:54:28 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/04/30 05:57:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/04/29 19:26:06 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2010/04/29 19:05:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\moosoft
[2010/04/29 17:46:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2010/04/29 15:25:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\Desktop\bleeping computers file to post
[2010/04/29 15:21:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\Desktop\gmer
[2010/04/29 09:08:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2010/04/29 09:08:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2010/04/29 09:08:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2010/04/29 09:08:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2010/04/29 09:08:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2010/04/29 09:08:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2010/04/29 09:08:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2010/04/29 09:08:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2010/04/29 09:08:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2010/04/29 09:08:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2010/04/29 09:08:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2010/04/29 09:08:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2010/04/29 09:08:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2010/04/29 09:08:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2010/04/29 09:08:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2010/04/29 09:08:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2010/04/29 09:07:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2010/04/29 09:07:59 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2010/04/29 09:07:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2010/04/29 09:07:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2010/04/29 09:07:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2010/04/29 09:07:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2010/04/29 09:07:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2010/04/29 09:07:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2010/04/29 09:07:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2010/04/29 09:07:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2010/04/29 09:05:47 | 000,000,000 | ---D | C] -- C:\I386
[2010/04/29 08:39:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\Application Data\ElevatedDiagnostics
[2010/04/29 08:29:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\Application Data\thecleaner
[2010/04/29 08:28:52 | 000,000,000 | ---D | C] -- C:\Program Files\The Cleaner
[2010/04/29 05:51:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\Application Data\SUPERAntiSpyware.com
[2010/04/28 21:27:06 | 000,000,000 | ---D | C] -- C:\Program Files\a-squared Free
[2010/04/28 21:21:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/04/28 21:21:26 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/04/28 20:58:01 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rundll32.exe
[2010/04/28 18:02:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/04/28 17:32:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/04/26 23:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl
[2010/04/26 07:18:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\My Documents\ConvertXtoDVD
[2010/04/22 09:43:54 | 000,000,000 | ---D | C] -- C:\Program Files\Web Publish
[2010/04/22 08:43:14 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\setdebug.exe
[2010/04/22 08:43:12 | 000,140,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jit.dll
[2010/04/22 08:43:10 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\javaee.dll
[2010/04/22 08:43:07 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx3j.dll
[2010/04/22 08:40:50 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\wjview.exe
[2010/04/22 08:40:48 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vmhelper.dll
[2010/04/22 08:40:47 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjdbc10.dll
[2010/04/22 08:40:44 | 000,155,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msawt.dll
[2010/04/22 08:40:42 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\jview.exe
[2010/04/22 08:40:40 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jdbgmgr.exe
[2010/04/22 08:40:37 | 000,361,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\javart.dll
[2010/04/22 08:40:36 | 000,032,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\javaprxy.dll
[2010/04/22 08:40:34 | 000,209,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\javacypt.dll
[2010/04/22 08:40:32 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\clspack.exe
[2010/04/22 08:40:14 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\extrac32.exe
[2010/04/21 16:05:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/04/21 09:11:49 | 000,000,000 | ---D | C] -- C:\Program Files\FILE RECOVERY for Windows
[2010/04/21 08:45:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\My Documents\R-TT
[2010/04/21 08:34:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/04/19 20:22:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/04/19 20:15:42 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/04/19 20:09:18 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2008/09/22 20:05:05 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[11 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/05/12 18:49:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2A7D0781-5E3A-44CA-8462-D8FEB64DD6E1}.job
[2010/05/12 18:38:02 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/12 16:26:36 | 010,747,904 | ---- | M] () -- C:\Documents and Settings\iestyn\ntuser.dat
[2010/05/12 15:58:58 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/05/12 15:57:47 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\iestyn\Desktop\OTL.exe
[2010/05/12 15:47:03 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/12 15:45:23 | 000,267,644 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/05/12 15:45:07 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/12 15:45:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/12 15:44:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/10 11:10:03 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/05/10 11:07:15 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010/05/10 11:04:34 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/05/10 10:58:48 | 000,009,216 | ---- | M] () -- C:\Documents and Settings\iestyn\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/10 10:57:57 | 097,364,760 | ---- | M] (Lavasoft ) -- C:\Documents and Settings\iestyn\Desktop\Ad-AwareInstaller.exe
[2010/05/10 09:55:24 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\iestyn\ntuser.ini
[2010/05/10 09:54:31 | 000,392,355 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2010/05/10 09:49:24 | 000,000,247 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/05/10 09:33:51 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/10 09:26:44 | 1905,387,552 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2010/05/10 09:26:44 | 022,322,228 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2010/05/09 20:13:19 | 000,001,044 | ---- | M] () -- C:\Documents and Settings\iestyn\Application Data\vso_ts_preview.xml
[2010/05/09 18:27:48 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Terminator.lnk
[2010/05/09 17:56:53 | 000,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010/05/09 17:29:07 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\iestyn\Local Settings\Application Data\housecall.guid.cache
[2010/05/09 17:11:45 | 000,033,920 | ---- | M] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2010/05/09 12:39:04 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2010/05/08 18:28:21 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/05/08 18:28:21 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/05/08 18:28:20 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/05/08 18:28:20 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/05/08 18:28:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/05/07 10:31:05 | 000,002,293 | ---- | M] () -- C:\Documents and Settings\iestyn\Desktop\Macromedia Dreamweaver 8.lnk
[2010/05/07 10:10:17 | 121,317,590 | ---- | M] () -- C:\Documents and Settings\iestyn\My Documents\Firefox 3.6.3 (en-GB) - 2010-05-07.pcv
[2010/05/07 09:02:28 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100510-095431.backup
[2010/05/07 08:47:21 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/05/07 08:41:57 | 003,683,950 | R--- | M] () -- C:\Documents and Settings\iestyn\Desktop\ComboFix.exe
[2010/05/07 06:14:32 | 000,724,952 | ---- | M] () -- C:\Documents and Settings\iestyn\Desktop\avenger.zip
[2010/05/07 05:49:31 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/05/06 21:59:36 | 000,165,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/05/06 21:39:23 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/05/06 21:39:00 | 000,164,048 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/05/06 21:34:27 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/05/06 21:33:59 | 000,100,432 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/05/06 21:33:55 | 000,094,800 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/05/06 21:33:47 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/05/06 21:33:29 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/05/06 18:20:56 | 000,001,669 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Webroot AntiVirus.lnk
[2010/05/06 18:20:56 | 000,000,841 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/05/06 18:11:59 | 000,000,164 | ---- | M] () -- C:\WINDOWS\install.dat
[2010/05/05 18:01:43 | 004,736,656 | -H-- | M] () -- C:\Documents and Settings\iestyn\Local Settings\Application Data\IconCache.db
[2010/05/05 13:53:11 | 000,393,014 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100506-170403.backup
[2010/04/30 11:41:25 | 000,392,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100505-135311.backup
[2010/04/30 09:51:23 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\iestyn\Desktop\HijackThis.lnk
[2010/04/30 08:00:35 | 000,000,051 | ---- | M] () -- C:\WINDOWS\iTouch.ini
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/29 15:20:48 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\iestyn\Desktop\gmer.zip
[2010/04/29 15:19:47 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\iestyn\Desktop\dds.scr
[2010/04/29 15:19:04 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\iestyn\defogger_reenable
[2010/04/29 15:18:36 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\iestyn\Desktop\Defogger.exe
[2010/04/29 08:29:00 | 000,000,645 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Cleaner 2011.lnk
[2010/04/29 06:00:01 | 000,393,014 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100429-060654.backup
[2010/04/28 21:27:25 | 000,000,648 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\a-squared Free.lnk
[2010/04/28 21:21:30 | 000,000,780 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/04/28 20:00:36 | 000,000,284 | ---- | M] () -- C:\WINDOWS\reimage.ini
[2010/04/28 19:07:15 | 000,363,520 | ---- | M] () -- C:\Documents and Settings\iestyn\My Documents\rkill.exe
[2010/04/28 17:20:36 | 000,000,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100429-060001.backup
[2010/04/28 16:56:08 | 000,001,956 | -HS- | M] () -- C:\Documents and Settings\iestyn\Local Settings\Application Data\8rMjiIiS5Lohx
[2010/04/28 16:56:08 | 000,001,956 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\8rMjiIiS5Lohx
[2010/04/26 23:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl
[2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010/04/23 13:33:25 | 000,392,654 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100428-163706.backup
[2010/04/23 13:11:44 | 000,000,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100423-133325.backup
[2010/04/22 09:46:51 | 000,000,126 | ---- | M] () -- C:\WINDOWS\mdm.ini
[2010/04/22 09:46:37 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/04/22 09:46:37 | 000,000,750 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/04/22 09:46:18 | 000,000,117 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/04/22 09:44:08 | 000,001,309 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/04/21 16:06:07 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/04/21 15:59:03 | 000,391,896 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100422-071929.backup
[2010/04/21 15:56:03 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\iestyn\Desktop\SpywareBlaster.lnk
[2010/04/21 08:35:50 | 000,002,329 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SeaTools for Windows.lnk
[2010/04/19 20:09:20 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\iestyn\Desktop\PeerBlock.lnk
[2010/04/19 20:06:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/04/19 14:49:42 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/04/14 17:47:23 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[11 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/05/12 15:31:55 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/05/10 11:07:15 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010/05/10 11:05:12 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/10 11:05:11 | 000,000,880 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/10 11:04:34 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/05/09 18:27:48 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Terminator.lnk
[2010/05/09 17:56:52 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010/05/09 17:29:07 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\iestyn\Local Settings\Application Data\housecall.guid.cache
[2010/05/09 17:11:45 | 000,033,920 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2010/05/07 10:03:14 | 121,317,590 | ---- | C] () -- C:\Documents and Settings\iestyn\My Documents\Firefox 3.6.3 (en-GB) - 2010-05-07.pcv
[2010/05/07 08:47:20 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/05/07 08:47:15 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/05/07 08:45:33 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/05/07 08:45:33 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/05/07 08:45:33 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/05/07 08:45:33 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/05/07 08:45:33 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/05/07 08:41:45 | 003,683,950 | R--- | C] () -- C:\Documents and Settings\iestyn\Desktop\ComboFix.exe
[2010/05/07 06:14:31 | 000,724,952 | ---- | C] () -- C:\Documents and Settings\iestyn\Desktop\avenger.zip
[2010/05/06 18:20:56 | 000,001,669 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Webroot AntiVirus.lnk
[2010/05/05 13:35:51 | 000,000,164 | ---- | C] () -- C:\WINDOWS\install.dat
[2010/04/30 10:15:23 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2010/04/30 10:15:20 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2010/04/30 10:14:55 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/04/30 10:05:29 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2010/04/30 10:05:25 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2010/04/30 10:05:21 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/04/30 10:05:21 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/04/30 10:01:52 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2010/04/30 10:00:29 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/04/30 10:00:27 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/04/30 09:59:36 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/04/30 09:57:53 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2010/04/30 09:57:49 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2010/04/30 09:57:46 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2010/04/30 09:57:42 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2010/04/30 09:57:38 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2010/04/30 09:57:26 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/04/30 09:55:09 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2010/04/30 09:55:08 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2010/04/30 09:55:07 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2010/04/30 09:53:30 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/04/30 09:53:30 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/04/30 09:53:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/04/30 09:53:29 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/04/30 09:53:28 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/04/30 09:53:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/04/30 09:53:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/04/30 09:53:25 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/04/30 09:53:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/04/30 09:53:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/04/30 09:53:24 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/04/30 09:53:24 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/04/30 09:53:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/04/30 09:53:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/04/30 09:53:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/04/30 09:53:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/04/30 09:53:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/04/30 09:53:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/04/30 09:53:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/04/30 09:53:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/04/30 09:53:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/04/30 09:53:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/04/30 09:53:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/04/30 09:53:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/04/30 09:53:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/04/30 09:53:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/04/30 09:53:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/04/30 09:53:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/04/30 09:53:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/04/30 09:53:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/04/30 09:53:15 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/04/30 09:53:15 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/04/30 09:53:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/04/30 09:53:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/04/30 09:53:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/04/30 09:53:14 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/04/30 09:53:14 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/04/30 09:53:14 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/04/30 09:53:14 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/04/30 09:53:13 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/04/30 09:53:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/04/30 09:53:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/04/30 09:53:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/04/30 09:53:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/04/30 09:53:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/04/30 09:53:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/04/30 09:53:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/04/30 09:53:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/04/30 09:53:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/04/30 09:53:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/04/30 09:53:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/04/30 09:53:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/04/30 09:53:09 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/04/30 09:53:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/04/30 09:53:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/04/30 09:53:08 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/04/30 09:53:08 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/04/30 09:53:08 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/04/30 09:52:56 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/04/30 09:52:49 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/04/30 09:52:32 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2010/04/30 09:52:31 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2010/04/30 09:52:30 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2010/04/30 09:52:30 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2010/04/30 09:52:29 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2010/04/30 09:52:29 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2010/04/30 09:52:29 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2010/04/30 09:52:28 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2010/04/30 09:52:27 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2010/04/30 09:52:24 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2010/04/30 07:54:28 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\iestyn\Desktop\HijackThis.lnk
[2010/04/29 15:20:47 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\iestyn\Desktop\gmer.zip
[2010/04/29 15:19:45 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\iestyn\Desktop\dds.scr
[2010/04/29 15:19:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\iestyn\defogger_reenable
[2010/04/29 15:18:36 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\iestyn\Desktop\Defogger.exe
[2010/04/29 08:37:51 | 000,009,216 | ---- | C] () -- C:\Documents and Settings\iestyn\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/29 08:29:00 | 000,000,645 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\The Cleaner 2011.lnk
[2010/04/28 21:27:25 | 000,000,648 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\a-squared Free.lnk
[2010/04/28 21:21:30 | 000,000,780 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/04/28 20:00:16 | 000,000,284 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2010/04/28 19:07:12 | 000,363,520 | ---- | C] () -- C:\Documents and Settings\iestyn\My Documents\rkill.exe
[2010/04/28 16:55:49 | 000,001,956 | -HS- | C] () -- C:\Documents and Settings\iestyn\Local Settings\Application Data\8rMjiIiS5Lohx
[2010/04/28 16:55:49 | 000,001,956 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\8rMjiIiS5Lohx
[2010/04/22 09:46:50 | 000,000,126 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2010/04/22 08:43:11 | 000,007,356 | ---- | C] () -- C:\WINDOWS\System32\javasup.vxd
[2010/04/22 08:43:10 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2010/04/22 08:40:53 | 000,000,113 | ---- | C] () -- C:\WINDOWS\System32\zonedon.reg
[2010/04/22 08:40:52 | 000,000,113 | ---- | C] () -- C:\WINDOWS\System32\zonedoff.reg
[2010/04/22 08:40:38 | 000,021,444 | ---- | C] () -- C:\WINDOWS\System32\javasec.hlp
[2010/04/22 08:40:35 | 000,011,403 | ---- | C] () -- C:\WINDOWS\System32\javaperm.hlp
[2010/04/21 16:06:07 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/04/21 08:35:29 | 000,002,329 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SeaTools for Windows.lnk
[2010/04/19 20:09:20 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\iestyn\Desktop\PeerBlock.lnk
[2010/03/17 21:59:56 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2010/02/25 18:28:19 | 000,000,051 | ---- | C] () -- C:\WINDOWS\iTouch.ini
[2010/02/10 18:21:02 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\GIF89.DLL
[2010/02/10 18:21:00 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009/12/16 22:38:15 | 000,000,010 | ---- | C] () -- C:\WINDOWS\Syskernel12.dll
[2009/11/06 12:00:28 | 000,031,088 | ---- | C] () -- C:\WINDOWS\System32\wrLZMA.dll
[2009/10/27 19:20:34 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2009/10/25 20:19:04 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/05/14 20:04:38 | 000,003,584 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/03/15 09:03:51 | 000,000,145 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2008/11/21 00:55:28 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/11/21 00:55:28 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/11/08 11:48:15 | 000,000,750 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/10/26 12:04:46 | 000,001,480 | ---- | C] () -- C:\WINDOWS\ARCHPR.INI
[2008/10/16 21:37:10 | 000,156,672 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2008/10/16 21:36:05 | 000,005,521 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008/10/16 21:35:59 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008/10/16 21:35:50 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008/10/16 11:55:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008/10/15 14:42:42 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/09/22 20:05:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2008/09/22 20:05:25 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2008/09/22 20:05:07 | 000,067,428 | ---- | C] () -- C:\WINDOWS\System32\LudaP17.ini
[2008/09/22 20:05:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2008/09/22 20:05:06 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[2008/09/22 20:05:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[2008/05/02 22:46:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2001/07/07 04:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[1999/01/22 14:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/06/10 00:00:00 | 000,015,120 | ---- | C] () -- C:\WINDOWS\System32\REPUTIL.DLL
[1998/05/18 00:00:00 | 000,014,017 | ---- | C] () -- C:\WINDOWS\JAUTOEXP.INI
[1998/04/24 00:00:00 | 000,000,218 | ---- | C] () -- C:\WINDOWS\FRONTPG.INI
[1996/04/03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2010/02/04 16:53:47 | 002,954,656 | ---- | M] (Lavasoft ) -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe
[2010/05/10 11:04:54 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
[2010/05/10 11:06:14 | 000,057,409 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
[2010/05/10 11:06:26 | 000,054,128 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
[2010/05/10 11:06:27 | 000,054,153 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
[2009/10/28 14:18:58 | 000,530,158 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe
[2009/10/28 14:20:10 | 000,530,158 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe
[2010/05/10 11:06:29 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
[2010/05/10 11:08:06 | 000,056,766 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
[2010/05/10 11:06:28 | 000,054,174 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
[2010/05/10 11:06:31 | 000,057,532 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
[2010/05/10 11:06:32 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
[2010/05/10 11:06:33 | 000,057,054 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
[2010/05/10 11:06:15 | 000,054,101 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
[2010/05/10 11:06:13 | 000,052,963 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
[2010/05/10 11:07:49 | 000,057,679 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Player\Uninstaller.exe
[2010/05/10 11:04:58 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
[2010/05/10 11:02:49 | 000,144,696 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe
[2010/05/10 10:59:35 | 001,180,952 | ---- | M] (DivX, Inc. ) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
[2010/05/10 11:06:24 | 000,054,629 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
[2010/05/10 11:06:43 | 000,084,040 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
[2010/05/10 11:07:49 | 000,053,600 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe
[2010/05/10 11:08:05 | 000,056,978 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
[2010/05/10 11:09:36 | 001,285,864 | ---- | M] (Lavasoft) -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe
[2010/05/10 11:09:37 | 000,834,248 | ---- | M] (Lavasoft) -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe
[2010/05/10 11:09:37 | 000,755,096 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWWSC.exe
[2010/05/10 11:09:38 | 001,598,464 | ---- | M] (Lavasoft) -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
[2010/05/10 11:09:39 | 000,871,320 | ---- | M] (Lavasoft ) -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
[2010/05/10 11:09:39 | 000,866,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
[2010/05/10 11:10:02 | 000,015,880 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lsdelete.exe
[2010/05/10 11:10:03 | 000,893,952 | ---- | M] (Lavasoft) -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\threatwork.exe
[2010/04/30 06:17:06 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
[2010/05/09 17:56:53 | 000,006,144 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe


< MD5 for: AGP440.SYS >
[2004/08/04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys
[2004/08/04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/09/22 21:34:24 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/09/22 21:34:24 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2004/08/04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/09/22 21:34:24 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/09/22 21:34:24 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008/04/14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008/04/14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: NVATA.SYS >
[2006/04/24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\Win2K\sata_ide\nvata.sys
[2006/04/24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\WinXP\sata_ide\nvata.sys
[2006/04/24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\WINDOWS\system32\drivers\nvata.sys

< MD5 for: NVATABUS.SYS >
[2006/04/24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\Win2K\legacy\nvatabus.sys
[2006/04/24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\Win2K\sataraid\nvatabus.sys
[2006/04/24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\WinXP\legacy\nvatabus.sys
[2006/04/24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\WinXP\sataraid\nvatabus.sys

< MD5 for: NVGTS.SYS >
[2008/08/18 19:54:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=37954CD1D0AFC11BECD149F7C3EC88C2 -- C:\NVIDIA\nForceWin2k\15.23\IS\IDE\WinXP\sataraid\nvgts.sys
[2008/01/25 20:01:06 | 000,132,096 | ---- | M] (NVIDIA Corporation) MD5=A117466B0ACB13288DEEE4F2E936E67F -- C:\NVIDIA\nForceWin2k\15.17\IS\IDE\WinXP\sata_ide\Floppy\Disk1\nvgts.sys
[2008/01/25 20:01:06 | 000,132,096 | ---- | M] (NVIDIA Corporation) MD5=A117466B0ACB13288DEEE4F2E936E67F -- C:\NVIDIA\nForceWin2k\15.17\IS\IDE\WinXP\sata_ide\nvgts.sys
[2008/01/25 20:01:06 | 000,132,096 | ---- | M] (NVIDIA Corporation) MD5=A117466B0ACB13288DEEE4F2E936E67F -- C:\NVIDIA\nForceWin2k\15.17\IS\IDE\WinXP\sataraid\Floppy\Disk1\nvgts.sys
[2008/01/25 20:01:06 | 000,132,096 | ---- | M] (NVIDIA Corporation) MD5=A117466B0ACB13288DEEE4F2E936E67F -- C:\NVIDIA\nForceWin2k\15.17\IS\IDE\WinXP\sataraid\nvgts.sys
[2008/08/18 19:54:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=EA98BFE4931BD13D747D647C1859796E -- C:\NVIDIA\nForceWin2k\15.23\IS\IDE\WinXP\sata_ide\nvgts.sys
[2008/08/18 19:54:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=EA98BFE4931BD13D747D647C1859796E -- C:\WINDOWS\system32\drivers\nvgts.sys
[2008/08/18 19:54:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=EA98BFE4931BD13D747D647C1859796E -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\nvgts.sys
[2008/08/18 19:54:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=EA98BFE4931BD13D747D647C1859796E -- C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\nvgts.sys

< MD5 for: NVRD32.SYS >
[2008/01/25 20:01:00 | 000,125,440 | ---- | M] (NVIDIA Corporation) MD5=B71BFBC2FE958A6DA1E31357E03AD545 -- C:\NVIDIA\nForceWin2k\15.17\IS\IDE\WinXP\sataraid\Floppy\Disk1\nvrd32.sys
[2008/01/25 20:01:00 | 000,125,440 | ---- | M] (NVIDIA Corporation) MD5=B71BFBC2FE958A6DA1E31357E03AD545 -- C:\NVIDIA\nForceWin2k\15.17\IS\IDE\WinXP\sataraid\nvrd32.sys
[2008/08/18 19:54:00 | 000,133,152 | ---- | M] (NVIDIA Corporation) MD5=BEF704AA9E17D176A46DDF77C6A52194 -- C:\NVIDIA\nForceWin2k\15.23\IS\IDE\WinXP\sataraid\nvrd32.sys

< MD5 for: SCECLI.DLL >
[2004/08/04 13:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008/04/14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008/04/14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2010/05/08 18:28:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\deployJava1.dll
[2009/11/06 12:00:28 | 000,031,088 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\wrLZMA.dll
[11 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1AAB2E68
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >

#7 cats_rule

cats_rule
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 12 May 2010 - 01:43 PM

OTL logfile created on: 12/05/2010 18:39:28 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\iestyn\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 56.00% Memory free
5.00 Gb Paging File | 3.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 186.30 Gb Total Space | 137.32 Gb Free Space | 73.71% Space Free | Partition Type: NTFS
Drive D: | 186.31 Gb Total Space | 163.96 Gb Free Space | 88.00% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 279.69 Gb Total Space | 105.41 Gb Free Space | 37.69% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: NV8
Current User Name: iestyn
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/05/12 15:57:47 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\iestyn\Desktop\OTL.exe
PRC - [2010/05/09 17:56:55 | 003,037,696 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2010/05/09 17:56:53 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2010/05/09 17:56:52 | 002,176,512 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
PRC - [2010/05/06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/05/06 18:21:43 | 001,201,640 | ---- | M] (Webroot Software, Inc. ) -- C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
PRC - [2010/04/30 07:08:52 | 002,367,336 | ---- | M] (Crawler.com) -- C:\Program Files\Crawler\Toolbar\CToolbar.exe
PRC - [2010/04/15 08:25:20 | 001,872,320 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2service.exe
PRC - [2010/04/12 23:46:36 | 001,135,912 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/04/10 18:55:16 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/11/13 12:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009/11/06 15:19:44 | 006,515,784 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
PRC - [2009/11/06 12:00:22 | 004,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
PRC - [2009/11/06 12:00:22 | 000,165,232 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\WebrootSecurity\SSU.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/11/23 08:58:04 | 000,765,952 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
PRC - [2003/05/23 06:38:26 | 000,106,496 | ---- | M] (Matsubleepa Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
PRC - [1998/05/29 00:00:00 | 000,119,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MDM.EXE


========== Modules (SafeList) ==========

MOD - [2010/05/12 15:57:47 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\iestyn\Desktop\OTL.exe
MOD - [2009/07/12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009/07/11 19:41:02 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
MOD - [2009/03/06 04:33:26 | 000,961,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll
MOD - [2009/02/12 15:19:38 | 000,178,040 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
MOD - [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
MOD - [2008/10/25 11:44:34 | 000,022,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveNew.dll
MOD - [2008/05/13 10:13:36 | 000,077,824 | ---- | M] (SuperAdBlocker.com) -- C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
MOD - [2008/04/14 01:11:50 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2008/04/14 01:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008/04/13 18:37:57 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Unknown | Stopped] -- -- (Pml Driver HPZ12)
SRV - File not found [Auto | Stopped] -- -- (NMSAccess)
SRV - File not found [Auto | Stopped] -- -- (MaxSch2Svc)
SRV - File not found [Disabled | Stopped] -- -- (FLEXnet Licensing Service)
SRV - [2010/05/10 11:09:36 | 001,285,864 | ---- | M] (Lavasoft) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/05/09 17:56:53 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010/05/06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/05/06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/05/06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/05/06 18:21:43 | 001,201,640 | ---- | M] (Webroot Software, Inc. ) [Auto | Running] -- C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe -- (WRConsumerService)
SRV - [2010/04/15 08:25:20 | 001,872,320 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\a-squared Free\a2service.exe -- (a2free)
SRV - [2010/03/29 20:22:26 | 000,813,056 | ---- | M] (MooSoft Development LLC) [Auto | Stopped] -- C:\Program Files\The Cleaner\mhelper.exe -- (moohelp)
SRV - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/11/13 12:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009/11/06 12:00:22 | 004,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Auto | Running] -- C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe -- (WebrootSpySweeperService)
SRV - [2005/11/23 08:58:04 | 000,765,952 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe -- (Diskeeper)
SRV - [2003/05/23 06:38:26 | 000,106,496 | ---- | M] (Matsubleepa Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)
SRV - [1998/06/06 00:00:00 | 000,034,036 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio\COMMON\Tools\VS-Ent98\Vanalyzr\VARPC.EXE -- (Visual Studio Analyzer RPC bridge)


========== Driver Services (SafeList) ==========

DRV - [2010/05/09 17:56:53 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010/05/09 17:11:45 | 000,033,920 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\Drivers\fsbts.sys -- (fsbts)
DRV - [2010/05/06 21:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/05/06 21:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/05/06 21:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/05/06 21:33:59 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/05/06 21:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/05/06 21:33:29 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/02/17 11:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 11:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 11:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/02/08 22:53:06 | 000,103,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hrmports.sys -- (HRMPORTS)
DRV - [2010/02/08 22:52:56 | 000,092,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hrmcfgspc.sys -- (HRMCFGSPC)
DRV - [2010/02/08 22:52:56 | 000,089,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hrmints.sys -- (HRMINTS)
DRV - [2010/02/08 22:52:54 | 000,479,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dsfksvcs.sys -- (DSFKSVCS)
DRV - [2010/02/08 22:52:54 | 000,031,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dsfroot.sys -- (dsfroot)
DRV - [2010/02/04 16:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/01/12 05:03:33 | 010,276,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009/11/11 15:20:22 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2009/11/11 15:20:22 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009/11/06 12:00:36 | 000,176,752 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ssidrv.sys -- (ssidrv)
DRV - [2009/11/06 12:00:36 | 000,023,152 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sshrmd.sys -- (sshrmd)
DRV - [2009/11/06 12:00:34 | 000,029,808 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ssfs0bbc.sys -- (ssfs0bbc)
DRV - [2008/11/04 09:52:38 | 000,114,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2008/11/04 09:52:38 | 000,108,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV - [2008/11/04 09:52:38 | 000,086,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV - [2008/11/04 09:52:38 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV - [2008/11/04 09:52:38 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008/11/04 09:52:36 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV - [2008/11/04 09:52:36 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2008/08/18 19:54:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2008/07/08 14:54:02 | 000,148,496 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\44839809.sys -- (is-UF9UVdrv)
DRV - [2008/07/08 14:54:02 | 000,148,496 | ---- | M] (Kaspersky Lab) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\44327414.sys -- (is-H0M7Fdrv)
DRV - [2008/07/08 14:54:02 | 000,148,496 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\10881677.sys -- (is-9A1TMdrv)
DRV - [2008/07/08 14:54:02 | 000,148,496 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\88486341.sys -- (is-3SD78drv)
DRV - [2008/04/13 19:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 19:45:34 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)
DRV - [2008/04/13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007/06/29 09:59:34 | 000,083,208 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716bus.sys -- (s716bus) Sony Ericsson Device 716 driver (WDM)
DRV - [2007/06/15 03:47:26 | 001,127,936 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2007/04/04 12:43:38 | 000,098,952 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716unic.sys -- (s716unic) Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM)
DRV - [2007/04/04 12:43:36 | 000,098,568 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716obex.sys -- (s716obex)
DRV - [2007/04/04 12:43:36 | 000,023,176 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716nd5.sys -- (s716nd5) Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS)
DRV - [2007/04/04 12:43:34 | 000,108,552 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mdm.sys -- (s716mdm)
DRV - [2007/04/04 12:43:34 | 000,100,360 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mgmt.sys -- (s716mgmt) Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM)
DRV - [2007/04/04 12:43:32 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s716mdfl.sys -- (s716mdfl)
DRV - [2006/09/24 14:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006/04/24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006/04/14 21:09:06 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/04/14 21:09:04 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/07/26 08:01:56 | 000,415,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA® nForce™
DRV - [2005/07/26 07:58:30 | 000,053,376 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA® nForce™
DRV - [2005/01/10 11:15:30 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005/01/10 11:15:24 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004/12/22 12:58:14 | 000,008,704 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Pfmodnt.sys -- (PfModNT)
DRV - [2004/11/17 12:05:38 | 002,297,664 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/08/13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004/08/03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/05/08 10:21:44 | 000,035,840 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2003/12/08 12:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2003/12/08 12:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2003/12/05 10:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/11/07 10:50:00 | 000,070,798 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2003/11/07 10:50:00 | 000,051,486 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042PR2.SYS -- (L8042PR2)
DRV - [2003/11/07 10:50:00 | 000,037,884 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidUsb.sys -- (LHidUsb)
DRV - [2003/11/07 10:50:00 | 000,025,502 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFlt2.Sys -- (LHidFlt2)
DRV - [2003/11/07 10:50:00 | 000,014,092 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LCcfltr.sys -- (LCcfltr)
DRV - [2003/10/24 06:53:14 | 000,090,416 | ---- | M] (Matsubleepa Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2001/08/17 15:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-220523388-1993962763-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-220523388-1993962763-682003330-1003\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
IE - HKU\S-1-5-21-220523388-1993962763-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "MyWebSearch"
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.9
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.21
FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3
FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=EZfox000&ptb=4vV27RpM03z25TiZ2DdA5Q&psa=&ind=2010031713&ptnrS=EZfox000&si=&st=kwd&n=77cea661&searchfor="


FF - HKLM\software\mozilla\Firefox\extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ [2010/05/09 18:15:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/28 18:19:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/10 11:08:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/04/22 20:37:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/05/10 11:08:02 | 000,000,000 | ---D | M]

