Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

kmixer.sys bsod -hijackthis log


  • This topic is locked This topic is locked
28 replies to this topic

#1 SpiritedTreasure

SpiritedTreasure

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:10 AM

Posted 10 August 2010 - 06:58 AM

Hello.

Last night while playing Dragon Age I got a kmixer.sys bsod . I looked up kmixer.sys on google after restarting and got a whole variety of topics that ranged from power source to malware.

I ran cmd/scannow and the disc seemed to start up at least 2 times after being inserted. How I wish for a better log of that.
Then shut completely down and restarted. After which Windows told me to "please wait" and after some moments there started.

I then had to unplug and plug in my linksys router. After which I shut down completely and restarted again. This time it started normally without any waiting period.

I then ran Trend Micro RootKitBuster and it found nothing.
This morning I ran a hijack this and as per your tutorial I am posting here.

Thank you for your help.

========================

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:40:50 AM, on 8/10/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\User\My Documents\program downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hyperchat.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\IPSBHO.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [Linksys Wireless Manager] "C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe" /cm /min /lcid 1033
O4 - HKLM\..\Run: [ATT-SST_McciTrayApp] "C:\Program Files\ATT-SST\McciTrayApp.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ATT-SST] C:\Program Files\ATT-SST\McciBrowser.exe -AppKey=ATT-SST -URL=file://C:\Program Files\ATT-SST\OCB\37d08485-c67d-4d35-9f2e-8980fce587ed\Start.htm?VendorID=ATT-SST,isHidden=false,ConnectivityRequired=true,flowId=HOMEPAGE,FlowParams=
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1231101685859
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareup...15107/CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

--
End of file - 10012 bytes

Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, chocolate in one hand, beer in the other, totally worn out and screaming 'WOOO HOOOOO what a ride!'

BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,088 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:10 PM

Posted 17 August 2010 - 09:25 AM

Hello ,
And welcome.gif to the Bleeping Computer Malware Removal Forum
. My name is Elise and I'll be glad to help you with your computer problems.


I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.
  • The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.
You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.
-----------------------------------------------------------

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

If you have already posted a log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the button.
  • Two reports will open, copy and paste them in a reply here:
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.


  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.

-------------------------------------------------------------
In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem

If you still need help, please include the following in your next reply
  • A detailed description of your problems
  • A new OTL log (don't forget extra.txt)
  • GMER log

Thanks and again sorry for the delay.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#3 SpiritedTreasure

SpiritedTreasure
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:10 AM

Posted 17 August 2010 - 10:29 AM

Hello Elise

Spirit or ST is fine for me.
Just letting you know I am here. =s=

Going off to do the scans now.

As far as symptoms.

I'm not having any of the symptoms I've been reading on this forum while waiting.
I scan with Malwarebytes and Norton every day (quick scans) I full scan every week.

Since running cmd/scannow I have not had any more blue screens.. Maybe I am just being a paranoid old woman. crazy.gif

Off to do the scans now . =s= Thank you for responding to me.
Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, chocolate in one hand, beer in the other, totally worn out and screaming 'WOOO HOOOOO what a ride!'

#4 SpiritedTreasure

SpiritedTreasure
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:10 AM

Posted 17 August 2010 - 10:40 AM

OTL logs

========================

OTL logfile created on: 8/17/2010 10:31:15 AM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\User\My Documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 67.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): C:\pagefile.sys 3000 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 173.59 Gb Free Space | 74.54% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: OWNER-B21F24D4F
Current User Name: User
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/08/17 09:55:31 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\My Documents\OTL.exe
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe
PRC - [2009/02/15 16:34:39 | 001,358,384 | R--- | M] (Linksys, LLC) -- C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe
PRC - [2008/12/12 19:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/12/12 19:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2008/08/08 17:30:44 | 000,016,712 | R--- | M] () -- C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2006/06/26 11:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe
PRC - [2006/06/26 11:33:32 | 000,243,248 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
PRC - [2006/06/26 10:46:04 | 000,497,200 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
PRC - [2006/03/30 15:58:14 | 000,143,360 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
PRC - [2006/03/30 15:54:48 | 000,131,131 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
PRC - [2006/02/07 01:13:32 | 000,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
PRC - [2002/09/10 22:26:26 | 000,368,706 | ---- | M] () -- C:\Program Files\BroadJump\Client Foundation\CFD.exe