[2010/04/22 20:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iestyn\Application Data\Mozilla\Extensions
[2010/04/22 20:37:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\iestyn\Application Data\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009/05/30 14:11:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iestyn\Application Data\Mozilla\Extensions\home2@tomtom.com
[2010/05/12 15:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\iestyn\Application Data\Mozilla\Firefox\Profiles\ktshiytm.default\extensions
[2010/04/30 05:26:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\iestyn\Application Data\Mozilla\Firefox\Profiles\ktshiytm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/10 17:36:39 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\iestyn\Application Data\Mozilla\Firefox\Profiles\ktshiytm.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010/05/09 17:21:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\iestyn\Application Data\Mozilla\Firefox\Profiles\ktshiytm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010/04/10 17:36:38 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\iestyn\Application Data\Mozilla\Firefox\Profiles\ktshiytm.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/03/17 18:09:25 | 000,010,017 | ---- | M] () -- C:\Documents and Settings\iestyn\Application Data\Mozilla\Firefox\Profiles\ktshiytm.default\searchplugins\mywebsearch.xml
[2010/05/12 15:56:34 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/08 18:29:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/05/08 18:28:23 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/13 23:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010/03/24 11:05:11 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2010/03/24 11:05:11 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2009/09/21 11:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010/03/24 11:05:11 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2009/09/26 07:41:18 | 000,002,405 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\queryservice113.xml
[2010/03/24 11:05:11 | 000,001,135 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2010/05/10 09:54:31 | 000,392,355 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 13576 more lines...
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKU\S-1-5-21-220523388-1993962763-682003330-1003\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SpySweeper] C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe (Webroot Software, Inc.)
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKU\S-1-5-21-220523388-1993962763-682003330-1003..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKU\S-1-5-21-220523388-1993962763-682003330-1003..\Run: [tcactive] C:\Program Files\The Cleaner\tcap.exe (MooSoft Development Inc)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LoginPrompt = B7ACA694839985829EDEDDDDDB
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-220523388-1993962763-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-220523388-1993962763-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-220523388-1993962763-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-220523388-1993962763-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-220523388-1993962763-682003330-1003\..Trusted Domains: microsoft.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-220523388-1993962763-682003330-1003\..Trusted Domains: microsoft.com ([update] https in Trusted sites)
O15 - HKU\S-1-5-21-220523388-1993962763-682003330-1003\..Trusted Domains: microsoft.com ([windowsupdate] https in Trusted sites)
O15 - HKU\S-1-5-21-220523388-1993962763-682003330-1003\..Trusted Domains: microsoft.com ([www.update] https in Trusted sites)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/09/22 19:49:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (SsiEfr.exe) - C:\WINDOWS\System32\SsiEfr.exe ()
O34 - HKLM BootExecute: (SsiEfr.exe) - C:\WINDOWS\System32\SsiEfr.exe ()
O34 - HKLM BootExecute: (SsiEfr.exe) - C:\WINDOWS\System32\SsiEfr.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-220523388-1993962763-682003330-1003\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/05/12 16:27:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Adobe
[2010/05/12 16:26:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\iestyn\Recent
[2010/05/12 15:57:28 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\iestyn\Desktop\OTL.exe
[2010/05/10 11:10:13 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/05/10 11:10:08 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/05/10 11:10:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/05/10 11:05:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\Local Settings\Application Data\Temp
[2010/05/10 11:05:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/05/10 11:04:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\Local Settings\Application Data\Google
[2010/05/10 11:04:46 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/05/10 11:04:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/05/10 11:04:10 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/05/10 11:04:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010/05/10 10:59:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010/05/10 10:52:33 | 097,364,760 | ---- | C] (Lavasoft ) -- C:\Documents and Settings\iestyn\Desktop\Ad-AwareInstaller.exe
[2010/05/10 09:58:30 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/05/10 09:53:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/05/10 09:40:11 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010/05/10 09:29:31 | 000,157,712 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2010/05/09 18:28:22 | 000,000,000 | ---D | C] -- C:\Program Files\WinClamAVShield
[2010/05/09 18:09:20 | 000,000,000 | ---D | C] -- C:\Program Files\Crawler
[2010/05/09 17:56:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\Application Data\Spyware Terminator
[2010/05/09 17:56:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2010/05/09 17:55:53 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2010/05/09 17:21:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\Application Data\QuickScan
[2010/05/08 18:29:40 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/05/08 18:29:40 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/05/08 18:29:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/05/08 18:29:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/05/08 18:29:40 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/05/07 09:54:25 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010/05/07 08:47:09 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/05/07 08:45:33 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/05/07 08:45:33 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/05/07 08:45:33 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/05/07 08:45:33 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/05/07 08:44:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/05/07 08:44:05 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/05/07 06:17:40 | 000,000,000 | ---D | C] -- C:\Avenger
[2010/05/07 06:15:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\Desktop\avenger
[2010/05/06 18:20:55 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\capicom.dll
[2010/05/06 18:19:44 | 000,000,000 | ---D | C] -- C:\Program Files\MSSOAP
[2010/05/06 18:18:45 | 001,563,008 | ---- | C] (Webroot Software, Inc.) -- C:\WINDOWS\WRSetup.dll
[2010/05/06 18:18:44 | 000,000,000 | ---D | C] -- C:\Program Files\Webroot
[2010/05/06 18:18:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\Application Data\Webroot
[2010/05/06 18:18:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Webroot
[2010/04/30 10:15:27 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2010/04/30 10:15:24 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2010/04/30 10:15:16 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2010/04/30 10:14:56 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2010/04/30 10:14:51 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2010/04/30 10:14:50 | 000,019,455 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys
[2010/04/30 10:14:48 | 000,012,063 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys
[2010/04/30 10:14:46 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2010/04/30 10:14:24 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiacpi.sys
[2010/04/30 10:14:15 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2010/04/30 10:14:11 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2010/04/30 10:14:04 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2010/04/30 10:14:00 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2010/04/30 10:13:57 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2010/04/30 10:13:57 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010/04/30 10:13:56 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010/04/30 10:13:53 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys
[2010/04/30 10:13:52 | 000,023,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys
[2010/04/30 10:13:51 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys
[2010/04/30 10:13:48 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2010/04/30 10:13:46 | 000,033,599 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys
[2010/04/30 10:13:45 | 000,019,551 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys
[2010/04/30 10:13:44 | 000,029,311 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys
[2010/04/30 10:13:44 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2010/04/30 10:13:42 | 000,012,127 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys
[2010/04/30 10:13:42 | 000,011,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys
[2010/04/30 10:13:41 | 000,012,415 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys
[2010/04/30 10:13:37 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2010/04/30 10:13:34 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2010/04/30 10:13:31 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2010/04/30 10:13:30 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2010/04/30 10:13:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2010/04/30 10:13:30 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2010/04/30 10:13:29 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010/04/30 10:13:26 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2010/04/30 10:13:22 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2010/04/30 10:13:18 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2010/04/30 10:13:15 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2010/04/30 10:13:12 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys
[2010/04/30 10:13:11 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viaide.sys
[2010/04/30 10:13:06 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2010/04/30 10:13:03 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2010/04/30 10:12:59 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2010/04/30 10:12:56 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2010/04/30 10:12:52 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2010/04/30 10:12:49 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2010/04/30 10:12:45 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2010/04/30 10:12:42 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2010/04/30 10:12:41 | 000,020,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbuhci.sys
[2010/04/30 10:12:40 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2010/04/30 10:12:39 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2010/04/30 10:12:38 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2010/04/30 10:12:33 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll
[2010/04/30 10:12:30 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2010/04/30 10:12:27 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2010/04/30 10:12:24 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll
[2010/04/30 10:12:21 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2010/04/30 10:12:18 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2010/04/30 10:12:15 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2010/04/30 10:12:12 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2010/04/30 10:12:08 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2010/04/30 10:12:05 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2010/04/30 10:12:02 | 000,036,736 | ---- | C] (Promise Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ultra.sys
[2010/04/30 10:11:58 | 000,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys
[2010/04/30 10:11:57 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010/04/30 10:11:53 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2010/04/30 10:11:50 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2010/04/30 10:11:47 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2010/04/30 10:11:44 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2010/04/30 10:11:41 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2010/04/30 10:11:38 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2010/04/30 10:11:34 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys
[2010/04/30 10:11:31 | 000,042,496 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll
[2010/04/30 10:11:30 | 000,082,944 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4mon.exe
[2010/04/30 10:11:27 | 000,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll
[2010/04/30 10:11:22 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\toside.sys
[2010/04/30 10:11:19 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys
[2010/04/30 10:11:16 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys
[2010/04/30 10:11:13 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys
[2010/04/30 10:11:09 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2010/04/30 10:11:07 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2010/04/30 10:11:04 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2010/04/30 10:11:01 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2010/04/30 10:11:00 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2010/04/30 10:11:00 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010/04/30 10:10:57 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2010/04/30 10:10:54 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2010/04/30 10:10:54 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010/04/30 10:10:53 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010/04/30 10:10:50 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys
[2010/04/30 10:10:47 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2010/04/30 10:10:44 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2010/04/30 10:10:41 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2010/04/30 10:10:36 | 000,032,640 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\symc8xx.sys
[2010/04/30 10:10:33 | 000,016,256 | ---- | C] (Symbios Logic Inc.) -- C:\WINDOWS\System32\dllcache\symc810.sys
[2010/04/30 10:10:30 | 000,030,688 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_u3.sys
[2010/04/30 10:10:28 | 000,028,384 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_hi.sys
[2010/04/30 10:10:25 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2010/04/30 10:10:22 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2010/04/30 10:10:19 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2010/04/30 10:10:16 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2010/04/30 10:10:14 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2010/04/30 10:10:11 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2010/04/30 10:10:08 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2010/04/30 10:10:05 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2010/04/30 10:10:02 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2010/04/30 10:09:59 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2010/04/30 10:09:56 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2010/04/30 10:09:55 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2010/04/30 10:09:50 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2010/04/30 10:09:47 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010/04/30 10:09:47 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2010/04/30 10:09:42 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2010/04/30 10:09:39 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2010/04/30 10:09:36 | 000,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2010/04/30 10:09:33 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2010/04/30 10:09:30 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2010/04/30 10:09:27 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys
[2010/04/30 10:09:25 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll
[2010/04/30 10:09:22 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys
[2010/04/30 10:09:19 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2010/04/30 10:09:18 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010/04/30 10:09:18 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys
[2010/04/30 10:09:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010/04/30 10:09:15 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2010/04/30 10:09:14 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010/04/30 10:09:12 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010/04/30 10:09:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010/04/30 10:09:09 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2010/04/30 10:09:09 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010/04/30 10:09:09 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010/04/30 10:09:06 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2010/04/30 10:09:03 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2010/04/30 10:09:00 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2010/04/30 10:08:57 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2010/04/30 10:08:55 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys
[2010/04/30 10:08:54 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys
[2010/04/30 10:08:53 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010/04/30 10:08:53 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys
[2010/04/30 10:08:50 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll
[2010/04/30 10:08:47 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll
[2010/04/30 10:08:47 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010/04/30 10:08:44 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010/04/30 10:08:44 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll
[2010/04/30 10:08:44 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010/04/30 10:08:44 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010/04/30 10:08:41 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll
[2010/04/30 10:08:41 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010/04/30 10:08:40 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010/04/30 10:08:40 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010/04/30 10:08:40 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010/04/30 10:08:40 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010/04/30 10:08:39 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010/04/30 10:08:39 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010/04/30 10:08:39 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010/04/30 10:08:37 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2010/04/30 10:08:34 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2010/04/30 10:08:32 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2010/04/30 10:08:29 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll
[2010/04/30 10:08:26 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys
[2010/04/30 10:08:25 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2010/04/30 10:08:22 | 000,238,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrv.dll
[2010/04/30 10:08:20 | 000,104,064 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrp.sys
[2010/04/30 10:08:17 | 000,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll
[2010/04/30 10:08:14 | 000,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys
[2010/04/30 10:08:11 | 000,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll
[2010/04/30 10:08:08 | 000,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys
[2010/04/30 10:08:08 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010/04/30 10:08:01 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2010/04/30 10:07:59 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2010/04/30 10:07:56 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2010/04/30 10:07:53 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2010/04/30 10:07:50 | 000,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys
[2010/04/30 10:07:46 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2010/04/30 10:07:43 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys
[2010/04/30 10:07:39 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys
[2010/04/30 10:07:38 | 000,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys
[2010/04/30 10:07:35 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010/04/30 10:07:35 | 000,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys
[2010/04/30 10:07:32 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2010/04/30 10:07:29 | 000,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys
[2010/04/30 10:07:26 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2010/04/30 10:07:23 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2010/04/30 10:07:22 | 000,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys
[2010/04/30 10:07:19 | 000,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll
[2010/04/30 10:07:15 | 000,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys
[2010/04/30 10:07:12 | 000,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll
[2010/04/30 10:07:09 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2010/04/30 10:07:07 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2010/04/30 10:07:04 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2010/04/30 10:07:01 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2010/04/30 10:06:58 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2010/04/30 10:06:56 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2010/04/30 10:06:53 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2010/04/30 10:06:50 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2010/04/30 10:06:48 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2010/04/30 10:06:45 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2010/04/30 10:06:42 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2010/04/30 10:06:39 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2010/04/30 10:06:39 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/04/30 10:06:39 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/04/30 10:06:38 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2010/04/30 10:06:37 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2010/04/30 10:06:33 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2010/04/30 10:06:30 | 000,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys
[2010/04/30 10:06:27 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2010/04/30 10:06:24 | 000,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys
[2010/04/30 10:06:22 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2010/04/30 10:06:20 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2010/04/30 10:06:17 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2010/04/30 10:06:16 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010/04/30 10:06:16 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010/04/30 10:06:11 | 000,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys
[2010/04/30 10:06:08 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2010/04/30 10:06:05 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2010/04/30 10:06:02 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2010/04/30 10:05:59 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010/04/30 10:05:59 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010/04/30 10:05:59 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[2010/04/30 10:05:54 | 000,049,024 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1280.sys
[2010/04/30 10:05:52 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql1240.sys
[2010/04/30 10:05:49 | 000,045,312 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql12160.sys
[2010/04/30 10:05:46 | 000,033,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql10wnt.sys
[2010/04/30 10:05:44 | 000,040,320 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1080.sys
[2010/04/30 10:05:43 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys
[2010/04/30 10:05:38 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2010/04/30 10:05:36 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2010/04/30 10:05:33 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2010/04/30 10:05:32 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll
[2010/04/30 10:05:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll
[2010/04/30 10:05:26 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll
[2010/04/30 10:05:23 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2010/04/30 10:05:20 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys
[2010/04/30 10:05:18 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys
[2010/04/30 10:05:17 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys
[2010/04/30 10:05:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys
[2010/04/30 10:05:13 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010/04/30 10:05:13 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010/04/30 10:05:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010/04/30 10:05:08 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll
[2010/04/30 10:05:05 | 000,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys
[2010/04/30 10:05:03 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys
[2010/04/30 10:05:00 | 000,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys
[2010/04/30 10:04:58 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys
[2010/04/30 10:04:55 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll
[2010/04/30 10:04:52 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax
[2010/04/30 10:04:52 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2010/04/30 10:04:51 | 000,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll
[2010/04/30 10:04:51 | 000,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys
[2010/04/30 10:04:50 | 000,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll
[2010/04/30 10:04:49 | 000,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys
[2010/04/30 10:04:46 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2hib.sys
[2010/04/30 10:04:44 | 000,027,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2.sys
[2010/04/30 10:04:42 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2010/04/30 10:04:40 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2010/04/30 10:04:37 | 000,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys
[2010/04/30 10:04:35 | 000,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys
[2010/04/30 10:04:32 | 000,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[2010/04/30 10:04:29 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2010/04/30 10:04:28 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2010/04/30 10:04:26 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2010/04/30 10:04:25 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2010/04/30 10:04:25 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010/04/30 10:04:24 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010/04/30 10:04:21 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll
[2010/04/30 10:04:18 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll
[2010/04/30 10:04:16 | 000,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys
[2010/04/30 10:04:13 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe
[2010/04/30 10:04:11 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll
[2010/04/30 10:04:08 | 000,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys
[2010/04/30 10:04:06 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll
[2010/04/30 10:04:03 | 000,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys
[2010/04/30 10:04:00 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys
[2010/04/30 10:03:58 | 000,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys
[2010/04/30 10:03:55 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys
[2010/04/30 10:03:53 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2010/04/30 10:03:50 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2010/04/30 10:03:47 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2010/04/30 10:03:45 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2010/04/30 10:03:41 | 000,061,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ohci1394.sys
[2010/04/30 10:03:35 | 000,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys
[2010/04/30 10:03:33 | 000,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll
[2010/04/30 10:03:27 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2010/04/30 10:03:27 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010/04/30 10:03:23 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys
[2010/04/30 10:03:21 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys
[2010/04/30 10:03:20 | 000,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys
[2010/04/30 10:03:16 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2010/04/30 10:03:14 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2010/04/30 10:03:10 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2010/04/30 10:03:10 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2010/04/30 10:03:09 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2010/04/30 10:03:05 | 000,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys
[2010/04/30 10:03:02 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2010/04/30 10:03:00 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2010/04/30 10:02:57 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys
[2010/04/30 10:02:54 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2010/04/30 10:02:51 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2010/04/30 10:02:49 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2010/04/30 10:02:47 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2010/04/30 10:02:44 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2010/04/30 10:02:42 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2010/04/30 10:02:39 | 000,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys
[2010/04/30 10:02:37 | 000,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys
[2010/04/30 10:02:34 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2010/04/30 10:02:32 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2010/04/30 10:02:29 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2010/04/30 10:02:27 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2010/04/30 10:02:24 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010/04/30 10:02:24 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2010/04/30 10:02:21 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2010/04/30 10:02:14 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2010/04/30 10:02:10 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys
[2010/04/30 10:02:04 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010/04/30 10:02:04 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010/04/30 10:02:04 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys
[2010/04/30 10:01:55 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys
[2010/04/30 10:01:53 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys
[2010/04/30 10:01:52 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2010/04/30 10:01:47 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2010/04/30 10:01:43 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2010/04/30 10:01:38 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys
[2010/04/30 10:01:32 | 000,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys
[2010/04/30 10:01:30 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migisol.exe
[2010/04/30 10:01:27 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys
[2010/04/30 10:01:25 | 000,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll
[2010/04/30 10:01:24 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010/04/30 10:01:24 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010/04/30 10:01:23 | 000,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys
[2010/04/30 10:01:21 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll
[2010/04/30 10:01:18 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2010/04/30 10:01:18 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys
[2010/04/30 10:01:15 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2010/04/30 10:01:11 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010/04/30 10:01:11 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys
[2010/04/30 10:01:09 | 000,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys
[2010/04/30 10:01:06 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll
[2010/04/30 10:01:04 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll
[2010/04/30 10:01:01 | 000,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys
[2010/04/30 10:01:01 | 000,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys
[2010/04/30 10:00:58 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2010/04/30 10:00:56 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2010/04/30 10:00:55 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2010/04/30 10:00:55 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys
[2010/04/30 10:00:53 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2010/04/30 10:00:52 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2010/04/30 10:00:50 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2010/04/30 10:00:47 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2010/04/30 10:00:47 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys
[2010/04/30 10:00:43 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2010/04/30 10:00:41 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2010/04/30 10:00:38 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2010/04/30 10:00:36 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2010/04/30 10:00:35 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2010/04/30 10:00:32 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2010/04/30 10:00:30 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2010/04/30 10:00:27 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010/04/30 10:00:27 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2010/04/30 10:00:26 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll
[2010/04/30 10:00:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll
[2010/04/30 10:00:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2010/04/30 10:00:22 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010/04/30 10:00:22 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010/04/30 10:00:22 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010/04/30 10:00:19 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2010/04/30 10:00:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2010/04/30 10:00:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2010/04/30 10:00:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2010/04/30 10:00:07 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010/04/30 10:00:07 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2010/04/30 10:00:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010/04/30 10:00:06 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2010/04/30 10:00:04 | 000,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys
[2010/04/30 10:00:02 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2010/04/30 10:00:01 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll
[2010/04/30 09:59:59 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2010/04/30 09:59:58 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2010/04/30 09:59:58 | 000,088,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys
[2010/04/30 09:59:54 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2010/04/30 09:59:52 | 000,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll
[2010/04/30 09:59:50 | 000,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys
[2010/04/30 09:59:49 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\intelide.sys
[2010/04/30 09:59:47 | 000,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys
[2010/04/30 09:59:45 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ini910u.sys
[2010/04/30 09:59:44 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2010/04/30 09:59:42 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010/04/30 09:59:41 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010/04/30 09:59:40 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010/04/30 09:59:39 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010/04/30 09:59:37 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010/04/30 09:59:37 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010/04/30 09:59:37 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010/04/30 09:59:36 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2010/04/30 09:59:35 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2010/04/30 09:59:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2010/04/30 09:59:35 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2010/04/30 09:59:25 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2010/04/30 09:59:23 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys
[2010/04/30 09:59:21 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll
[2010/04/30 09:59:19 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll
[2010/04/30 09:59:17 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2010/04/30 09:59:15 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2010/04/30 09:59:13 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2010/04/30 09:59:11 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2010/04/30 09:59:08 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2010/04/30 09:59:06 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2010/04/30 09:59:04 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys
[2010/04/30 09:59:02 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys
[2010/04/30 09:59:00 | 000,009,216 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[2010/04/30 09:58:58 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys
[2010/04/30 09:58:57 | 000,161,020 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys
[2010/04/30 09:58:56 | 000,702,845 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll
[2010/04/30 09:58:54 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys
[2010/04/30 09:58:52 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll
[2010/04/30 09:58:52 | 000,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omp.sys
[2010/04/30 09:58:51 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2010/04/30 09:58:49 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010/04/30 09:58:40 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010/04/30 09:58:35 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys
[2010/04/30 09:58:33 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys
[2010/04/30 09:58:31 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys
[2010/04/30 09:58:29 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys
[2010/04/30 09:58:27 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys
[2010/04/30 09:58:25 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys
[2010/04/30 09:58:23 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys
[2010/04/30 09:58:21 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll
[2010/04/30 09:58:19 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys
[2010/04/30 09:58:17 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys
[2010/04/30 09:58:15 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys
[2010/04/30 09:58:13 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys
[2010/04/30 09:58:11 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys
[2010/04/30 09:58:07 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2010/04/30 09:58:05 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2010/04/30 09:58:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2010/04/30 09:58:01 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2010/04/30 09:57:59 | 000,025,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpn.sys
[2010/04/30 09:57:57 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2010/04/30 09:57:55 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2010/04/30 09:57:51 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2010/04/30 09:57:48 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2010/04/30 09:57:44 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2010/04/30 09:57:40 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2010/04/30 09:57:36 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2010/04/30 09:57:33 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2010/04/30 09:57:31 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2010/04/30 09:57:30 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2010/04/30 09:57:27 | 000,907,456 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys
[2010/04/30 09:57:26 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010/04/30 09:57:25 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2010/04/30 09:57:23 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2010/04/30 09:57:21 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2010/04/30 09:57:17 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys
[2010/04/30 09:57:15 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys
[2010/04/30 09:57:13 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll
[2010/04/30 09:57:11 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys
[2010/04/30 09:57:10 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll
[2010/04/30 09:57:08 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2010/04/30 09:57:05 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010/04/30 09:57:05 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010/04/30 09:57:02 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010/04/30 09:57:02 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010/04/30 09:57:00 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2010/04/30 09:56:58 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2010/04/30 09:56:56 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2010/04/30 09:56:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2010/04/30 09:56:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2010/04/30 09:56:53 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2010/04/30 09:56:51 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2010/04/30 09:56:49 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2010/04/30 09:56:48 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2010/04/30 09:56:46 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2010/04/30 09:56:46 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010/04/30 09:56:44 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2010/04/30 09:56:39 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010/04/30 09:56:39 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys
[2010/04/30 09:56:37 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2010/04/30 09:56:35 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys
[2010/04/30 09:56:33 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2010/04/30 09:56:32 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2010/04/30 09:56:29 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2010/04/30 09:56:27 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys
[2010/04/30 09:56:26 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/04/30 09:56:26 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010/04/30 09:56:24 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2010/04/30 09:56:22 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/04/30 09:56:22 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2010/04/30 09:56:21 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2010/04/30 09:56:21 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/04/30 09:56:19 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys
[2010/04/30 09:56:19 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2010/04/30 09:56:17 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2010/04/30 09:56:15 | 000,347,550 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2010/04/30 09:56:13 | 000,594,238 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys
[2010/04/30 09:56:11 | 000,595,647 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2010/04/30 09:56:10 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2010/04/30 09:56:08 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2010/04/30 09:56:07 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2010/04/30 09:56:05 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2010/04/30 09:56:04 | 000,061,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2010/04/30 09:56:02 | 000,051,200 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2010/04/30 09:56:00 | 000,053,248 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2010/04/30 09:55:59 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2010/04/30 09:55:57 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2010/04/30 09:55:56 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2010/04/30 09:55:55 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2010/04/30 09:55:53 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\enum1394.sys
[2010/04/30 09:55:52 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys
[2010/04/30 09:55:49 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2010/04/30 09:55:48 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2010/04/30 09:55:47 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2010/04/30 09:55:46 | 000,171,520 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2010/04/30 09:55:45 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2010/04/30 09:55:43 | 000,455,199 | ---- | C] (3Com Corporation.) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2010/04/30 09:55:42 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2010/04/30 09:55:41 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2010/04/30 09:55:40 | 000,241,206 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2010/04/30 09:55:39 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2010/04/30 09:55:38 | 000,634,134 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2010/04/30 09:55:37 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2010/04/30 09:55:36 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2010/04/30 09:55:35 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2010/04/30 09:55:34 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2010/04/30 09:55:33 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2010/04/30 09:55:31 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2010/04/30 09:55:31 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2010/04/30 09:55:30 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2010/04/30 09:55:29 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100b325.sys
[2010/04/30 09:55:28 | 000,050,719 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2010/04/30 09:55:23 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2010/04/30 09:55:21 | 000,020,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpti2o.sys
[2010/04/30 09:55:19 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2010/04/30 09:55:18 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2010/04/30 09:55:17 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2010/04/30 09:55:16 | 000,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys
[2010/04/30 09:55:16 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2010/04/30 09:55:12 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2010/04/30 09:55:12 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2010/04/30 09:55:11 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2010/04/30 09:55:10 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2010/04/30 09:55:06 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2010/04/30 09:55:05 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2010/04/30 09:55:04 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2010/04/30 09:55:03 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2010/04/30 09:55:02 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2010/04/30 09:55:01 | 000,614,429 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2010/04/30 09:55:00 | 000,042,432 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2010/04/30 09:54:59 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2010/04/30 09:54:58 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2010/04/30 09:54:57 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2010/04/30 09:54:56 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2010/04/30 09:54:55 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2010/04/30 09:54:54 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2010/04/30 09:54:53 | 000,090,525 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2010/04/30 09:54:52 | 000,103,044 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2010/04/30 09:54:51 | 000,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2010/04/30 09:54:51 | 000,037,735 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2010/04/30 09:54:50 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2010/04/30 09:54:48 | 000,419,357 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2010/04/30 09:54:47 | 000,029,531 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2010/04/30 09:54:46 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2010/04/30 09:54:45 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2010/04/30 09:54:44 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe
[2010/04/30 09:54:43 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll
[2010/04/30 09:54:42 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2010/04/30 09:54:41 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2010/04/30 09:54:40 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2010/04/30 09:54:39 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2010/04/30 09:54:38 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2010/04/30 09:54:37 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2010/04/30 09:54:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2010/04/30 09:54:34 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dac960nt.sys
[2010/04/30 09:54:33 | 000,179,584 | ---- | C] (Mylex Corporation) -- C:\WINDOWS\System32\dllcache\dac2w2k.sys
[2010/04/30 09:54:30 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2010/04/30 09:54:29 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2010/04/30 09:54:28 | 000,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2010/04/30 09:54:27 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2010/04/30 09:54:27 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2010/04/30 09:54:26 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2010/04/30 09:54:25 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2010/04/30 09:54:24 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2010/04/30 09:54:23 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2010/04/30 09:54:23 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2010/04/30 09:54:22 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2010/04/30 09:54:21 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2010/04/30 09:54:20 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2010/04/30 09:54:19 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2010/04/30 09:54:19 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2010/04/30 09:54:18 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2010/04/30 09:54:17 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll
[2010/04/30 09:54:16 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2010/04/30 09:54:15 | 000,096,256 | ---- | C] (Copyright © Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2010/04/30 09:54:15 | 000,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2010/04/30 09:54:14 | 000,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys
[2010/04/30 09:54:12 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll
[2010/04/30 09:54:11 | 000,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2010/04/30 09:54:10 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2010/04/30 09:54:10 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2010/04/30 09:54:09 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2010/04/30 09:54:09 | 000,021,533 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2010/04/30 09:54:08 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cpqarray.sys
[2010/04/30 09:54:07 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2010/04/30 09:54:07 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2010/04/30 09:54:07 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2010/04/30 09:54:03 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compbatt.sys
[2010/04/30 09:54:02 | 000,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2010/04/30 09:54:01 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2010/04/30 09:53:59 | 000,006,656 | ---- | C] (CMD Technology, Inc.) -- C:\WINDOWS\System32\dllcache\cmdide.sys
[2010/04/30 09:53:58 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2010/04/30 09:53:58 | 000,013,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmbatt.sys
[2010/04/30 09:53:57 | 000,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2010/04/30 09:53:56 | 000,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2010/04/30 09:53:56 | 000,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2010/04/30 09:53:55 | 000,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2010/04/30 09:53:55 | 000,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2010/04/30 09:53:53 | 000,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2010/04/30 09:53:51 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2010/04/30 09:53:49 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010/04/30 09:53:49 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010/04/30 09:53:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010/04/30 09:53:47 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010/04/30 09:53:47 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010/04/30 09:53:47 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010/04/30 09:53:47 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2010/04/30 09:53:45 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2010/04/30 09:53:45 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2010/04/30 09:53:44 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2010/04/30 09:53:44 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2010/04/30 09:53:43 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2010/04/30 09:53:41 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cd20xrnt.sys
[2010/04/30 09:53:40 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2010/04/30 09:53:40 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2010/04/30 09:53:39 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2010/04/30 09:53:39 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2010/04/30 09:53:37 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2010/04/30 09:53:37 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2010/04/30 09:53:36 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2010/04/30 09:53:36 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/04/30 09:53:35 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2010/04/30 09:53:35 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2010/04/30 09:53:34 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2010/04/30 09:53:34 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2010/04/30 09:53:33 | 000,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2010/04/30 09:53:33 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2010/04/30 09:53:32 | 000,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2010/04/30 09:53:32 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2010/04/30 09:53:31 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2010/04/30 09:53:31 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010/04/30 09:53:07 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2010/04/30 09:53:06 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2010/04/30 09:53:06 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2010/04/30 09:53:05 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2010/04/30 09:53:05 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2010/04/30 09:53:04 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2010/04/30 09:53:04 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2010/04/30 09:53:03 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2010/04/30 09:53:03 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2010/04/30 09:53:01 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2010/04/30 09:53:00 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2010/04/30 09:53:00 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2010/04/30 09:53:00 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2010/04/30 09:52:59 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2010/04/30 09:52:59 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2010/04/30 09:52:58 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2010/04/30 09:52:58 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2010/04/30 09:52:57 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2010/04/30 09:52:57 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2010/04/30 09:52:56 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2010/04/30 09:52:56 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2010/04/30 09:52:49 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2010/04/30 09:52:48 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2010/04/30 09:52:48 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2010/04/30 09:52:47 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2010/04/30 09:52:47 | 000,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys
[2010/04/30 09:52:47 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2010/04/30 09:52:46 | 000,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys
[2010/04/30 09:52:45 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\battc.sys
[2010/04/30 09:52:44 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2010/04/30 09:52:44 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2010/04/30 09:52:43 | 000,096,640 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys
[2010/04/30 09:52:43 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2010/04/30 09:52:42 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2010/04/30 09:52:41 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2010/04/30 09:52:41 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2010/04/30 09:52:40 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2010/04/30 09:52:39 | 000,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2010/04/30 09:52:39 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2010/04/30 09:52:37 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2010/04/30 09:52:34 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2010/04/30 09:52:28 | 000,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll
[2010/04/30 09:52:28 | 000,070,528 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys
[2010/04/30 09:52:26 | 000,289,664 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys
[2010/04/30 09:52:26 | 000,281,600 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys
[2010/04/30 09:52:26 | 000,075,136 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys
[2010/04/30 09:52:25 | 000,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll
[2010/04/30 09:52:25 | 000,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll
[2010/04/30 09:52:25 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2010/04/30 09:52:24 | 000,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll
[2010/04/30 09:52:21 | 000,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2010/04/30 09:52:21 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2010/04/30 09:52:20 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2010/04/30 09:52:20 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2010/04/30 09:52:20 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2010/04/30 09:52:19 | 000,014,848 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc3550.sys
[2010/04/30 09:52:18 | 000,026,496 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc.sys
[2010/04/30 09:52:18 | 000,022,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asc3350p.sys
[2010/04/30 09:52:15 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2010/04/30 09:52:15 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2010/04/30 09:52:14 | 000,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\amsint.sys
[2010/04/30 09:52:13 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys
[2010/04/30 09:52:13 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2010/04/30 09:52:13 | 000,005,248 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\aliide.sys
[2010/04/30 09:52:12 | 000,056,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78xx.sys
[2010/04/30 09:52:12 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys
[2010/04/30 09:52:11 | 000,055,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78u2.sys
[2010/04/30 09:52:11 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aha154x.sys
[2010/04/30 09:52:07 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2010/04/30 09:52:06 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010/04/30 09:52:05 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adpu160m.sys
[2010/04/30 09:52:05 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2010/04/30 09:52:04 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2010/04/30 09:52:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2010/04/30 09:52:03 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2010/04/30 09:52:03 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2010/04/30 09:52:02 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2010/04/30 09:52:02 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2010/04/30 09:52:02 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2010/04/30 09:52:01 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2010/04/30 09:52:01 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2010/04/30 09:52:00 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2010/04/30 09:52:00 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2010/04/30 09:51:59 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2010/04/30 09:51:59 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2010/04/30 09:51:59 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\abp480n5.sys
[2010/04/30 09:51:58 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2010/04/30 09:51:58 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2010/04/30 09:51:57 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2010/04/30 09:51:57 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2010/04/30 09:51:57 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2010/04/30 09:51:56 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2010/04/30 09:51:56 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2010/04/30 09:51:56 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2010/04/30 09:51:55 | 000,053,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394bus.sys
[2010/04/30 09:51:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2010/04/30 09:51:41 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2010/04/30 09:51:24 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2010/04/30 09:51:23 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2010/04/30 09:51:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2010/04/30 09:51:22 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2010/04/30 09:51:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2010/04/30 09:51:21 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2010/04/30 09:51:13 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2010/04/30 07:54:28 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/04/30 05:57:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2010/04/29 19:26:06 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2010/04/29 19:05:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\moosoft
[2010/04/29 17:46:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\F-Secure
[2010/04/29 15:25:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\Desktop\bleeping computers file to post
[2010/04/29 15:21:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\Desktop\gmer
[2010/04/29 09:08:05 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2010/04/29 09:08:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2010/04/29 09:08:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2010/04/29 09:08:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2010/04/29 09:08:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2010/04/29 09:08:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2010/04/29 09:08:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2010/04/29 09:08:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2010/04/29 09:08:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2010/04/29 09:08:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2010/04/29 09:08:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2010/04/29 09:08:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2010/04/29 09:08:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2010/04/29 09:08:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2010/04/29 09:08:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2010/04/29 09:08:00 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2010/04/29 09:07:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2010/04/29 09:07:59 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2010/04/29 09:07:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2010/04/29 09:07:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2010/04/29 09:07:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2010/04/29 09:07:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2010/04/29 09:07:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2010/04/29 09:07:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2010/04/29 09:07:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2010/04/29 09:07:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2010/04/29 09:05:47 | 000,000,000 | ---D | C] -- C:\I386
[2010/04/29 08:39:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\Application Data\ElevatedDiagnostics
[2010/04/29 08:29:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\Application Data\thecleaner
[2010/04/29 08:28:52 | 000,000,000 | ---D | C] -- C:\Program Files\The Cleaner
[2010/04/29 05:51:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\Application Data\SUPERAntiSpyware.com
[2010/04/28 21:27:06 | 000,000,000 | ---D | C] -- C:\Program Files\a-squared Free
[2010/04/28 21:21:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/04/28 21:21:26 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/04/28 20:58:01 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rundll32.exe
[2010/04/28 18:02:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/04/28 17:32:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/04/26 23:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl
[2010/04/26 07:18:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\My Documents\ConvertXtoDVD
[2010/04/22 09:43:54 | 000,000,000 | ---D | C] -- C:\Program Files\Web Publish
[2010/04/22 08:43:14 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\setdebug.exe
[2010/04/22 08:43:12 | 000,140,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jit.dll
[2010/04/22 08:43:10 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\javaee.dll
[2010/04/22 08:43:07 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx3j.dll
[2010/04/22 08:40:50 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\wjview.exe
[2010/04/22 08:40:48 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vmhelper.dll
[2010/04/22 08:40:47 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjdbc10.dll
[2010/04/22 08:40:44 | 000,155,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msawt.dll
[2010/04/22 08:40:42 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\jview.exe
[2010/04/22 08:40:40 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\jdbgmgr.exe
[2010/04/22 08:40:37 | 000,361,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\javart.dll
[2010/04/22 08:40:36 | 000,032,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\javaprxy.dll
[2010/04/22 08:40:34 | 000,209,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\javacypt.dll
[2010/04/22 08:40:32 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\clspack.exe
[2010/04/22 08:40:14 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\extrac32.exe
[2010/04/21 16:05:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/04/21 09:11:49 | 000,000,000 | ---D | C] -- C:\Program Files\FILE RECOVERY for Windows
[2010/04/21 08:45:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\iestyn\My Documents\R-TT
[2010/04/21 08:34:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010/04/19 20:22:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/04/19 20:15:42 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/04/19 20:09:18 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2008/09/22 20:05:05 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[11 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/05/12 18:49:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2A7D0781-5E3A-44CA-8462-D8FEB64DD6E1}.job
[2010/05/12 18:38:02 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/12 16:26:36 | 010,747,904 | ---- | M] () -- C:\Documents and Settings\iestyn\ntuser.dat
[2010/05/12 15:58:58 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/05/12 15:57:47 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\iestyn\Desktop\OTL.exe
[2010/05/12 15:47:03 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/12 15:45:23 | 000,267,644 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/05/12 15:45:07 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/12 15:45:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/12 15:44:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/10 11:10:03 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/05/10 11:07:15 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010/05/10 11:04:34 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/05/10 10:58:48 | 000,009,216 | ---- | M] () -- C:\Documents and Settings\iestyn\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/05/10 10:57:57 | 097,364,760 | ---- | M] (Lavasoft ) -- C:\Documents and Settings\iestyn\Desktop\Ad-AwareInstaller.exe
[2010/05/10 09:55:24 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\iestyn\ntuser.ini
[2010/05/10 09:54:31 | 000,392,355 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2010/05/10 09:49:24 | 000,000,247 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/05/10 09:33:51 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/10 09:26:44 | 1905,387,552 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2010/05/10 09:26:44 | 022,322,228 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2010/05/09 20:13:19 | 000,001,044 | ---- | M] () -- C:\Documents and Settings\iestyn\Application Data\vso_ts_preview.xml
[2010/05/09 18:27:48 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Spyware Terminator.lnk
[2010/05/09 17:56:53 | 000,142,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010/05/09 17:29:07 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\iestyn\Local Settings\Application Data\housecall.guid.cache
[2010/05/09 17:11:45 | 000,033,920 | ---- | M] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2010/05/09 12:39:04 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2010/05/08 18:28:21 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/05/08 18:28:21 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/05/08 18:28:20 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/05/08 18:28:20 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/05/08 18:28:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/05/07 10:31:05 | 000,002,293 | ---- | M] () -- C:\Documents and Settings\iestyn\Desktop\Macromedia Dreamweaver 8.lnk
[2010/05/07 10:10:17 | 121,317,590 | ---- | M] () -- C:\Documents and Settings\iestyn\My Documents\Firefox 3.6.3 (en-GB) - 2010-05-07.pcv
[2010/05/07 09:02:28 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100510-095431.backup
[2010/05/07 08:47:21 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/05/07 08:41:57 | 003,683,950 | R--- | M] () -- C:\Documents and Settings\iestyn\Desktop\ComboFix.exe
[2010/05/07 06:14:32 | 000,724,952 | ---- | M] () -- C:\Documents and Settings\iestyn\Desktop\avenger.zip
[2010/05/07 05:49:31 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/05/06 21:59:36 | 000,165,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/05/06 21:39:23 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/05/06 21:39:00 | 000,164,048 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/05/06 21:34:27 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/05/06 21:33:59 | 000,100,432 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/05/06 21:33:55 | 000,094,800 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/05/06 21:33:47 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/05/06 21:33:29 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/05/06 18:20:56 | 000,001,669 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Webroot AntiVirus.lnk
[2010/05/06 18:20:56 | 000,000,841 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/05/06 18:11:59 | 000,000,164 | ---- | M] () -- C:\WINDOWS\install.dat
[2010/05/05 18:01:43 | 004,736,656 | -H-- | M] () -- C:\Documents and Settings\iestyn\Local Settings\Application Data\IconCache.db
[2010/05/05 13:53:11 | 000,393,014 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100506-170403.backup
[2010/04/30 11:41:25 | 000,392,888 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100505-135311.backup
[2010/04/30 09:51:23 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\iestyn\Desktop\HijackThis.lnk
[2010/04/30 08:00:35 | 000,000,051 | ---- | M] () -- C:\WINDOWS\iTouch.ini
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/29 15:20:48 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\iestyn\Desktop\gmer.zip
[2010/04/29 15:19:47 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\iestyn\Desktop\dds.scr
[2010/04/29 15:19:04 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\iestyn\defogger_reenable
[2010/04/29 15:18:36 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\iestyn\Desktop\Defogger.exe
[2010/04/29 08:29:00 | 000,000,645 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Cleaner 2011.lnk
[2010/04/29 06:00:01 | 000,393,014 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100429-060654.backup
[2010/04/28 21:27:25 | 000,000,648 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\a-squared Free.lnk
[2010/04/28 21:21:30 | 000,000,780 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/04/28 20:00:36 | 000,000,284 | ---- | M] () -- C:\WINDOWS\reimage.ini
[2010/04/28 19:07:15 | 000,363,520 | ---- | M] () -- C:\Documents and Settings\iestyn\My Documents\rkill.exe
[2010/04/28 17:20:36 | 000,000,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100429-060001.backup
[2010/04/28 16:56:08 | 000,001,956 | -HS- | M] () -- C:\Documents and Settings\iestyn\Local Settings\Application Data\8rMjiIiS5Lohx
[2010/04/28 16:56:08 | 000,001,956 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\8rMjiIiS5Lohx
[2010/04/26 23:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl
[2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010/04/23 13:33:25 | 000,392,654 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100428-163706.backup
[2010/04/23 13:11:44 | 000,000,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100423-133325.backup
[2010/04/22 09:46:51 | 000,000,126 | ---- | M] () -- C:\WINDOWS\mdm.ini
[2010/04/22 09:46:37 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/04/22 09:46:37 | 000,000,750 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/04/22 09:46:18 | 000,000,117 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/04/22 09:44:08 | 000,001,309 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/04/21 16:06:07 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/04/21 15:59:03 | 000,391,896 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100422-071929.backup
[2010/04/21 15:56:03 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\iestyn\Desktop\SpywareBlaster.lnk
[2010/04/21 08:35:50 | 000,002,329 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SeaTools for Windows.lnk
[2010/04/19 20:09:20 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\iestyn\Desktop\PeerBlock.lnk
[2010/04/19 20:06:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/04/19 14:49:42 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/04/14 17:47:23 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[11 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/05/12 15:31:55 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/05/10 11:07:15 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010/05/10 11:05:12 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/10 11:05:11 | 000,000,880 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/10 11:04:34 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/05/09 18:27:48 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Spyware Terminator.lnk
[2010/05/09 17:56:52 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2010/05/09 17:29:07 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\iestyn\Local Settings\Application Data\housecall.guid.cache
[2010/05/09 17:11:45 | 000,033,920 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2010/05/07 10:03:14 | 121,317,590 | ---- | C] () -- C:\Documents and Settings\iestyn\My Documents\Firefox 3.6.3 (en-GB) - 2010-05-07.pcv
[2010/05/07 08:47:20 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/05/07 08:47:15 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/05/07 08:45:33 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/05/07 08:45:33 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/05/07 08:45:33 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/05/07 08:45:33 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/05/07 08:45:33 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/05/07 08:41:45 | 003,683,950 | R--- | C] () -- C:\Documents and Settings\iestyn\Desktop\ComboFix.exe
[2010/05/07 06:14:31 | 000,724,952 | ---- | C] () -- C:\Documents and Settings\iestyn\Desktop\avenger.zip
[2010/05/06 18:20:56 | 000,001,669 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Webroot AntiVirus.lnk
[2010/05/05 13:35:51 | 000,000,164 | ---- | C] () -- C:\WINDOWS\install.dat
[2010/04/30 10:15:23 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2010/04/30 10:15:20 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2010/04/30 10:14:55 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/04/30 10:05:29 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2010/04/30 10:05:25 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2010/04/30 10:05:21 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/04/30 10:05:21 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/04/30 10:01:52 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2010/04/30 10:00:29 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/04/30 10:00:27 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/04/30 09:59:36 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/04/30 09:57:53 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2010/04/30 09:57:49 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2010/04/30 09:57:46 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2010/04/30 09:57:42 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2010/04/30 09:57:38 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2010/04/30 09:57:26 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/04/30 09:55:09 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2010/04/30 09:55:08 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2010/04/30 09:55:07 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2010/04/30 09:53:30 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010/04/30 09:53:30 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010/04/30 09:53:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/04/30 09:53:29 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/04/30 09:53:28 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010/04/30 09:53:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010/04/30 09:53:27 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010/04/30 09:53:25 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/04/30 09:53:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/04/30 09:53:25 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/04/30 09:53:24 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/04/30 09:53:24 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/04/30 09:53:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/04/30 09:53:24 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/04/30 09:53:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/04/30 09:53:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/04/30 09:53:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/04/30 09:53:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/04/30 09:53:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/04/30 09:53:22 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/04/30 09:53:18 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/04/30 09:53:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/04/30 09:53:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/04/30 09:53:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/04/30 09:53:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/04/30 09:53:17 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/04/30 09:53:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/04/30 09:53:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/04/30 09:53:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/04/30 09:53:16 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/04/30 09:53:15 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/04/30 09:53:15 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/04/30 09:53:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/04/30 09:53:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/04/30 09:53:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/04/30 09:53:14 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/04/30 09:53:14 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/04/30 09:53:14 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/04/30 09:53:14 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/04/30 09:53:13 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/04/30 09:53:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/04/30 09:53:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/04/30 09:53:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/04/30 09:53:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/04/30 09:53:12 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/04/30 09:53:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/04/30 09:53:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/04/30 09:53:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/04/30 09:53:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/04/30 09:53:11 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/04/30 09:53:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/04/30 09:53:10 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010/04/30 09:53:09 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/04/30 09:53:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010/04/30 09:53:09 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010/04/30 09:53:08 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/04/30 09:53:08 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/04/30 09:53:08 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/04/30 09:52:56 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/04/30 09:52:49 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/04/30 09:52:32 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2010/04/30 09:52:31 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2010/04/30 09:52:30 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2010/04/30 09:52:30 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2010/04/30 09:52:29 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2010/04/30 09:52:29 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2010/04/30 09:52:29 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2010/04/30 09:52:28 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2010/04/30 09:52:27 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2010/04/30 09:52:24 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2010/04/30 07:54:28 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\iestyn\Desktop\HijackThis.lnk
[2010/04/29 15:20:47 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\iestyn\Desktop\gmer.zip
[2010/04/29 15:19:45 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\iestyn\Desktop\dds.scr
[2010/04/29 15:19:04 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\iestyn\defogger_reenable
[2010/04/29 15:18:36 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\iestyn\Desktop\Defogger.exe
[2010/04/29 08:37:51 | 000,009,216 | ---- | C] () -- C:\Documents and Settings\iestyn\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/29 08:29:00 | 000,000,645 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\The Cleaner 2011.lnk
[2010/04/28 21:27:25 | 000,000,648 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\a-squared Free.lnk
[2010/04/28 21:21:30 | 000,000,780 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2010/04/28 20:00:16 | 000,000,284 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2010/04/28 19:07:12 | 000,363,520 | ---- | C] () -- C:\Documents and Settings\iestyn\My Documents\rkill.exe
[2010/04/28 16:55:49 | 000,001,956 | -HS- | C] () -- C:\Documents and Settings\iestyn\Local Settings\Application Data\8rMjiIiS5Lohx
[2010/04/28 16:55:49 | 000,001,956 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\8rMjiIiS5Lohx
[2010/04/22 09:46:50 | 000,000,126 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2010/04/22 08:43:11 | 000,007,356 | ---- | C] () -- C:\WINDOWS\System32\javasup.vxd
[2010/04/22 08:43:10 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2010/04/22 08:40:53 | 000,000,113 | ---- | C] () -- C:\WINDOWS\System32\zonedon.reg
[2010/04/22 08:40:52 | 000,000,113 | ---- | C] () -- C:\WINDOWS\System32\zonedoff.reg
[2010/04/22 08:40:38 | 000,021,444 | ---- | C] () -- C:\WINDOWS\System32\javasec.hlp
[2010/04/22 08:40:35 | 000,011,403 | ---- | C] () -- C:\WINDOWS\System32\javaperm.hlp
[2010/04/21 16:06:07 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/04/21 08:35:29 | 000,002,329 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SeaTools for Windows.lnk
[2010/04/19 20:09:20 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\iestyn\Desktop\PeerBlock.lnk
[2010/03/17 21:59:56 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2010/02/25 18:28:19 | 000,000,051 | ---- | C] () -- C:\WINDOWS\iTouch.ini
[2010/02/10 18:21:02 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\GIF89.DLL
[2010/02/10 18:21:00 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009/12/16 22:38:15 | 000,000,010 | ---- | C] () -- C:\WINDOWS\Syskernel12.dll
[2009/11/06 12:00:28 | 000,031,088 | ---- | C] () -- C:\WINDOWS\System32\wrLZMA.dll
[2009/10/27 19:20:34 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2009/10/25 20:19:04 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/05/14 20:04:38 | 000,003,584 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/03/15 09:03:51 | 000,000,145 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2008/11/21 00:55:28 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/11/21 00:55:28 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/11/08 11:48:15 | 000,000,750 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/10/26 12:04:46 | 000,001,480 | ---- | C] () -- C:\WINDOWS\ARCHPR.INI
[2008/10/16 21:37:10 | 000,156,672 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2008/10/16 21:36:05 | 000,005,521 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008/10/16 21:35:59 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008/10/16 21:35:50 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008/10/16 11:55:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008/10/15 14:42:42 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/09/22 20:05:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2008/09/22 20:05:25 | 000,000,231 | ---- | C] () -- C:\WINDOWS\AC3API.INI
[2008/09/22 20:05:07 | 000,067,428 | ---- | C] () -- C:\WINDOWS\System32\LudaP17.ini
[2008/09/22 20:05:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2008/09/22 20:05:06 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[2008/09/22 20:05:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll
[2008/05/02 22:46:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2001/07/07 04:00:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[1999/01/22 14:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/06/10 00:00:00 | 000,015,120 | ---- | C] () -- C:\WINDOWS\System32\REPUTIL.DLL
[1998/05/18 00:00:00 | 000,014,017 | ---- | C] () -- C:\WINDOWS\JAUTOEXP.INI
[1998/04/24 00:00:00 | 000,000,218 | ---- | C] () -- C:\WINDOWS\FRONTPG.INI
[1996/04/03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2010/02/04 16:53:47 | 002,954,656 | ---- | M] (Lavasoft ) -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe
[2010/05/10 11:04:54 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
[2010/05/10 11:06:14 | 000,057,409 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
[2010/05/10 11:06:26 | 000,054,128 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
[2010/05/10 11:06:27 | 000,054,153 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
[2009/10/28 14:18:58 | 000,530,158 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe
[2009/10/28 14:20:10 | 000,530,158 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe
[2010/05/10 11:06:29 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
[2010/05/10 11:08:06 | 000,056,766 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
[2010/05/10 11:06:28 | 000,054,174 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
[2010/05/10 11:06:31 | 000,057,532 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
[2010/05/10 11:06:32 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
[2010/05/10 11:06:33 | 000,057,054 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
[2010/05/10 11:06:15 | 000,054,101 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
[2010/05/10 11:06:13 | 000,052,963 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
[2010/05/10 11:07:49 | 000,057,679 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Player\Uninstaller.exe
[2010/05/10 11:04:58 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
[2010/05/10 11:02:49 | 000,144,696 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe
[2010/05/10 10:59:35 | 001,180,952 | ---- | M] (DivX, Inc. ) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
[2010/05/10 11:06:24 | 000,054,629 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
[2010/05/10 11:06:43 | 000,084,040 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
[2010/05/10 11:07:49 | 000,053,600 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe
[2010/05/10 11:08:05 | 000,056,978 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
[2010/05/10 11:09:36 | 001,285,864 | ---- | M] (Lavasoft) -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe
[2010/05/10 11:09:37 | 000,834,248 | ---- | M] (Lavasoft) -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe
[2010/05/10 11:09:37 | 000,755,096 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWWSC.exe
[2010/05/10 11:09:38 | 001,598,464 | ---- | M] (Lavasoft) -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
[2010/05/10 11:09:39 | 000,871,320 | ---- | M] (Lavasoft ) -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
[2010/05/10 11:09:39 | 000,866,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
[2010/05/10 11:10:02 | 000,015,880 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lsdelete.exe
[2010/05/10 11:10:03 | 000,893,952 | ---- | M] (Lavasoft) -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\threatwork.exe
[2010/04/30 06:17:06 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
[2010/05/09 17:56:53 | 000,006,144 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe


< MD5 for: AGP440.SYS >
[2004/08/04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys
[2004/08/04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/09/22 21:34:24 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/09/22 21:34:24 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2004/08/04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/09/22 21:34:24 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/09/22 21:34:24 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008/04/14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008/04/14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: NVATA.SYS >
[2006/04/24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\Win2K\sata_ide\nvata.sys
[2006/04/24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\WinXP\sata_ide\nvata.sys
[2006/04/24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\WINDOWS\system32\drivers\nvata.sys

< MD5 for: NVATABUS.SYS >
[2006/04/24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\Win2K\legacy\nvatabus.sys
[2006/04/24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\Win2K\sataraid\nvatabus.sys
[2006/04/24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\WinXP\legacy\nvatabus.sys
[2006/04/24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\WinXP\sataraid\nvatabus.sys

< MD5 for: NVGTS.SYS >
[2008/08/18 19:54:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=37954CD1D0AFC11BECD149F7C3EC88C2 -- C:\NVIDIA\nForceWin2k\15.23\IS\IDE\WinXP\sataraid\nvgts.sys
[2008/01/25 20:01:06 | 000,132,096 | ---- | M] (NVIDIA Corporation) MD5=A117466B0ACB13288DEEE4F2E936E67F -- C:\NVIDIA\nForceWin2k\15.17\IS\IDE\WinXP\sata_ide\Floppy\Disk1\nvgts.sys
[2008/01/25 20:01:06 | 000,132,096 | ---- | M] (NVIDIA Corporation) MD5=A117466B0ACB13288DEEE4F2E936E67F -- C:\NVIDIA\nForceWin2k\15.17\IS\IDE\WinXP\sata_ide\nvgts.sys
[2008/01/25 20:01:06 | 000,132,096 | ---- | M] (NVIDIA Corporation) MD5=A117466B0ACB13288DEEE4F2E936E67F -- C:\NVIDIA\nForceWin2k\15.17\IS\IDE\WinXP\sataraid\Floppy\Disk1\nvgts.sys
[2008/01/25 20:01:06 | 000,132,096 | ---- | M] (NVIDIA Corporation) MD5=A117466B0ACB13288DEEE4F2E936E67F -- C:\NVIDIA\nForceWin2k\15.17\IS\IDE\WinXP\sataraid\nvgts.sys
[2008/08/18 19:54:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=EA98BFE4931BD13D747D647C1859796E -- C:\NVIDIA\nForceWin2k\15.23\IS\IDE\WinXP\sata_ide\nvgts.sys
[2008/08/18 19:54:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=EA98BFE4931BD13D747D647C1859796E -- C:\WINDOWS\system32\drivers\nvgts.sys
[2008/08/18 19:54:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=EA98BFE4931BD13D747D647C1859796E -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\nvgts.sys
[2008/08/18 19:54:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) MD5=EA98BFE4931BD13D747D647C1859796E -- C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\nvgts.sys

< MD5 for: NVRD32.SYS >
[2008/01/25 20:01:00 | 000,125,440 | ---- | M] (NVIDIA Corporation) MD5=B71BFBC2FE958A6DA1E31357E03AD545 -- C:\NVIDIA\nForceWin2k\15.17\IS\IDE\WinXP\sataraid\Floppy\Disk1\nvrd32.sys
[2008/01/25 20:01:00 | 000,125,440 | ---- | M] (NVIDIA Corporation) MD5=B71BFBC2FE958A6DA1E31357E03AD545 -- C:\NVIDIA\nForceWin2k\15.17\IS\IDE\WinXP\sataraid\nvrd32.sys
[2008/08/18 19:54:00 | 000,133,152 | ---- | M] (NVIDIA Corporation) MD5=BEF704AA9E17D176A46DDF77C6A52194 -- C:\NVIDIA\nForceWin2k\15.23\IS\IDE\WinXP\sataraid\nvrd32.sys

< MD5 for: SCECLI.DLL >
[2004/08/04 13:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008/04/14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008/04/14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2010/05/08 18:28:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\deployJava1.dll
[2009/11/06 12:00:28 | 000,031,088 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\wrLZMA.dll
[11 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1AAB2E68
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >


#8 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:08:52 PM

Posted 15 May 2010 - 02:20 PM

Hi-

I noticed from the logs that you have already run ComboFix and Avenger. In your reply, please copy in all the ComboFixn.txt logs (where 'n' is a number) under C:\qoobox\ and the avenger.txt log located under C:\.

Thanks,
Shannon

#9 cats_rule

cats_rule
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 18 May 2010 - 09:53 AM

ComboFix 10-05-06.04 - iestyn 07/05/2010 8:49.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.3071.2007 [GMT 1:00]
Running from: c:\documents and settings\iestyn\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Webroot AntiVirus with Spy Sweeper *On-access scanning disabled* (Updated) {77E10C7F-2CCA-4187-9394-BDBC267AD597}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Start Menu\Programs\Error Repair Professional
c:\documents and settings\All Users\Start Menu\Programs\Error Repair Professional\Error Repair Professional.lnk
c:\documents and settings\All Users\Start Menu\Programs\Error Repair Professional\Uninstall Error Repair Professional.lnk
c:\documents and settings\iestyn\Application Data\.#
c:\documents and settings\iestyn\Application Data\.#\MBX@664@3837D8.###
c:\documents and settings\iestyn\Application Data\.#\MBX@664@3837E8.###
c:\documents and settings\iestyn\Application Data\.#\MBX@9EC@3839D0.###
c:\documents and settings\iestyn\Application Data\.#\MBX@9EC@3839E0.###
c:\documents and settings\iestyn\Application Data\.#\MBX@AE0@3839D0.###
c:\documents and settings\iestyn\Application Data\.#\MBX@AE0@3839E0.###
c:\documents and settings\iestyn\Application Data\inst.exe
c:\windows\system32\1.tmp
c:\windows\system32\Cache
c:\windows\system32\Data
c:\windows\system32\dumphive.exe
c:\windows\system32\kw.dat
c:\windows\system32\Process.exe
c:\windows\system32\skinboxer43.dll
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF


((((((((((((((((((((((((( Files Created from 2010-04-07 to 2010-05-07 )))))))))))))))))))))))))))))))
.

2010-05-06 17:24 . 2010-05-06 17:24 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2010-05-06 17:19 . 2010-05-06 17:19 -------- d-----w- c:\program files\MSSOAP
2010-05-06 17:18 . 2009-11-06 14:19 1563008 ----a-w- c:\windows\WRSetup.dll
2010-05-06 17:18 . 2010-05-06 17:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Webroot
2010-05-06 17:18 . 2010-05-06 17:18 -------- d-----w- c:\program files\Webroot
2010-05-06 17:18 . 2010-05-06 17:18 -------- d-----w- c:\documents and settings\iestyn\Application Data\Webroot
2010-05-05 12:35 . 2010-05-06 17:11 164 ----a-w- c:\windows\install.dat
2010-04-30 10:51 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-04-30 09:15 . 2008-04-14 00:12 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-04-30 09:15 . 2001-08-17 21:36 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-04-30 09:15 . 2008-04-14 00:12 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-04-30 09:15 . 2001-08-17 21:37 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-04-30 09:15 . 2001-08-17 21:37 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-04-30 09:14 . 2001-08-17 21:37 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2010-04-30 09:14 . 2001-08-17 11:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-04-30 09:14 . 2004-08-03 21:29 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2010-04-30 09:14 . 2004-08-03 21:29 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2010-04-30 09:14 . 2008-04-14 00:12 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2010-04-30 09:14 . 2008-04-13 18:36 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys
2010-04-30 09:14 . 2004-08-03 21:31 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2010-04-30 09:14 . 2001-08-17 11:12 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2010-04-30 09:14 . 2001-08-17 12:28 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2010-04-30 09:14 . 2001-08-17 21:36 53760 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2010-04-30 09:12 . 2001-08-17 12:28 113762 -c--a-w- c:\windows\system32\dllcache\usrpda.sys
2010-04-30 09:11 . 2001-08-17 12:48 11520 -c--a-w- c:\windows\system32\dllcache\twotrack.sys
2010-04-30 09:10 . 2001-08-17 11:13 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys
2010-04-30 09:09 . 2001-08-17 11:18 285760 -c--a-w- c:\windows\system32\dllcache\stlnata.sys
2010-04-30 09:08 . 2001-08-17 11:12 24576 -c--a-w- c:\windows\system32\dllcache\smc8000n.sys
2010-04-30 09:07 . 2001-07-21 13:29 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys
2010-04-30 09:06 . 2001-08-17 13:56 210496 -c--a-w- c:\windows\system32\dllcache\s3mvirge.dll
2010-04-30 09:05 . 2004-08-04 12:00 9728 -c--a-w- c:\windows\system32\dllcache\query.exe
2010-04-30 09:04 . 2001-08-17 13:04 75776 -c--a-w- c:\windows\system32\dllcache\philcam1.sys
2010-04-30 09:03 . 2001-08-17 13:05 48000 -c--a-w- c:\windows\system32\dllcache\ovcam2.sys
2010-04-30 09:02 . 2001-08-17 12:49 15872 -c--a-w- c:\windows\system32\dllcache\ne2000.sys
2010-04-30 09:01 . 2001-08-17 13:02 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys
2010-04-30 09:00 . 2001-08-17 12:28 797500 -c--a-w- c:\windows\system32\dllcache\ltsmt.sys
2010-04-30 08:59 . 2001-08-17 12:49 23552 -c--a-w- c:\windows\system32\dllcache\irmk7.sys
2010-04-30 08:58 . 2001-08-17 11:11 28700 -c--a-w- c:\windows\system32\dllcache\ibmexmp.sys
2010-04-30 08:57 . 2001-08-17 13:07 25952 -c--a-w- c:\windows\system32\dllcache\hpn.sys
2010-04-30 08:56 . 2001-08-17 11:15 455296 -c--a-w- c:\windows\system32\dllcache\fusbbase.sys
2010-04-30 08:55 . 2001-08-17 11:17 629952 -c--a-w- c:\windows\system32\dllcache\eqn.sys
2010-04-30 08:54 . 2001-08-17 21:36 110621 -c--a-w- c:\windows\system32\dllcache\digirlpt.dll
2010-04-30 08:53 . 2001-08-17 12:51 6656 -c--a-w- c:\windows\system32\dllcache\cmdide.sys
2010-04-30 08:52 . 2001-08-17 21:36 81408 -c--a-w- c:\windows\system32\dllcache\brmfcwia.dll
2010-04-30 08:51 . 2004-08-03 21:32 231552 -c--a-w- c:\windows\system32\dllcache\ac97ali.sys
2010-04-30 06:54 . 2010-04-30 06:54 -------- d-----w- c:\program files\Trend Micro
2010-04-29 18:26 . 2010-04-29 18:26 -------- d-----w- c:\program files\Sophos
2010-04-29 18:05 . 2010-05-06 17:24 -------- d-----w- c:\documents and settings\All Users\Application Data\moosoft
2010-04-29 16:46 . 2010-04-29 16:46 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure
2010-04-29 08:07 . 2004-08-04 12:00 5632 -c--a-w- c:\windows\system32\dllcache\kbdheb.dll
2010-04-29 08:07 . 2004-08-04 12:00 5120 -c--a-w- c:\windows\system32\dllcache\kbdgeo.dll
2010-04-29 08:07 . 2004-08-04 12:00 5632 -c--a-w- c:\windows\system32\dllcache\kbdfa.dll
2010-04-29 08:07 . 2004-08-04 12:00 5632 -c--a-w- c:\windows\system32\dllcache\kbddiv2.dll
2010-04-29 08:07 . 2004-08-04 12:00 5632 -c--a-w- c:\windows\system32\dllcache\kbddiv1.dll
2010-04-29 08:07 . 2004-08-04 12:00 5120 -c--a-w- c:\windows\system32\dllcache\kbdarmw.dll
2010-04-29 08:07 . 2004-08-04 12:00 5120 -c--a-w- c:\windows\system32\dllcache\kbdarme.dll
2010-04-29 08:07 . 2004-08-04 12:00 5632 -c--a-w- c:\windows\system32\dllcache\kbda3.dll
2010-04-29 08:07 . 2004-08-04 12:00 5632 -c--a-w- c:\windows\system32\dllcache\kbda2.dll
2010-04-29 08:07 . 2004-08-04 12:00 5632 -c--a-w- c:\windows\system32\dllcache\kbda1.dll
2010-04-29 08:05 . 2010-04-29 08:13 -------- d-----w- C:\I386
2010-04-29 07:39 . 2010-04-29 07:39 -------- d-----w- c:\documents and settings\iestyn\Application Data\ElevatedDiagnostics
2010-04-29 07:29 . 2010-04-29 07:29 -------- d-----w- c:\documents and settings\iestyn\Application Data\thecleaner
2010-04-29 07:28 . 2010-05-07 05:23 -------- d-----w- c:\program files\The Cleaner
2010-04-29 04:53 . 2010-04-29 04:53 52224 ----a-w- c:\documents and settings\iestyn\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-04-29 04:53 . 2010-05-07 04:26 117760 ----a-w- c:\documents and settings\iestyn\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-04-29 04:51 . 2010-04-29 04:51 -------- d-----w- c:\documents and settings\iestyn\Application Data\SUPERAntiSpyware.com
2010-04-28 20:27 . 2010-05-07 05:14 -------- d-----w- c:\program files\a-squared Free
2010-04-28 20:22 . 2010-04-28 20:22 52224 ----a-w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-04-28 20:22 . 2010-04-28 20:22 117760 ----a-w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-04-28 20:21 . 2010-04-28 20:21 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-04-28 20:21 . 2010-04-30 08:17 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-04-28 20:21 . 2010-04-28 20:21 -------- d-----w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2010-04-28 19:58 . 2004-08-03 23:56 33280 -c--a-w- c:\windows\system32\dllcache\rundll32.exe
2010-04-28 19:58 . 2004-08-03 23:56 33280 ----a-w- c:\windows\system32\rundll32.exe
2010-04-28 17:19 . 2010-04-28 17:19 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2010-04-22 08:43 . 2010-04-22 08:43 -------- d-----w- c:\program files\Web Publish
2010-04-22 07:43 . 1998-06-02 11:41 42496 ----a-w- c:\windows\setdebug.exe
2010-04-22 07:43 . 1998-06-02 13:45 140048 ----a-w- c:\windows\system32\jit.dll
2010-04-22 07:43 . 1998-06-02 11:29 135168 ----a-w- c:\windows\system32\javaee.dll
2010-04-22 07:43 . 1998-06-02 10:57 6550 ----a-w- c:\windows\jautoexp.dat
2010-04-22 07:43 . 1998-06-02 10:56 313856 ----a-w- c:\windows\system32\dx3j.dll
2010-04-21 15:05 . 2010-04-21 15:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-04-21 08:11 . 2010-04-21 08:12 -------- d-----w- c:\program files\FILE RECOVERY for Windows
2010-04-21 07:34 . 2010-04-28 20:21 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-04-19 19:22 . 2010-04-19 19:23 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-04-19 19:15 . 2010-04-19 19:16 -------- d-----w- c:\program files\QuickTime
2010-04-19 19:09 . 2010-04-21 05:59 -------- d-----w- c:\program files\PeerBlock
2010-04-11 08:17 . 2010-04-11 08:17 503808 ----a-w- c:\documents and settings\iestyn\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1f6dd386-n\msvcp71.dll
2010-04-11 08:17 . 2010-04-11 08:17 499712 ----a-w- c:\documents and settings\iestyn\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1f6dd386-n\jmc.dll
2010-04-11 08:17 . 2010-04-11 08:17 348160 ----a-w- c:\documents and settings\iestyn\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1f6dd386-n\msvcr71.dll
2010-04-11 08:17 . 2010-04-11 08:17 12800 ----a-w- c:\documents and settings\iestyn\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-598948f4-n\decora-d3d.dll
2010-04-11 08:17 . 2010-04-11 08:17 61440 ----a-w- c:\documents and settings\iestyn\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-598948f4-n\decora-sse.dll
2010-04-10 18:04 . 2010-04-10 18:05 -------- d-----w- c:\program files\Dziobas Rar Player

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-07 08:00 . 2008-09-26 15:14 22322228 --sha-w- c:\windows\system32\drivers\fidbox.idx
2010-05-07 08:00 . 2008-09-26 15:14 1905387552 --sha-w- c:\windows\system32\drivers\fidbox.dat
2010-05-07 07:32 . 2008-09-22 19:12 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-05-07 04:12 . 2009-05-30 11:54 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-05-06 20:59 . 2008-09-22 19:38 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-05-06 20:39 . 2008-09-22 19:38 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-05-06 20:39 . 2008-09-22 19:38 164048 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-05-06 20:34 . 2008-09-22 19:38 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-05-06 20:33 . 2008-09-22 19:38 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-05-06 20:33 . 2008-09-22 19:38 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-05-06 20:33 . 2008-09-22 19:38 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-05-06 20:33 . 2008-09-22 19:38 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-05-06 18:19 . 2009-01-10 20:03 -------- d-----w- c:\program files\PKR
2010-05-06 05:59 . 2009-05-30 11:54 -------- d-----w- c:\program files\SpywareBlaster
2010-05-05 12:49 . 2008-09-22 21:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-05-05 12:38 . 2008-10-22 11:35 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-04-30 10:51 . 2010-02-22 20:04 -------- d-----w- c:\documents and settings\iestyn\Application Data\vlc
2010-04-30 08:40 . 2010-02-25 14:47 -------- d-----w- c:\program files\Logitech
2010-04-30 08:40 . 2010-02-25 14:47 -------- d-----w- c:\program files\Common Files\Logitech
2010-04-30 08:34 . 2008-09-22 19:04 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-30 08:17 . 2008-11-26 15:34 -------- d-----w- c:\program files\MusicBrainz Picard
2010-04-30 08:17 . 2008-10-10 13:52 -------- d-----w- c:\program files\Image Grabber II
2010-04-30 06:46 . 2008-10-13 07:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-30 06:30 . 2009-01-12 17:38 -------- d-----w- c:\program files\Bonjour
2010-04-30 05:17 . 2008-10-25 08:48 6153352 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-04-29 14:39 . 2008-10-13 07:33 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 14:39 . 2008-10-13 07:34 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-29 14:00 . 2010-03-25 11:19 -------- d-----w- c:\program files\GFI
2010-04-29 13:59 . 2009-09-16 19:28 -------- d-----w- c:\program files\Opera
2010-04-29 13:53 . 2010-02-22 17:10 -------- d-----w- c:\documents and settings\iestyn\Application Data\FreeBurner
2010-04-26 09:08 . 2008-09-23 09:46 -------- d-----w- c:\documents and settings\iestyn\Application Data\Vso
2010-04-26 06:18 . 2009-03-06 12:03 -------- d-----w- c:\documents and settings\iestyn\Application Data\dvdcss
2010-04-26 06:07 . 2008-09-22 20:43 -------- d-----w- c:\documents and settings\iestyn\Application Data\FileZilla
2010-04-22 19:45 . 2010-02-23 13:20 -------- d-----w- c:\program files\SpeedFan
2010-04-22 19:37 . 2008-09-22 19:12 -------- d-----w- c:\documents and settings\iestyn\Application Data\Thunderbird
2010-04-22 07:43 . 2010-04-22 07:43 2678 ----a-w- c:\windows\java\Packages\Data\35RRDBF9.DAT
2010-04-22 07:42 . 2010-04-22 07:42 2678 ----a-w- c:\windows\java\Packages\Data\KIJTVNDR.DAT
2010-04-22 07:42 . 2010-04-22 07:42 2678 ----a-w- c:\windows\java\Packages\Data\5RPNN9ZB.DAT
2010-04-22 07:42 . 2010-04-22 07:42 2678 ----a-w- c:\windows\java\Packages\Data\VLJ5BVBV.DAT
2010-04-22 04:21 . 2008-09-22 19:38 -------- d-----w- c:\program files\Alwil Software
2010-04-21 05:01 . 2008-09-22 21:18 -------- d-----w- c:\documents and settings\iestyn\Application Data\uTorrent
2010-04-21 04:44 . 2008-09-22 21:18 -------- d-----w- c:\program files\uTorrent
2010-04-19 19:22 . 2009-11-09 10:11 -------- d-----w- c:\program files\Common Files\Apple
2010-04-19 14:14 . 2008-09-23 21:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-04-14 16:47 . 2008-09-22 19:38 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-04-11 15:53 . 2008-09-22 20:14 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2010-04-11 08:17 . 2008-09-24 20:27 -------- d-----w- c:\program files\Common Files\Java
2010-04-11 08:17 . 2008-09-24 20:27 -------- d-----w- c:\program files\Java
2010-03-26 16:13 . 2009-06-22 08:12 -------- d-----w- c:\program files\FileZilla FTP Client
2010-03-25 11:26 . 2010-03-25 11:26 -------- d-----w- c:\program files\Common Files\GFI
2010-03-23 19:13 . 2010-03-23 19:13 -------- d-----w- c:\documents and settings\Administrator\Application Data\DivX
2010-03-18 09:25 . 2010-03-18 09:25 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2010-03-18 08:39 . 2008-09-22 21:42 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-17 20:59 . 2010-03-17 20:59 -------- d-----w- c:\program files\Belarc
2010-03-17 20:44 . 2010-03-17 20:44 -------- d-----w- c:\program files\Test My Hardware
2010-03-11 09:18 . 2010-03-11 09:18 -------- d-----w- c:\program files\Common Files\Microsoft KitSetup
2010-03-11 09:09 . 2010-03-11 09:09 416 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\MSDN\9.0\1033\ResourceCache.dll
2010-03-11 09:08 . 2010-03-11 09:08 -------- d-----w- c:\program files\dsf
2010-03-10 06:15 . 2004-08-04 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-09 03:28 . 2008-12-05 10:08 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-03 22:18 . 2008-09-28 17:57 70808 ----a-w- c:\documents and settings\iestyn\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-25 06:24 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2004-08-04 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-24 07:24 . 2010-02-24 07:24 290816 ----a-w- c:\documents and settings\iestyn\Application Data\SystemRequirementsLab\SRLProxy_nvd_4.dll
2010-02-24 07:24 . 2010-02-24 07:24 290816 ----a-w- c:\documents and settings\iestyn\Application Data\SystemRequirementsLab\SRLProxy_nvd_3.dll
2010-02-24 07:24 . 2010-02-24 07:24 290816 ----a-w- c:\documents and settings\iestyn\Application Data\SystemRequirementsLab\SRLProxy_nvd_2.dll
2010-02-24 07:24 . 2010-02-24 07:24 290816 ----a-w- c:\documents and settings\iestyn\Application Data\SystemRequirementsLab\SRLProxy_nvd_1.dll
2010-02-17 08:10 . 2004-08-04 12:00 2189952 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 13:25 . 2004-08-03 22:59 2066816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 10:46 . 2010-02-12 10:46 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-02-12 10:46 . 2010-02-12 10:46 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-02-12 10:03 . 2010-02-24 08:09 293376 ------w- c:\windows\system32\browserchoice.exe
2010-02-12 04:33 . 2004-08-04 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2004-08-04 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2010-02-08 21:53 . 2010-02-08 21:53 103160 ----a-w- c:\windows\system32\drivers\hrmports.sys
2010-02-08 21:52 . 2010-02-08 21:52 92664 ----a-w- c:\windows\system32\drivers\hrmcfgspc.sys
2010-02-08 21:52 . 2010-02-08 21:52 89976 ----a-w- c:\windows\system32\drivers\hrmints.sys
2010-02-08 21:52 . 2010-02-08 21:52 252664 ----a-w- c:\windows\system32\drivers\dsfoleaut32.sys
2010-02-08 21:52 . 2010-02-08 21:52 479992 ----a-w- c:\windows\system32\drivers\dsfksvcs.sys
2010-02-08 21:52 . 2010-02-08 21:52 31608 ----a-w- c:\windows\system32\drivers\dsfroot.sys
2010-02-08 19:36 . 2010-02-08 19:36 183808 ----a-w- c:\windows\system32\softusb.dll
2010-02-08 19:35 . 2010-02-08 19:35 50688 ----a-w- c:\windows\system32\dsfkregsvr.exe
2010-02-08 19:35 . 2010-02-08 19:35 226816 ----a-w- c:\windows\system32\dsfusvcs.dll
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\BackupIconOverlayId]
@="{2EE61E5C-8F94-4AAB-8A80-D2A8CD1FEDAD}"
[HKEY_CLASSES_ROOT\CLSID\{2EE61E5C-8F94-4AAB-8A80-D2A8CD1FEDAD}]
2009-11-06 14:14 238968 ----a-w- c:\program files\Webroot\WebrootSecurity\Backup\CtxMenu_1_0_0_10.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"tcactive"="c:\program files\The Cleaner\tcap.exe" [2010-03-29 2951680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-11 13666408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-11 110696]
"DiskeeperSystray"="c:\program files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2005-11-22 221184]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192]
"SpySweeper"="c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe" [2009-11-06 6515784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"LoginPrompt"= B7ACA694839985829EDEDDDDDB

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 14:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]
@="Service"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iSproggler]
2008-12-17 08:07 17694283 ----a-w- c:\documents and settings\iestyn\Desktop\iSproggler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2009-11-13 11:31 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Macromedia\\Dreamweaver 8\\Dreamweaver.exe"=
"c:\\Program Files\\MusicBrainz Picard\\picard.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\SoulseekNS\\slsk.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\PKR\\pkrpal.exe"=
"c:\\Program Files\\GFI\\LANguard 9.0\\languard.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Microsoft Visual Studio\\COMMON\\Tools\\VS-Ent98\\Vanalyzr\\VARPC.EXE"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"18584:TCP"= 18584:TCP:port

R0 DSFKSVCS;Kernel Services for DSF;c:\windows\system32\drivers\dsfksvcs.sys [08/02/2010 22:52 479992]
R0 dsfroot;root enumerated bus driver;c:\windows\system32\drivers\dsfroot.sys [08/02/2010 22:52 31608]
R0 ssfs0bbc;ssfs0bbc;c:\windows\system32\drivers\ssfs0bbc.sys [06/11/2009 12:00 29808]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [22/09/2008 20:38 164048]
R1 is-3SD78drv;is-3SD78drv;c:\windows\system32\drivers\88486341.sys [08/10/2008 09:42 148496]
R1 is-9A1TMdrv;is-9A1TMdrv;c:\windows\system32\drivers\10881677.sys [11/10/2008 11:28 148496]
R1 is-UF9UVdrv;is-UF9UVdrv;c:\windows\system32\drivers\44839809.sys [30/09/2008 08:17 148496]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17/02/2010 11:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [17/02/2010 11:15 66632]
R2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [28/04/2010 21:27 1872320]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22/09/2008 20:38 19024]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [13/11/2009 12:31 92008]
R2 WRConsumerService;Webroot Client Service;c:\program files\Webroot\WebrootSecurity\WRConsumerService.exe [06/05/2010 18:22 1201640]
S1 is-H0M7Fdrv;is-H0M7Fdrv;c:\windows\system32\drivers\44327414.sys [11/10/2008 23:20 148496]
S2 MaxSch2Svc;Maxtor Scheduler2 Service; [x]
S2 moohelp;The Cleaner 2011 Helper Service;c:\program files\The Cleaner\mhelper.exe [29/04/2010 08:29 813056]
S3 HRMCFGSPC;DSF General Configuration Space Redirection Module;c:\windows\system32\drivers\hrmcfgspc.sys [08/02/2010 22:52 92664]
S3 HRMINTS;DSF Interrupt Redirection Module;c:\windows\system32\drivers\hrmints.sys [08/02/2010 22:52 89976]
S3 HRMPORTS;DSF IO Port Redirection Module;c:\windows\system32\drivers\hrmports.sys [08/02/2010 22:53 103160]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [03/01/2010 21:25 86696]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [03/01/2010 21:25 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [03/01/2010 21:25 114472]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [03/01/2010 21:25 108328]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [03/01/2010 21:25 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [03/01/2010 21:25 104616]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [03/01/2010 21:25 109736]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [17/02/2010 11:15 12872]
S3 WSOFTUSBK;Generic wireless USB device;c:\windows\system32\DRIVERS\WSOFTUSBK.SYS --> c:\windows\system32\DRIVERS\WSOFTUSBK.SYS [?]
.
Contents of the 'Scheduled Tasks' folder

2010-04-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2010-05-07 c:\windows\Tasks\User_Feed_Synchronization-{2A7D0781-5E3A-44CA-8462-D8FEB64DD6E1}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]

2010-05-07 c:\windows\Tasks\wrSpySweeper_L44AD2B683AE64EEBBB40A69727D16001.job
- c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe [2010-05-06 14:19]

2010-05-07 c:\windows\Tasks\wrSpySweeper_L44AD2B683AE64EEBBB40A69727D16001.job
- c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe [2010-05-06 14:19]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
Trusted Zone: microsoft.com
Trusted Zone: microsoft.com\update
Trusted Zone: microsoft.com\windowsupdate
FF - ProfilePath - c:\documents and settings\iestyn\Application Data\Mozilla\Firefox\Profiles\ktshiytm.default\
FF - prefs.js: browser.search.selectedEngine - MyWebSearch
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=EZfox000&ptb=4vV27RpM03z25TiZ2DdA5Q&psa=&ind=2010031713&ptnrS=EZfox000&si=&st=kwd&n=77cea661&searchfor=
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-nwiz - nwiz.exe
MSConfigStartUp-SDFix - c:\sdfix\RunThis.bat
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-07 09:03
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\DSFKSVCS\MofImagePath]

.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(760)
c:\windows\system32\WININET.dll
c:\program files\SUPERAntiSpyware\SASWINLO.dll

- - - - - - - > 'lsass.exe'(820)
c:\windows\system32\WININET.dll

- - - - - - - > 'explorer.exe'(3848)
c:\windows\system32\WININET.dll
c:\program files\Webroot\WebrootSecurity\Backup\CtxMenu_1_0_0_10.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\program files\SUPERAntiSpyware\SASSEH.DLL
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\DVDRAMSV.exe
c:\program files\Webroot\WebrootSecurity\SpySweeper.exe
c:\windows\system32\MsPMSPSv.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\wscntfy.exe
c:\program files\Internet Explorer\IEXPLORE.EXE
c:\program files\Internet Explorer\IEXPLORE.EXE
.
**************************************************************************
.
Completion time: 2010-05-07 09:11:05 - machine was rebooted
ComboFix-quarantined-files.txt 2010-05-07 08:10

Pre-Run: 151,328,346,112 bytes free
Post-Run: 151,319,060,480 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - F7BDACF68CD5D49A9B61EA624F0EB617


Logfile of The Avenger Version 2.0, © by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!


Completed script processing.

*******************

Finished! Terminate.


#10 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:08:52 PM

Posted 19 May 2010 - 02:18 PM

Hi-

Let's clean up your system-

First, we need to run an OTL Fix
  • Please reopen on your desktop.
  • Copy and Paste the following code into the textbox. Do not include the word "Code"
    CODE
    :OTL
    FF - prefs.js..keyword.URL: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=EZfox000&ptb=4vV27RpM03z25TiZ2DdA5Q&psa=&ind=2010031713&ptnrS=EZfox000&si=&st=kwd&n=77cea661&searchfor="
    O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
    [2010/04/28 16:56:08 | 000,001,956 | -HS- | M] () -- C:\Documents and Settings\iestyn\Local Settings\Application Data\8rMjiIiS5Lohx
    [2010/04/28 16:56:08 | 000,001,956 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\8rMjiIiS5Lohx
    :SERVICES
    MaxSch2Svc
    cpuz132
    HRMACPI
    SOFTHIDUSBK
    SOFTUSBK
    SOFTUSBTESTHUB
    SOFTWADP
    WSOFTUSBK
    Pml Driver HPZ12
    NMSAccess
    is-UF9UVdrv
    is-H0M7Fdrv
    is-9A1TMdrv
    is-3SD78drv
    fsbts
    FLEXnet Licensing Service
    :COMMANDS
    [EMPTYTEMP]
    [RESETHOSTS]
    [CREATERESTOREPOINT]
  • Push
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click .
  • A report will open. Copy and Paste that report in your next reply.
  • If you have to reboot, once back up, open the C:\_OTL\MovedFiles folder and copy the newest log into your next reply.
Next, please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.

In your reply, copy OTL fix log and the DDS logs into your reply and please let me know how your system is behaving.

Thanks,
Shannon

#11 cats_rule

cats_rule
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 20 May 2010 - 04:08 AM

im still getting random tabs opening , im still unable to open windows update site and ive noticed that i cant install java or my virus scanner avast doesnt load on windows start up and wont update when i eventually manage to load it.
also ive had to post this on another pc as when i try to post it i get connection interrupted page !!!


All processes killed
========== OTL ==========
Prefs.js: "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=EZfox000&ptb=4vV27RpM03z25TiZ2DdA5Q&psa=&ind=2010031713&ptnrS=EZfox000&si=&st=kwd&n=77cea661&searchfor=" removed from keyword.URL
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
C:\Documents and Settings\iestyn\Local Settings\Application Data\8rMjiIiS5Lohx moved successfully.
C:\Documents and Settings\All Users\Application Data\8rMjiIiS5Lohx moved successfully.
========== SERVICES/DRIVERS ==========
Service MaxSch2Svc stopped successfully!
Service MaxSch2Svc deleted successfully!
Error: No service named cpuz132 was found to stop!
Service\Driver key cpuz132 not found.
Error: No service named HRMACPI was found to stop!
Service\Driver key HRMACPI not found.
Error: No service named SOFTHIDUSBK was found to stop!
Service\Driver key SOFTHIDUSBK not found.
Error: No service named SOFTUSBK was found to stop!
Service\Driver key SOFTUSBK not found.
Error: No service named SOFTUSBTESTHUB was found to stop!
Service\Driver key SOFTUSBTESTHUB not found.
Error: No service named SOFTWADP was found to stop!
Service\Driver key SOFTWADP not found.
Service WSOFTUSBK stopped successfully!
Service WSOFTUSBK deleted successfully!
Error: No service named Pml Driver HPZ12 was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Pml Driver HPZ12 deleted successfully.
Service NMSAccess stopped successfully!
Service NMSAccess deleted successfully!
Error: Unable to stop service is-UF9UVdrv!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\is-UF9UVdrv deleted successfully.
Service is-H0M7Fdrv stopped successfully!
Service is-H0M7Fdrv deleted successfully!
Error: Unable to stop service is-9A1TMdrv!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\is-9A1TMdrv deleted successfully.
Error: Unable to stop service is-3SD78drv!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\is-3SD78drv deleted successfully.
Service fsbts stopped successfully!
Service fsbts deleted successfully!
Service FLEXnet Licensing Service stopped successfully!
Service FLEXnet Licensing Service deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 3519051 bytes
->Flash cache emptied: 434 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 3731705 bytes

User: iestyn
->Temp folder emptied: 218617853 bytes
->Temporary Internet Files folder emptied: 571385 bytes
->Java cache emptied: 199791 bytes
->FireFox cache emptied: 84613504 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 5276845 bytes
->Flash cache emptied: 5946 bytes

User: LocalService
->Temp folder emptied: 16384 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 5512237 bytes
->Flash cache emptied: 6992 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 4477360 bytes
%systemroot%\System32 .tmp files removed: 4397585 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 82403 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 316.00 mb

HOSTS file reset successfully
Unable to start service SrService!

OTL by OldTimer - Version 3.2.4.1 log created on 05202010_070217

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 22/09/2008 19:51:29
System Uptime: 20/05/2010 07:08:09 (0 hours ago)

Motherboard: ASUSTeK Computer INC. | | A8N-E
Processor: AMD Athlon™ 64 Processor 3700+ | Socket 939 | 2211/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 186 GiB total, 123.124 GiB free.
D: is FIXED (NTFS) - 186 GiB total, 163.958 GiB free.
E: is CDROM ()
H: is FIXED (NTFS) - 280 GiB total, 106.32 GiB free.

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Realtek RTL8139 Family PCI Fast Ethernet NIC
Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_813910EC&REV_10\4&13699180&0&3048
Manufacturer: Realtek
Name: Realtek RTL8139 Family PCI Fast Ethernet NIC
PNP Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_813910EC&REV_10\4&13699180&0&3048
Service: rtl8139

Class GUID: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Description: Microcode Update Device
Device ID: ROOT\SYSTEM\0001
Manufacturer: (Standard system devices)
Name: Microcode Update Device
PNP Device ID: ROOT\SYSTEM\0001
Service: update

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

Acrobat.com
Active@ Boot Disk 4.0 Suite
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader 9.3.2
Adobe Setup
Adobe Shockwave Player 11.5
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Advertising Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Athlon 64 Processor Driver
µTorrent
audiosamples
AutoUpdate
avast! Free Antivirus
avstreamsamples
avstreamtools_ia64fre
avstreamtools_x64fre
avstreamtools_x86fre
Belarc Advisor 8.1
biometricsamples
biometrictools_x64fre
biometrictools_x86fre
bluetoothsamples
bluetoothtools_ia64fre
bluetoothtools_x64fre
bluetoothtools_x86fre
buildsamples
buildtools_ia64fre
buildtools_x64fre
buildtools_x86fre
bussamples
cancelsample
CCleaner
chkinftool_x86fre
Choice Guard
COMODO System - Cleaner
ConvertXtoDVD 3.8.0.193j
Cool MP3 Splitter
Crawler Toolbar with Web Security Guard
debugfiles_win7
Debugging Tools for Windows (x86)
Device Simulation Framework 1.0.1
dfx_ia64fre
dfx_x64fre
dfx_x86fre
Diskeeper Home Edition
displaysamples
DivX Converter
DivX Plus DirectShow Filters
DivX Setup
DivX Version Checker
drvtools_ia64fre
drvtools_x64fre
drvtools_x86fre
DSF-KitSetup
dsfsamples
DVD-RAM Driver
Dziobas Rar Player 0.009.39
ESET Online Scanner v3
eventsample
evntdrvsample
Fast AVI MPEG Joiner 1.1.2
FILE RECOVERY for Windows
FileZilla Client 3.3.2.1
fireflysample
Folder Lock
Free Easy Burner V 4.0
generalsamples
generaltools_ia64fre
generaltools_x64fre
generaltools_x86fre
GFI LANguard 9.0
Handy CD Ripper version 2.5.3
headers
hid_inputsamples
hidsampleinput
hidsamples
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Document Explorer 2008 (KB953196)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB976002-v5)
ifssamples
Image Grabber II
imagingtools_ia64fre
imagingtools_x64fre
imagingtools_x86fre
ImagXpress
infsample_ia64fre
infsample_x64fre
infsample_x86fre
installhelp
ioctlsample
irsamples
Java Auto Updater
Java™ 6 Update 19
libs_ia64fre
libs_x64fre
libs_x86fre
Logitech MouseWare 9.79
Macromedia Dreamweaver 8
Macromedia Extension Manager
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Document Explorer 2008
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Ultimate 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual Studio 6.0 Enterprise Edition
Microsoft VM for Java
Microsoft Web Publishing Wizard 1.53
Microsoft Windows Driver Kit 7.1.0.7600
Microsoft Windows Driver Kit Documentation 7600.091201
modemtools
Mozilla Firefox (3.6.3)
Mozilla Thunderbird (3.0.4)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
MusicBrainz Picard 0.11
Nero CoverDesigner
NeroBurningROM
neroxml
networklibraries_ia64fre
networklibraries_x64fre
networklibraries_x86fre
networksamples
NVIDIA Drivers
oacr_x86fre
offreg_ia64fre
offreg_x64fre
offreg_x86fre
OGA Notifier 2.0.0048.0
Panda ActiveScan 2.0
pcidrvsample
PDF Settings
PeerBlock 1.0.0 (r181)
pfd_ia64fre
pfd_x64fre
pfd_x86fre
PKR
pnpportssample
pnptools_ia64fre
pnptools_x64fre
pnptools_x86fre
portiosample
powermanagement_ia64fre
powermanagement_x64fre
powermanagement_x86fre
printsamples
printtools_ia64fre
printtools_x64fre
printtools_x86fre
QFolder
QuickTime
readme
sdv
SeaTools for Windows
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB978380)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB978382)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB980470)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB969604)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows XP (KB923789)
sensorsamples
setupsamples
setuptools_ia64fre
setuptools_x64fre
setuptools_x86fre
sideshowsamples
smartcardsamples
SoulSeek 157 NS 13c
Sound Blaster Live! 24-bit
SpeedFan (remove only)
Spelling Dictionaries Support For Adobe Reader 9
Spyware Terminator
SpywareBlaster 4.3
storagesamples
streammediasamples
SUPERAntiSpyware Free Edition
swtuner
System Requirements Lab
Test My Hardware 3.0
The Cleaner 2011
toastermetadatapackagesample
toastersample
TomTom HOME 2.7.3.1894
TomTom HOME Visual Studio Merge Modules
toolindex
tools_ia64fre
tools_x64fre
tools_x86fre
tracingtool_ia64fre
tracingtool_x64fre
tracingtool_x86fre
umdfsamples
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB981715)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB957246)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb981726)
Update for Windows Internet Explorer 8 (KB968220)
Update for Windows Internet Explorer 8 (KB969497)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
usbsamples
VC80CRTRedist - 8.0.50727.4053
vistalibs_ia64fre
vistalibs_x64fre
vistalibs_x86fre
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.0.5
wcoinstallers
wdftools_ia64fre
wdftools_x64fre
wdftools_x86fre
wdtfbinaries_ia64fre
wdtfbinaries_x64fre
wdtfbinaries_x86fre
WebFldrs XP
WebReg
Winamp
Winamp Application Detect
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinRAR archiver
wmisamples
wnetlibs_ia64fre
wnetlibs_x64fre
wnetlibs_x86fre
wpdsamples
wpdtools_ia64fre
wpdtools_x64fre
wpdtools_x86fre
wsdtool_ia64fre
wsdtool_x64fre
wsdtool_x86fre
wxplibs_x86fre
Xvid 1.1.3 final uninstall

==== Event Viewer Messages From Past Week ========

20/05/2010 07:05:40, error: SRService [104] - The System Restore initialization process failed.
20/05/2010 07:05:40, error: Service Control Manager [7023] - The System Restore Service service terminated with the following error: The system cannot find the file specified.
20/05/2010 07:05:21, error: PlugPlayManager [11] - The device Root\LEGACY_FSBTS\0000 disappeared from the system without first being prepared for removal.
20/05/2010 07:02:17, error: Service Control Manager [7034] - The Spyware Terminator Realtime Shield Service service terminated unexpectedly. It has done this 1 time(s).
20/05/2010 07:02:17, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
20/05/2010 07:02:17, error: Service Control Manager [7034] - The DVD-RAM_Service service terminated unexpectedly. It has done this 1 time(s).
20/05/2010 07:02:17, error: Service Control Manager [7034] - The Diskeeper service terminated unexpectedly. It has done this 1 time(s).
19/05/2010 06:19:25, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\windows\system32\aclui.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.5512.
19/05/2010 06:19:25, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\windows\system32\acledit.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.0.
19/05/2010 06:19:25, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\windows\system32\accwiz.exe. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.5512.
19/05/2010 06:19:25, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\windows\system32\acctres.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 6.0.2600.0.
19/05/2010 06:19:25, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\windows\system32\access.cpl. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.5512.
19/05/2010 06:19:25, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\windows\system32\aaclient.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 6.0.6001.18000.
19/05/2010 06:19:25, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\windows\system32\aaaamon.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.0.
19/05/2010 06:19:25, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\windows\system32\a3d.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 80.0.0.3.
19/05/2010 06:19:25, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\windows\system32\6to4svc.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.5935.
19/05/2010 06:19:24, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\windows\system32\12520850.cpx. This file was restored to the original version to maintain system stability. The file version of the system file is 0.0.0.1.
19/05/2010 06:19:24, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\windows\system32\12520437.cpx. This file was restored to the original version to maintain system stability. The file version of the system file is 0.0.0.1.
19/05/2010 00:13:57, error: Service Control Manager [7023] - The Diskeeper service terminated with the following error: The service has not been started.
18/05/2010 21:18:07, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
18/05/2010 20:59:00, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 AFD AmdK8 aswSP aswTdi dsfroot Fips IPSec is-3SD78drv is-9A1TMdrv is-UF9UVdrv MRxSmb NetBIOS NetBT pavboot RasAcd Rdbss SASDIFSV SASKUTIL sp_rsdrv2 Tcpip WS2IFSL
18/05/2010 20:59:00, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
18/05/2010 20:59:00, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
18/05/2010 20:59:00, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
18/05/2010 20:59:00, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
18/05/2010 20:58:49, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
18/05/2010 20:22:32, information: Windows File Protection [64018] - Windows File Protection file scan was cancelled by user interaction, user name is iestyn.
18/05/2010 20:10:23, information: Windows File Protection [64016] - Windows File Protection file scan was started.
14/05/2010 10:37:55, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume H:.
14/05/2010 08:28:37, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
14/05/2010 08:24:36, error: Service Control Manager [7034] - The TomTomHOMEService service terminated unexpectedly. It has done this 1 time(s).
14/05/2010 08:24:35, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\system32\SHELL32.dll. Reference error message: The operation completed successfully. .
14/05/2010 08:24:35, error: SideBySide [58] - Syntax error in manifest or policy file "C:\WINDOWS\system32\SHELL32.dll" on line 0.
14/05/2010 08:00:25, error: Service Control Manager [7034] - The CSIScanner service terminated unexpectedly. It has done this 1 time(s).
14/05/2010 07:54:02, error: PlugPlayManager [11] - The device Root\LEGACY_SSIDRV\0000 disappeared from the system without first being prepared for removal.
14/05/2010 07:54:02, error: PlugPlayManager [11] - The device Root\LEGACY_SSHRMD\0000 disappeared from the system without first being prepared for removal.
14/05/2010 07:54:02, error: PlugPlayManager [11] - The device Root\LEGACY_SSFS0BBC\0000 disappeared from the system without first being prepared for removal.
14/05/2010 07:53:56, error: Service Control Manager [7034] - The Webroot Client Service service terminated unexpectedly. It has done this 1 time(s).
14/05/2010 07:53:44, error: Service Control Manager [7034] - The Webroot Spy Sweeper Engine service terminated unexpectedly. It has done this 1 time(s).
14/05/2010 07:41:27, error: Service Control Manager [7000] - The Maxtor Scheduler2 Service service failed to start due to the following error: The system cannot find the path specified.
14/05/2010 07:40:02, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
14/05/2010 07:40:02, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
14/05/2010 05:53:30, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Webroot Spy Sweeper Engine service to connect.
14/05/2010 05:53:30, error: Service Control Manager [7000] - The Webroot Spy Sweeper Engine service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
13/05/2010 10:22:45, error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: Cannot create a file when that file already exists.
13/05/2010 09:54:08, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.
13/05/2010 06:18:44, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
13/05/2010 06:18:33, error: Service Control Manager [7023] - The Diskeeper service terminated with the following error: The file can not be accessed by the system.

==== End Of File ===========================


DDS (Ver_10-03-17.01) - NTFSx86
Run by iestyn at 7:12:35.60 on 20/05/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.3071.2301 [GMT 1:00]

AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Doctor Web Firewall *disabled* {3454C8F1-ECBC-4181-A7F4-04632FBA762B}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\torrents\dds.scr
C:\WINDOWS\system32\NOTEPAD.EXE

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.co.uk/
uURLSearchHooks: N/A: {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - c:\progra~1\crawler\toolbar\ctbr.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: : {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - c:\progra~1\crawler\toolbar\ctbr.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
TB: &Crawler Toolbar: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} - c:\progra~1\crawler\toolbar\ctbr.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uRun: [tcactive] "c:\program files\the cleaner\tcap.exe"
uRun: [SpywareTerminatorUpdate] "c:\program files\spyware terminator\SpywareTerminatorUpdate.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] "RUNDLL32.EXE" c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [DiskeeperSystray] "c:\program files\diskeeper corporation\diskeeper\DkIcon.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SpywareTerminator] "c:\program files\spyware terminator\SpywareTerminatorShield.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mPolicies-explorer: LoginPrompt = B7ACA694839985829EDEDDDDDB
IE: Crawler Search - tbr:iemenu
Trusted Zone: microsoft.com
Trusted Zone: microsoft.com\update
Trusted Zone: microsoft.com\windowsupdate
Trusted Zone: microsoft.com\www.update
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\crawler\toolbar\ctbr.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\iestyn\applic~1\mozilla\firefox\profiles\ktshiytm.default\
FF - prefs.js: browser.search.selectedEngine - MyWebSearch
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - component: c:\documents and settings\iestyn\application data\mozilla\firefox\profiles\ktshiytm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
FF - component: c:\program files\crawler\toolbar\firefox\components\xcomm.dll
FF - component: c:\program files\crawler\toolbar\firefox\components\xshared.dll
FF - component: c:\program files\crawler\toolbar\firefox\components\xsupport.dll
FF - component: c:\program files\crawler\toolbar\firefox\components\xwsg.dll
FF - plugin: c:\documents and settings\iestyn\application data\mozilla\firefox\profiles\ktshiytm.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 DSFKSVCS;Kernel Services for DSF;c:\windows\system32\drivers\dsfksvcs.sys [2010-2-8 479992]
R0 dsfroot;root enumerated bus driver;c:\windows\system32\drivers\dsfroot.sys [2010-2-8 31608]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2010-5-13 28552]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2008-9-22 164048]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-2-17 68168]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-5-9 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-9-22 19024]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-4-21 40384]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2009-11-13 92008]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-4-21 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-4-21 40384]
S0 CFRMD;CFRMD;c:\windows\system32\drivers\cfrmd.sys --> c:\windows\system32\drivers\CFRMD.sys [?]
S0 dfpy;dfpy;c:\windows\system32\drivers\huuu.sys --> c:\windows\system32\drivers\huuu.sys [?]
S2 moohelp;The Cleaner 2011 Helper Service;c:\program files\the cleaner\mhelper.exe [2010-4-29 813056]
S3 F-Secure Standalone Minifilter;F-Secure Standalone Minifilter;\??\c:\documents and settings\iestyn\local settings\temp\{b84ab45e-78aa-4b20-8af1-2f986595567a}\fsgk.sys --> c:\documents and settings\iestyn\local settings\temp\{b84ab45e-78aa-4b20-8af1-2f986595567a}\fsgk.sys [?]
S3 HRMCFGSPC;DSF General Configuration Space Redirection Module;c:\windows\system32\drivers\hrmcfgspc.sys [2010-2-8 92664]
S3 HRMINTS;DSF Interrupt Redirection Module;c:\windows\system32\drivers\hrmints.sys [2010-2-8 89976]
S3 HRMPORTS;DSF IO Port Redirection Module;c:\windows\system32\drivers\hrmports.sys [2010-2-8 103160]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\c9.tmp --> c:\windows\system32\C9.tmp [?]
S3 RkPavproc1;RkPavproc1;c:\windows\system32\drivers\RkPavproc1.sys [2010-5-13 17544]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [2010-1-3 86696]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [2010-1-3 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [2010-1-3 114472]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [2010-1-3 108328]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [2010-1-3 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [2010-1-3 104616]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [2010-1-3 109736]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2010-2-17 12872]

=============== Created Last 30 ================

2010-05-20 06:02:17 0 d-----w- C:\_OTL
2010-05-18 19:21:02 77568 -c--a-w- c:\windows\system32\dllcache\ati.sys
2010-05-18 18:41:49 0 d-----w- c:\program files\DrWeb
2010-05-18 15:20:38 0 d-----w- c:\program files\ESET
2010-05-14 07:25:14 0 d-----w- c:\docume~1\iestyn\applic~1\ComodoGroup
2010-05-14 07:19:43 0 d-----w- c:\documents and settings\iestyn\Application DataComodoGroup
2010-05-14 07:05:20 0 d-----w- c:\documents and settings\iestyn\DoctorWeb
2010-05-14 06:55:49 0 d-----w- c:\program files\COMODO
2010-05-13 19:25:12 23040 ----a-w- c:\windows\system32\drivers\wntgeudj.sys
2010-05-13 16:44:49 0 d-----w- c:\windows\system32\MpEngineStore
2010-05-13 10:55:12 17544 ----a-w- c:\windows\system32\drivers\RkPavproc1.sys
2010-05-13 10:37:53 175 ----a-w- c:\windows\system32\MRT.INI
2010-05-13 09:08:32 0 dc----w- c:\docume~1\alluse~1\applic~1\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-05-13 07:05:27 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2010-05-13 07:01:14 0 d-----w- c:\program files\Panda Security
2010-05-10 10:10:08 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-05-10 09:59:50 0 d-----w- c:\docume~1\alluse~1\applic~1\DivX
2010-05-10 08:40:11 0 d-----w- C:\ComboFix
2010-05-10 08:29:31 157712 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2010-05-09 17:28:22 0 d-----w- c:\program files\WinClamAVShield
2010-05-09 17:09:20 0 d-----w- c:\program files\Crawler
2010-05-09 16:56:52 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-05-09 16:56:36 0 d-----w- c:\docume~1\iestyn\applic~1\Spyware Terminator
2010-05-09 16:56:11 0 d-----w- c:\docume~1\alluse~1\applic~1\Spyware Terminator
2010-05-09 16:55:53 0 d-----w- c:\program files\Spyware Terminator
2010-05-09 16:21:32 0 d-----w- c:\docume~1\iestyn\applic~1\QuickScan
2010-05-09 16:11:45 33920 ----a-w- c:\windows\system32\drivers\fsbts.sys
2010-05-08 17:29:40 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-07 07:47:09 0 d-sha-r- C:\cmdcons
2010-05-07 07:45:33 98816 ----a-w- c:\windows\sed.exe
2010-05-07 07:45:33 77312 ----a-w- c:\windows\MBR.exe
2010-05-07 07:45:33 256512 ----a-w- c:\windows\PEV.exe
2010-05-07 07:45:33 161792 ----a-w- c:\windows\SWREG.exe
2010-05-06 17:19:44 0 d-----w- c:\program files\MSSOAP
2010-05-06 17:18:44 0 d-----w- c:\program files\Webroot
2010-05-05 12:35:51 164 ----a-w- c:\windows\install.dat
2010-04-30 10:51:41 215920 ----a-w- c:\windows\system32\muweb.dll
2010-04-30 09:15:27 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-04-30 09:15:24 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-04-30 09:15:23 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-04-30 09:15:20 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-04-30 09:15:16 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-04-30 09:14:56 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2010-04-30 09:14:55 28288 -c--a-w- c:\windows\system32\dllcache\xjis.nls
2010-04-30 09:14:51 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-04-30 09:14:50 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2010-04-30 09:14:48 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2010-04-30 09:14:46 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2010-04-30 09:14:24 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys
2010-04-30 09:14:15 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2010-04-30 09:14:11 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2010-04-30 09:14:04 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2010-04-30 09:14:00 53760 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2010-04-30 09:12:59 113762 -c--a-w- c:\windows\system32\dllcache\usrpda.sys
2010-04-30 09:11:58 11520 -c--a-w- c:\windows\system32\dllcache\twotrack.sys
2010-04-30 09:10:57 17129 -c--a-w- c:\windows\system32\dllcache\tdkcd31.sys
2010-04-30 09:09:59 285760 -c--a-w- c:\windows\system32\dllcache\stlnata.sys
2010-04-30 09:08:57 24576 -c--a-w- c:\windows\system32\dllcache\smc8000n.sys
2010-04-30 09:07:59 18400 -c--a-w- c:\windows\system32\dllcache\sgsmld.sys
2010-04-30 09:06:58 210496 -c--a-w- c:\windows\system32\dllcache\s3mvirge.dll
2010-04-30 09:05:59 9728 -c--a-w- c:\windows\system32\dllcache\query.exe
2010-04-30 09:04:58 75776 -c--a-w- c:\windows\system32\dllcache\philcam1.sys
2010-04-30 09:03:58 48000 -c--a-w- c:\windows\system32\dllcache\ovcam2.sys
2010-04-30 09:02:57 15872 -c--a-w- c:\windows\system32\dllcache\ne2000.sys
2010-04-30 09:01:55 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys
2010-04-30 09:00:58 797500 -c--a-w- c:\windows\system32\dllcache\ltsmt.sys
2010-04-30 08:59:59 23552 -c--a-w- c:\windows\system32\dllcache\irmk7.sys
2010-04-30 08:58:58 28700 -c--a-w- c:\windows\system32\dllcache\ibmexmp.sys
2010-04-30 08:57:59 25952 -c--a-w- c:\windows\system32\dllcache\hpn.sys
2010-04-30 08:56:58 455296 -c--a-w- c:\windows\system32\dllcache\fusbbase.sys
2010-04-30 08:55:59 629952 -c--a-w- c:\windows\system32\dllcache\eqn.sys
2010-04-30 08:54:59 110621 -c--a-w- c:\windows\system32\dllcache\digirlpt.dll
2010-04-30 08:53:59 6656 -c--a-w- c:\windows\system32\dllcache\cmdide.sys
2010-04-30 08:52:59 81408 -c--a-w- c:\windows\system32\dllcache\brmfcwia.dll
2010-04-30 08:51:59 96256 -c--a-w- c:\windows\system32\dllcache\ac97intc.sys
2010-04-30 06:54:28 0 d-----w- c:\program files\Trend Micro
2010-04-29 18:26:06 0 d-----w- c:\program files\Sophos
2010-04-29 18:05:54 0 d-----w- c:\docume~1\alluse~1\applic~1\moosoft
2010-04-29 16:46:30 0 d-----w- c:\docume~1\alluse~1\applic~1\F-Secure
2010-04-29 08:07:59 5632 -c--a-w- c:\windows\system32\dllcache\kbdheb.dll
2010-04-29 08:07:59 5120 -c--a-w- c:\windows\system32\dllcache\kbdgeo.dll
2010-04-29 08:07:58 5632 -c--a-w- c:\windows\system32\dllcache\kbdfa.dll
2010-04-29 08:07:58 5632 -c--a-w- c:\windows\system32\dllcache\kbddiv2.dll
2010-04-29 08:07:58 5632 -c--a-w- c:\windows\system32\dllcache\kbddiv1.dll
2010-04-29 08:07:58 5120 -c--a-w- c:\windows\system32\dllcache\kbdarmw.dll
2010-04-29 08:07:58 5120 -c--a-w- c:\windows\system32\dllcache\kbdarme.dll
2010-04-29 08:07:57 5632 -c--a-w- c:\windows\system32\dllcache\kbda3.dll
2010-04-29 08:07:57 5632 -c--a-w- c:\windows\system32\dllcache\kbda2.dll
2010-04-29 08:07:57 5632 -c--a-w- c:\windows\system32\dllcache\kbda1.dll
2010-04-29 08:05:47 0 d-----w- C:\I386
2010-04-29 07:39:41 0 d-----w- c:\docume~1\iestyn\applic~1\ElevatedDiagnostics
2010-04-29 07:29:09 0 d-----w- c:\docume~1\iestyn\applic~1\thecleaner
2010-04-29 07:28:52 0 d-----w- c:\program files\The Cleaner
2010-04-29 04:51:35 0 d-----w- c:\docume~1\iestyn\applic~1\SUPERAntiSpyware.com
2010-04-28 20:21:39 0 d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2010-04-28 20:21:26 0 d-----w- c:\program files\SUPERAntiSpyware
2010-04-28 19:58:01 33280 -c--a-w- c:\windows\system32\dllcache\rundll32.exe
2010-04-28 19:58:01 33280 ----a-w- c:\windows\system32\rundll32.exe
2010-04-28 19:00:16 284 ----a-w- c:\windows\reimage.ini
2010-04-26 22:04:42 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2010-04-22 08:46:50 126 ----a-w- c:\windows\mdm.ini
2010-04-22 08:43:54 0 d-----w- c:\program files\Web Publish
2010-04-22 07:43:14 42496 ----a-w- c:\windows\setdebug.exe
2010-04-22 07:43:12 140048 ----a-w- c:\windows\system32\jit.dll
2010-04-22 07:43:11 7356 ----a-w- c:\windows\system32\javasup.vxd
2010-04-22 07:43:10 6550 ----a-w- c:\windows\jautoexp.dat
2010-04-22 07:43:10 135168 ----a-w- c:\windows\system32\javaee.dll
2010-04-22 07:43:07 313856 ----a-w- c:\windows\system32\dx3j.dll
2010-04-21 15:05:39 0 d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software
2010-04-21 08:11:49 0 d-----w- c:\program files\FILE RECOVERY for Windows
2010-04-21 07:34:44 0 d-----w- c:\program files\common files\Wise Installation Wizard

==================== Find3M ====================

2010-05-20 06:06:59 22322228 --sha-w- c:\windows\system32\drivers\fidbox.idx
2010-05-20 06:06:59 1905387552 --sha-w- c:\windows\system32\drivers\fidbox.dat
2010-03-31 01:58:04 44944 ------w- c:\windows\system32\drivers\PxHelp20.sys
2010-03-31 01:58:04 133616 ------w- c:\windows\system32\pxafs.dll
2010-03-31 01:58:04 125424 ------w- c:\windows\system32\pxinsi64.exe
2010-03-31 01:58:04 123888 ------w- c:\windows\system32\pxcpyi64.exe
2010-03-10 06:15:52 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-08 17:59:18 94208 ----a-w- c:\windows\system32\dpl100.dll
2010-02-25 06:24:37 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-19 19:27:36 720384 ----a-w- c:\windows\system32\DivX.dll
2010-02-19 19:27:16 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2010-02-19 19:27:16 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2010-02-19 19:27:16 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2010-02-19 19:27:16 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2010-02-19 19:27:16 839680 ----a-w- c:\windows\system32\divx_xx11.dll

============= FINISH: 7:15:22.04 ===============


#12 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:08:52 PM

Posted 21 May 2010 - 05:25 AM

Hi-

You have an infection that we have not been able to detect yet, so I want to check to see if a file is infected, to rerun GMER and do two other scans.

First
, Please make sure that you can view all hidden files. Instructions on how to do this can be found here:

How to see hidden files in Windows

Please click this link-->Jotti
When the Jotti page has finished loading, click Jottie's Browse button and navigate to the following file and click the Submit file button within Jottie.

c:\windows\system32\drivers\wntgeudj.sys

Please post back the results of the scan in your next post.
If Jotti is busy, try the same at Virustotal: http://www.virustotal.com/

Second
, rerun GMER.

From wherever you installed GMER, double click on the gmer.exe file. After the automatic quick scan, click on the Scan button. When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.

Next, we need a scan from RootRepeal.
  • Download RootRepeal from the following location and save it to your desktop.
  • Extract RootRepeal.exe from the archive.
  • Open on your desktop.
  • Click the tab.
  • Click the button.
  • Check all seven boxes:
  • Push Ok
  • Check the box for your main system drive (Usually C:), and press Ok.
  • Allow RootRepeal to run a scan of your system. This may take some time.
  • Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.

Lastly, please download maxlook, saving the file to your desktop.
  • Double click maxlook.exe to run it. Note - you must run it only once!
  • As instructed when the tool runs, restart the computer and logon to the Recovery Console.
  • Execute the following bolded command at the x:\windows> prompt <--- the red x represents your operating system drive letter, usually C
batch look.bat



You will see 1 file copied many times then return to the x:\windows> prompt.
Type Exit to restart your computer then logon in normal mode.

Please go to start > run and type

maxlook -sig

and hit enter.

Please copy the log into your reply.

In your reply
, copy into it the Jotti results and the GMER, RootRepeal, and Maxlook logs.

Thanks,

Shannon

#13 cats_rule

cats_rule
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 21 May 2010 - 05:53 AM

hi shannon , ive recently run something called tdsskiller which found this ..

10:32:33:187 0672 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\mouclass.sys. Real md5: eaf39b7170fa2f852040a32f18e9ceba, Fake md5: 35c9e97194c8cfb8430125f8dbc34d04
10:32:33:187 0672 File "C:\WINDOWS\system32\DRIVERS\mouclass.sys" infected by TDSS rootkit ... 10:32:53:843 0672 Backup copy not found, trying to cure infected file..

i was prompted to restart the pc and im now able to access windows update site and so far havent had any random tabs opening up on me .

i still think i should follow your instructions and post the logs of all your asking for .
do you suggest this ???

#14 cats_rule

cats_rule
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:52 AM

Posted 21 May 2010 - 08:57 AM

hi shannon , im having trouble running rootrepeal.exe. as sson as i open it up and select the options and click scan it just seems to freeze my computer, i left it for a while then found the only way i could do anything on my pc was to restart it .
what would you suggest ???

#15 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:08:52 PM

Posted 21 May 2010 - 09:30 AM

Hi-

That is good news! Skip RootRepeal. Do Maxlook though.


Shannon




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users