========== Modules (SafeList) ==========

MOD - [2010/08/17 09:55:31 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\My Documents\OTL.exe
MOD - [2010/05/14 00:35:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\asoehook.dll
MOD - [2009/07/12 00:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009/07/12 00:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2008/04/14 05:40:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2006/06/26 11:33:42 | 000,091,696 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe -- (NIS)
SRV - [2009/12/15 15:07:16 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2008/12/12 19:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2006/06/26 11:33:56 | 000,091,696 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2006/06/26 11:33:42 | 000,099,888 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Program Files\Common Files\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2006/03/30 15:58:14 | 000,143,360 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2006/03/30 15:54:48 | 000,131,131 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp)
SRV - [2006/03/30 15:54:18 | 000,065,599 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)
SRV - [2006/02/07 01:13:32 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\awealloc.sys -- (AWEAlloc)
DRV - [2010/07/19 18:28:05 | 000,692,272 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\BASHDefs\20100719.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/07/13 20:11:13 | 001,362,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\VirusDefs\20100816.016\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/07/13 20:11:13 | 000,085,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\VirusDefs\20100816.016\NAVENG.SYS -- (NAVENG)
DRV - [2010/05/28 14:33:19 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\IPSDefs\20100813.004\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/05/27 06:43:34 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/27 06:43:34 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/20 13:59:20 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/05/05 23:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1107000.00C\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/05/05 23:01:43 | 000,047,408 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2010/05/05 23:01:43 | 000,047,408 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2010/04/29 00:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 22:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 21:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NIS\1107000.00C\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 21:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/04/03 22:55:32 | 010,232,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010/02/25 19:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\ccHPx86.sys -- (ccHP)
DRV - [2010/02/03 20:40:47 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\SYMDS.SYS -- (SymDS)
DRV - [2009/10/22 01:23:18 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/10/22 01:23:18 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/08/03 02:57:38 | 000,724,736 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2009/05/09 02:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2009/04/18 06:32:51 | 000,016,608 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2009/03/17 14:08:50 | 000,078,848 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSHDRV85.sys -- (SSHDRV85)
DRV - [2009/01/20 05:53:06 | 005,027,840 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/01/14 15:17:25 | 000,279,712 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009/01/14 15:17:25 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008/12/12 19:05:20 | 000,025,264 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis)
DRV - [2008/12/12 19:05:18 | 000,023,984 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp)
DRV - [2008/10/30 08:14:20 | 000,117,888 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/07/26 16:25:48 | 000,627,864 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2008/07/26 16:22:34 | 002,570,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2008/06/20 10:34:02 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2008/06/20 10:34:02 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2008/05/08 15:04:11 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2008/04/14 06:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 22:06:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/06/29 15:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007/06/15 02:47:26 | 001,127,936 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2006/06/26 11:33:40 | 000,023,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2006/06/26 11:33:36 | 001,952,816 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2006/06/26 11:33:28 | 001,587,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2006/06/22 17:29:46 | 000,038,960 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2006/06/22 17:29:28 | 000,720,176 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302AV.SYS -- (PID_08A0) Logitech QuickCam IM(PID_08A0)
DRV - [2006/06/22 17:29:27 | 000,012,080 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2006/03/22 14:24:00 | 000,052,736 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/03/22 14:24:00 | 000,018,944 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/22 14:23:00 | 000,109,568 | R--- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nvtcp.sys -- (NVTCP)
DRV - [2006/03/16 19:51:00 | 000,099,840 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2005/01/10 10:15:30 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005/01/10 10:15:24 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2001/08/17 18:11:18 | 000,020,160 | ---- | M] (ADMtek Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ADM8511.SYS -- (ADM8511)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s

IE - HKU\S-1-5-21-57989841-1770027372-1801674531-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hyperchat.com/
IE - HKU\S-1-5-21-57989841-1770027372-1801674531-1005\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
IE - HKU\S-1-5-21-57989841-1770027372-1801674531-1005\..\URLSearchHook: {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll (DeviceVM Inc.)
IE - HKU\S-1-5-21-57989841-1770027372-1801674531-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-57989841-1770027372-1801674531-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1;*.local

========== FireFox ==========

FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.hyperchat.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {ada4b710-8346-4b82-8199-5de2b400a6ae}:1.9.8.2

FF - HKLM\software\mozilla\eMusic Download Manager\Extensions\\Components: C:\Program Files\eMusic Download Manager\xulrunner\components [2010/04/06 09:14:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\eMusic Download Manager\Extensions\\Plugins: C:\Program Files\eMusic Download Manager\xulrunner\plugins [2010/07/24 10:59:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\IPSFFPlgn\ [2010/05/26 06:56:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\coFFPlgn\ [2010/05/20 13:59:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/26 12:43:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/26 12:43:53 | 000,000,000 | ---D | M]

[2009/01/04 18:07:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Mozilla\Extensions
[2010/08/12 12:04:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\zrmh9chn.default\extensions
[2010/07/08 20:23:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\zrmh9chn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/08 16:08:15 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\zrmh9chn.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2010/07/10 11:56:28 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\zrmh9chn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/08/12 12:04:46 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/02 07:40:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/07/24 10:52:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2009/11/19 17:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/07/24 10:51:53 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/11/19 17:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll

O1 HOSTS File: ([2010/03/05 15:41:09 | 000,380,253 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 13102 more lines...
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ipsbho.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-57989841-1770027372-1801674531-1005\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ATT-SST_McciTrayApp] C:\Program Files\ATT-SST\McciTrayApp.exe File not found
O4 - HKLM..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe ()
O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ()
O4 - HKLM..\Run: [Linksys Wireless Manager] C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe (Linksys, LLC)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe (Logitech Inc.)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] File not found
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll ()
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-57989841-1770027372-1801674531-1005..\Run: [ATT-SST] C:\Program Files\ATT-SST\McciBrowser.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-57989841-1770027372-1801674531-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O15 - HKU\S-1-5-21-57989841-1770027372-1801674531-1005\..Trusted Domains: motive.com ([pattta.att] https in Trusted sites)
O15 - HKU\S-1-5-21-57989841-1770027372-1801674531-1005\..Trusted Domains: motive.com ([patttbc.att] https in Trusted sites)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1231101685859 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareup...15107/CTPID.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/03 13:26:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/08/17 09:55:27 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\My Documents\OTL.exe
[2010/08/15 19:20:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\User\Recent
[2010/08/09 18:24:36 | 000,161,296 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2010/07/24 10:52:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/07/24 10:52:08 | 000,153,376 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javaws.exe
[2010/07/24 10:52:08 | 000,145,184 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javaw.exe
[2010/07/24 10:52:08 | 000,145,184 | ---- | C] (Oracle) -- C:\WINDOWS\System32\java.exe
[2010/07/24 10:52:08 | 000,073,728 | ---- | C] (Oracle) -- C:\WINDOWS\System32\javacpl.cpl
[2010/07/21 10:35:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\outlaw
[2010/07/19 21:01:36 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2010/07/19 21:01:35 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2010/07/19 21:01:35 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2010/07/19 21:01:32 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2010/07/19 21:01:31 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2010/07/19 21:01:30 | 000,019,455 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys
[2010/07/19 21:01:28 | 000,012,063 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys
[2010/07/19 21:01:27 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2010/07/19 21:01:14 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2010/07/19 21:01:14 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2010/07/19 21:01:07 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2010/07/19 21:01:06 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2010/07/19 21:01:05 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2010/07/19 21:01:03 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys
[2010/07/19 21:01:03 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys
[2010/07/19 21:01:03 | 000,023,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys
[2010/07/19 21:01:02 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2010/07/19 21:01:00 | 000,033,599 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys
[2010/07/19 21:01:00 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv10nt.sys
[2010/07/19 21:01:00 | 000,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv06nt.sys
[2010/07/19 21:01:00 | 000,019,551 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys
[2010/07/19 21:00:59 | 000,029,311 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys
[2010/07/19 21:00:59 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv11nt.sys
[2010/07/19 21:00:59 | 000,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv09nt.sys
[2010/07/19 21:00:59 | 000,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv08nt.sys
[2010/07/19 21:00:58 | 000,012,415 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys
[2010/07/19 21:00:58 | 000,012,127 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys
[2010/07/19 21:00:58 | 000,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv07nt.sys
[2010/07/19 21:00:58 | 000,011,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys
[2010/07/19 21:00:57 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2010/07/19 21:00:57 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wacompen.sys
[2010/07/19 21:00:56 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2010/07/19 21:00:56 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2010/07/19 21:00:55 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2010/07/19 21:00:54 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2010/07/19 21:00:53 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2010/07/19 21:00:52 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2010/07/19 21:00:52 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys
[2010/07/19 21:00:51 | 000,042,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viaagp.sys
[2010/07/19 21:00:51 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viaide.sys
[2010/07/19 21:00:50 | 000,011,325 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\vchnt5.dll
[2010/07/19 21:00:49 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2010/07/19 21:00:48 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2010/07/19 21:00:48 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2010/07/19 21:00:48 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2010/07/19 21:00:47 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2010/07/19 21:00:46 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2010/07/19 21:00:46 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2010/07/19 21:00:46 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2010/07/19 21:00:45 | 000,121,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbvideo.sys
[2010/07/19 21:00:45 | 000,020,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbuhci.sys
[2010/07/19 21:00:44 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2010/07/19 21:00:43 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2010/07/19 21:00:42 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2010/07/19 21:00:39 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll
[2010/07/19 21:00:39 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2010/07/19 21:00:39 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2010/07/19 21:00:38 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll
[2010/07/19 21:00:38 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2010/07/19 21:00:38 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2010/07/19 21:00:38 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2010/07/19 21:00:37 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2010/07/19 21:00:37 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2010/07/19 21:00:37 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2010/07/19 21:00:37 | 000,036,736 | ---- | C] (Promise Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ultra.sys
[2010/07/19 21:00:36 | 000,044,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uagp35.sys
[2010/07/19 21:00:36 | 000,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys
[2010/07/19 21:00:33 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2010/07/19 21:00:33 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2010/07/19 21:00:32 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2010/07/19 21:00:32 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2010/07/19 21:00:32 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2010/07/19 21:00:31 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2010/07/19 21:00:31 | 000,042,496 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll
[2010/07/19 21:00:31 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys
[2010/07/19 21:00:30 | 000,082,944 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4mon.exe
[2010/07/19 21:00:30 | 000,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll
[2010/07/19 21:00:29 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys
[2010/07/19 21:00:29 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys
[2010/07/19 21:00:29 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\toside.sys
[2010/07/19 21:00:28 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2010/07/19 21:00:28 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys
[2010/07/19 21:00:24 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2010/07/19 21:00:24 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2010/07/19 21:00:24 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2010/07/19 21:00:23 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2010/07/19 21:00:22 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2010/07/19 21:00:21 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys
[2010/07/19 21:00:19 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2010/07/19 21:00:19 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2010/07/19 21:00:19 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2010/07/19 21:00:16 | 000,032,640 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\symc8xx.sys
[2010/07/19 21:00:15 | 000,030,688 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_u3.sys
[2010/07/19 21:00:15 | 000,028,384 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_hi.sys
[2010/07/19 21:00:15 | 000,016,256 | ---- | C] (Symbios Logic Inc.) -- C:\WINDOWS\System32\dllcache\symc810.sys
[2010/07/19 21:00:13 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2010/07/19 21:00:12 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2010/07/19 21:00:12 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2010/07/19 21:00:12 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2010/07/19 21:00:12 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2010/07/19 21:00:11 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2010/07/19 21:00:11 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2010/07/19 21:00:10 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2010/07/19 21:00:10 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2010/07/19 21:00:10 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2010/07/19 21:00:09 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2010/07/19 21:00:07 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2010/07/19 21:00:07 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2010/07/19 21:00:04 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2010/07/19 21:00:03 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2010/07/19 21:00:02 | 000,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2010/07/19 21:00:02 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2010/07/19 21:00:02 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2010/07/19 21:00:01 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll
[2010/07/19 21:00:01 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys
[2010/07/19 21:00:01 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys
[2010/07/19 21:00:01 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2010/07/19 21:00:00 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys
[2010/07/19 20:59:58 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2010/07/19 20:59:51 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2010/07/19 20:59:51 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2010/07/19 20:59:50 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2010/07/19 20:59:50 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2010/07/19 20:59:49 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2010/07/19 20:59:49 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys
[2010/07/19 20:59:49 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys
[2010/07/19 20:59:49 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys
[2010/07/19 20:59:48 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll
[2010/07/19 20:59:48 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll
[2010/07/19 20:59:48 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbali.sys
[2010/07/19 20:59:47 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll
[2010/07/19 20:59:45 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll
[2010/07/19 20:59:43 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slserv.exe
[2010/07/19 20:59:43 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slwdmsup.sys
[2010/07/19 20:59:42 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slnthal.sys
[2010/07/19 20:59:42 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slrundll.exe
[2010/07/19 20:59:41 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slntamr.sys
[2010/07/19 20:59:41 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slnt7554.sys
[2010/07/19 20:59:40 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slextspk.dll
[2010/07/19 20:59:40 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slgen.dll
[2010/07/19 20:59:40 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slcoinst.dll
[2010/07/19 20:59:39 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll
[2010/07/19 20:59:39 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2010/07/19 20:59:39 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2010/07/19 20:59:39 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2010/07/19 20:59:38 | 000,238,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrv.dll
[2010/07/19 20:59:38 | 000,104,064 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrp.sys
[2010/07/19 20:59:38 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys
[2010/07/19 20:59:38 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2010/07/19 20:59:37 | 000,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll
[2010/07/19 20:59:37 | 000,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys
[2010/07/19 20:59:37 | 000,040,960 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisagp.sys
[2010/07/19 20:59:36 | 000,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll
[2010/07/19 20:59:36 | 000,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys
[2010/07/19 20:59:36 | 000,003,901 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\siint5.dll
[2010/07/19 20:59:30 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2010/07/19 20:59:30 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2010/07/19 20:59:30 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2010/07/19 20:59:30 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2010/07/19 20:59:29 | 000,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys
[2010/07/19 20:59:27 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys
[2010/07/19 20:59:27 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2010/07/19 20:59:26 | 000,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys
[2010/07/19 20:59:26 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys
[2010/07/19 20:59:25 | 000,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys
[2010/07/19 20:59:24 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2010/07/19 20:59:24 | 000,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys
[2010/07/19 20:59:23 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2010/07/19 20:59:23 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2010/07/19 20:59:22 | 000,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll
[2010/07/19 20:59:22 | 000,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys
[2010/07/19 20:59:20 | 000,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll
[2010/07/19 20:59:20 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2010/07/19 20:59:20 | 000,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys
[2010/07/19 20:59:19 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2010/07/19 20:59:19 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2010/07/19 20:59:19 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2010/07/19 20:59:19 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2010/07/19 20:59:18 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2010/07/19 20:59:18 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2010/07/19 20:59:18 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2010/07/19 20:59:18 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2010/07/19 20:59:17 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3gnb.dll
[2010/07/19 20:59:17 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3gnbm.sys
[2010/07/19 20:59:17 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2010/07/19 20:59:16 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2010/07/19 20:59:16 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2010/07/19 20:59:15 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2010/07/19 20:59:15 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2010/07/19 20:59:12 | 000,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys
[2010/07/19 20:59:12 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8139.sys
[2010/07/19 20:59:12 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2010/07/19 20:59:11 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2010/07/19 20:59:10 | 000,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys
[2010/07/19 20:59:08 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2010/07/19 20:59:06 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rndismpx.sys
[2010/07/19 20:59:05 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rfcomm.sys
[2010/07/19 20:59:05 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2010/07/19 20:59:04 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2010/07/19 20:59:02 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\recagent.sys
[2010/07/19 20:58:59 | 000,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys
[2010/07/19 20:58:57 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2010/07/19 20:58:57 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2010/07/19 20:58:57 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2010/07/19 20:58:56 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[2010/07/19 20:58:52 | 000,049,024 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1280.sys
[2010/07/19 20:58:52 | 000,045,312 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql12160.sys
[2010/07/19 20:58:52 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql1240.sys
[2010/07/19 20:58:52 | 000,033,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql10wnt.sys
[2010/07/19 20:58:51 | 000,040,320 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1080.sys
[2010/07/19 20:58:51 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys
[2010/07/19 20:58:50 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2010/07/19 20:58:49 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll
[2010/07/19 20:58:49 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2010/07/19 20:58:49 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2010/07/19 20:58:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll
[2010/07/19 20:58:48 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll
[2010/07/19 20:58:47 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2010/07/19 20:58:46 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys
[2010/07/19 20:58:45 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys
[2010/07/19 20:58:45 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys
[2010/07/19 20:58:44 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys
[2010/07/19 20:58:40 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll
[2010/07/19 20:58:39 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys
[2010/07/19 20:58:39 | 000,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys
[2010/07/19 20:58:38 | 000,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys
[2010/07/19 20:58:38 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys
[2010/07/19 20:58:38 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll
[2010/07/19 20:58:37 | 000,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll
[2010/07/19 20:58:37 | 000,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll
[2010/07/19 20:58:37 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax
[2010/07/19 20:58:37 | 000,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys
[2010/07/19 20:58:36 | 000,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys
[2010/07/19 20:58:36 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2hib.sys
[2010/07/19 20:58:35 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2010/07/19 20:58:35 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2010/07/19 20:58:35 | 000,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys
[2010/07/19 20:58:35 | 000,027,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2.sys
[2010/07/19 20:58:34 | 000,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[2010/07/19 20:58:34 | 000,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys
[2010/07/19 20:58:34 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2010/07/19 20:58:33 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2010/07/19 20:58:33 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2010/07/19 20:58:30 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll
[2010/07/19 20:58:30 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll
[2010/07/19 20:58:30 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe
[2010/07/19 20:58:30 | 000,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys
[2010/07/19 20:58:29 | 000,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys
[2010/07/19 20:58:29 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll
[2010/07/19 20:58:29 | 000,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys
[2010/07/19 20:58:29 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll
[2010/07/19 20:58:28 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2010/07/19 20:58:28 | 000,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys
[2010/07/19 20:58:28 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys
[2010/07/19 20:58:28 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys
[2010/07/19 20:58:27 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2010/07/19 20:58:27 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2010/07/19 20:58:27 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2010/07/19 20:58:21 | 000,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys
[2010/07/19 20:58:21 | 000,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll
[2010/07/19 20:58:20 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\ntmtlfax.sys
[2010/07/19 20:58:17 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2010/07/19 20:58:16 | 000,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys
[2010/07/19 20:58:16 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys
[2010/07/19 20:58:16 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys
[2010/07/19 20:58:14 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2010/07/19 20:58:14 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2010/07/19 20:58:11 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2010/07/19 20:58:11 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2010/07/19 20:58:08 | 000,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys
[2010/07/19 20:58:07 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2010/07/19 20:58:07 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2010/07/19 20:58:07 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys
[2010/07/19 20:58:05 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2010/07/19 20:58:05 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2010/07/19 20:58:05 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2010/07/19 20:58:04 | 000,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys
[2010/07/19 20:58:04 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2010/07/19 20:58:04 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2010/07/19 20:58:04 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2010/07/19 20:58:03 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2010/07/19 20:58:03 | 000,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys
[2010/07/19 20:58:03 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2010/07/19 20:58:03 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2010/07/19 20:58:02 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2010/07/19 20:58:02 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2010/07/19 20:58:02 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mutohpen.sys
[2010/07/19 20:58:00 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mtxparhd.dll
[2010/07/19 20:58:00 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mtxparhm.sys
[2010/07/19 20:58:00 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2010/07/19 20:57:58 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\mtlstrm.sys
[2010/07/19 20:57:58 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\mtlmnt5.sys
[2010/07/19 20:57:52 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2010/07/19 20:57:50 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys
[2010/07/19 20:57:47 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmpu401.sys
[2010/07/19 20:57:46 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys
[2010/07/19 20:57:38 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys
[2010/07/19 20:57:38 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys
[2010/07/19 20:57:37 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2010/07/19 20:57:34 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2010/07/19 20:57:32 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2010/07/19 20:57:30 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys
[2010/07/19 20:57:27 | 000,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys
[2010/07/19 20:57:25 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys
[2010/07/19 20:57:25 | 000,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll
[2010/07/19 20:57:22 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll
[2010/07/19 20:57:22 | 000,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys
[2010/07/19 20:57:22 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys
[2010/07/19 20:57:21 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2010/07/19 20:57:20 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys
[2010/07/19 20:57:19 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll
[2010/07/19 20:57:19 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll
[2010/07/19 20:57:19 | 000,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys
[2010/07/19 20:57:18 | 000,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys
[2010/07/19 20:57:18 | 000,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys
[2010/07/19 20:57:17 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2010/07/19 20:57:17 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2010/07/19 20:57:17 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys
[2010/07/19 20:57:16 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2010/07/19 20:57:16 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2010/07/19 20:57:16 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2010/07/19 20:57:15 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2010/07/19 20:57:14 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys
[2010/07/19 20:57:13 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2010/07/19 20:57:12 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2010/07/19 20:57:12 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2010/07/19 20:57:10 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2010/07/19 20:57:08 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2010/07/19 20:57:07 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2010/07/19 20:57:07 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2010/07/19 20:57:05 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2010/07/19 20:57:03 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll
[2010/07/19 20:57:03 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll
[2010/07/19 20:56:55 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2010/07/19 20:56:55 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2010/07/19 20:56:50 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2010/07/19 20:56:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2010/07/19 20:56:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2010/07/19 20:56:44 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2010/07/19 20:56:43 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2010/07/19 20:56:40 | 000,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys
[2010/07/19 20:56:40 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2010/07/19 20:56:39 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2010/07/19 20:56:39 | 000,088,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys
[2010/07/19 20:56:39 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll
[2010/07/19 20:56:39 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2010/07/19 20:56:35 | 000,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll
[2010/07/19 20:56:35 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2010/07/19 20:56:35 | 000,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys
[2010/07/19 20:56:34 | 000,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys
[2010/07/19 20:56:34 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\intelide.sys
[2010/07/19 20:56:33 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ini910u.sys
[2010/07/19 20:56:16 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2010/07/19 20:56:16 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys
[2010/07/19 20:56:15 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2010/07/19 20:56:15 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll
[2010/07/19 20:56:15 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll
[2010/07/19 20:56:14 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2010/07/19 20:56:14 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2010/07/19 20:56:13 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2010/07/19 20:56:12 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2010/07/19 20:56:12 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys
[2010/07/19 20:56:12 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys
[2010/07/19 20:56:12 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2010/07/19 20:56:11 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys
[2010/07/19 20:56:11 | 000,009,216 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[2010/07/19 20:56:10 | 000,702,845 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll
[2010/07/19 20:56:10 | 000,161,020 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys
[2010/07/19 20:56:09 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll
[2010/07/19 20:56:09 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys
[2010/07/19 20:56:09 | 000,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omp.sys
[2010/07/19 20:56:09 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2010/07/19 20:55:47 | 001,041,536 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfdpsp2.sys
[2010/07/19 20:55:47 | 000,685,056 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfcxts2.sys
[2010/07/19 20:55:47 | 000,220,032 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfbs2s2.sys
[2010/07/19 20:55:47 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfcisp2.dll
[2010/07/19 20:55:46 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys
[2010/07/19 20:55:46 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys
[2010/07/19 20:55:46 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys
[2010/07/19 20:55:46 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys
[2010/07/19 20:55:45 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys
[2010/07/19 20:55:45 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys
[2010/07/19 20:55:45 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys
[2010/07/19 20:55:45 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll
[2010/07/19 20:55:44 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys
[2010/07/19 20:55:44 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys
[2010/07/19 20:55:44 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys
[2010/07/19 20:55:44 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys
[2010/07/19 20:55:43 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys
[2010/07/19 20:55:43 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2010/07/19 20:55:42 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2010/07/19 20:55:42 | 000,025,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpn.sys
[2010/07/19 20:55:42 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2010/07/19 20:55:42 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2010/07/19 20:55:41 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2010/07/19 20:55:41 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2010/07/19 20:55:41 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2010/07/19 20:55:40 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2010/07/19 20:55:40 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2010/07/19 20:55:39 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2010/07/19 20:55:39 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2010/07/19 20:55:36 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidir.sys
[2010/07/19 20:55:36 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2010/07/19 20:55:36 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2010/07/19 20:55:35 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbth.sys
[2010/07/19 20:55:35 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2010/07/19 20:55:34 | 000,907,456 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys
[2010/07/19 20:55:31 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2010/07/19 20:55:31 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2010/07/19 20:55:30 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2010/07/19 20:55:29 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys
[2010/07/19 20:55:29 | 000,046,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gagp30kx.sys
[2010/07/19 20:55:29 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2010/07/19 20:55:28 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll
[2010/07/19 20:55:28 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys
[2010/07/19 20:55:27 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll
[2010/07/19 20:55:27 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2010/07/19 20:55:27 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys
[2010/07/19 20:55:19 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2010/07/19 20:55:18 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2010/07/19 20:55:18 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2010/07/19 20:55:16 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2010/07/19 20:55:16 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2010/07/19 20:55:15 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2010/07/19 20:55:14 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2010/07/19 20:55:14 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2010/07/19 20:55:12 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2010/07/19 20:55:11 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys
[2010/07/19 20:55:10 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2010/07/19 20:55:10 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys
[2010/07/19 20:55:09 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2010/07/19 20:55:09 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2010/07/19 20:55:07 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys
[2010/07/19 20:55:07 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2010/07/19 20:55:05 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2010/07/19 20:55:05 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2010/07/19 20:55:04 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2010/07/19 20:55:03 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys
[2010/07/19 20:55:03 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2010/07/19 20:55:03 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2010/07/19 20:55:01 | 000,595,647 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2010/07/19 20:55:01 | 000,594,238 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys
[2010/07/19 20:55:01 | 000,347,550 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2010/07/19 20:55:00 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2010/07/19 20:55:00 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2010/07/19 20:55:00 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2010/07/19 20:55:00 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2010/07/19 20:54:59 | 000,061,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2010/07/19 20:54:59 | 000,053,248 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2010/07/19 20:54:59 | 000,051,200 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2010/07/19 20:54:58 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2010/07/19 20:54:58 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2010/07/19 20:54:58 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2010/07/19 20:54:58 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2010/07/19 20:54:57 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys
[2010/07/19 20:54:56 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2010/07/19 20:54:56 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2010/07/19 20:54:56 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2010/07/19 20:54:55 | 000,455,199 | ---- | C] (3Com Corporation.) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2010/07/19 20:54:55 | 000,171,520 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2010/07/19 20:54:55 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2010/07/19 20:54:55 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2010/07/19 20:54:54 | 000,634,134 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2010/07/19 20:54:54 | 000,241,206 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2010/07/19 20:54:54 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2010/07/19 20:54:54 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2010/07/19 20:54:53 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2010/07/19 20:54:53 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2010/07/19 20:54:53 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2010/07/19 20:54:53 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2010/07/19 20:54:53 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2010/07/19 20:54:52 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2010/07/19 20:54:50 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100b325.sys
[2010/07/19 20:54:50 | 000,050,719 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2010/07/19 20:54:50 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2010/07/19 20:54:45 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2010/07/19 20:54:44 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2010/07/19 20:54:43 | 000,020,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpti2o.sys
[2010/07/19 20:54:42 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2010/07/19 20:54:41 | 000,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys
[2010/07/19 20:54:41 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2010/07/19 20:54:41 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2010/07/19 20:54:41 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2010/07/19 20:54:37 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2010/07/19 20:54:37 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2010/07/19 20:54:37 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2010/07/19 20:54:37 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2010/07/19 20:54:35 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2010/07/19 20:54:35 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2010/07/19 20:54:35 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2010/07/19 20:54:35 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2010/07/19 20:54:33 | 000,614,429 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2010/07/19 20:54:33 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2010/07/19 20:54:33 | 000,042,432 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2010/07/19 20:54:32 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2010/07/19 20:54:32 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2010/07/19 20:54:32 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2010/07/19 20:54:32 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2010/07/19 20:54:32 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2010/07/19 20:54:31 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2010/07/19 20:54:31 | 000,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2010/07/19 20:54:31 | 000,103,044 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2010/07/19 20:54:31 | 000,090,525 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2010/07/19 20:54:30 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2010/07/19 20:54:30 | 000,037,735 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2010/07/19 20:54:28 | 000,419,357 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2010/07/19 20:54:28 | 000,029,531 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2010/07/19 20:54:27 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2010/07/19 20:54:27 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2010/07/19 20:54:26 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll
[2010/07/19 20:54:26 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe
[2010/07/19 20:54:25 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2010/07/19 20:54:25 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2010/07/19 20:54:24 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2010/07/19 20:54:24 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2010/07/19 20:54:24 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2010/07/19 20:54:24 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2010/07/19 20:54:23 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2010/07/19 20:54:21 | 000,179,584 | ---- | C] (Mylex Corporation) -- C:\WINDOWS\System32\dllcache\dac2w2k.sys
[2010/07/19 20:54:21 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dac960nt.sys
[2010/07/19 20:54:19 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2010/07/19 20:54:19 | 000,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2010/07/19 20:54:19 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2010/07/19 20:54:18 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2010/07/19 20:54:18 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2010/07/19 20:54:18 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2010/07/19 20:54:18 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2010/07/19 20:54:17 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2010/07/19 20:54:17 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2010/07/19 20:54:17 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2010/07/19 20:54:16 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2010/07/19 20:54:16 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2010/07/19 20:54:16 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2010/07/19 20:54:16 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2010/07/19 20:54:15 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2010/07/19 20:54:15 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll
[2010/07/19 20:54:15 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2010/07/19 20:54:15 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2010/07/19 20:54:14 | 000,096,256 | ---- | C] (Copyright © Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2010/07/19 20:54:14 | 000,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys
[2010/07/19 20:54:14 | 000,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2010/07/19 20:54:13 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll
[2010/07/19 20:54:13 | 000,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2010/07/19 20:54:12 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2010/07/19 20:54:11 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2010/07/19 20:54:11 | 000,021,533 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2010/07/19 20:54:10 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cpqarray.sys
[2010/07/19 20:54:04 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compbatt.sys
[2010/07/19 20:54:02 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2010/07/19 20:54:02 | 000,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2010/07/19 20:53:56 | 000,006,656 | ---- | C] (CMD Technology, Inc.) -- C:\WINDOWS\System32\dllcache\cmdide.sys
[2010/07/19 20:53:55 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2010/07/19 20:53:55 | 000,013,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmbatt.sys
[2010/07/19 20:53:54 | 000,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2010/07/19 20:53:53 | 000,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2010/07/19 20:53:53 | 000,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2010/07/19 20:53:53 | 000,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2010/07/19 20:53:53 | 000,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2010/07/19 20:53:51 | 000,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2010/07/19 20:53:50 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2010/07/19 20:53:43 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2010/07/19 20:53:40 | 000,015,423 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\ch7xxnt5.dll
[2010/07/19 20:53:39 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2010/07/19 20:53:39 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2010/07/19 20:53:38 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2010/07/19 20:53:38 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2010/07/19 20:53:38 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2010/07/19 20:53:37 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cd20xrnt.sys
[2010/07/19 20:53:36 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2010/07/19 20:53:36 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2010/07/19 20:53:36 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2010/07/19 20:53:35 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2010/07/19 20:53:34 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2010/07/19 20:53:34 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2010/07/19 20:53:31 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2010/07/19 20:53:31 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2010/07/19 20:53:30 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2010/07/19 20:53:30 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2010/07/19 20:53:29 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2010/07/19 20:53:29 | 000,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2010/07/19 20:53:29 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2010/07/19 20:53:29 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2010/07/19 20:53:28 | 000,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2010/07/19 20:53:10 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthprint.sys
[2010/07/19 20:53:10 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthusb.sys
[2010/07/19 20:53:10 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2010/07/19 20:53:09 | 000,101,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthpan.sys
[2010/07/19 20:53:09 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthmodem.sys
[2010/07/19 20:53:09 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2010/07/19 20:53:09 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthenum.sys
[2010/07/19 20:53:08 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2010/07/19 20:53:08 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2010/07/19 20:53:08 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2010/07/19 20:53:08 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2010/07/19 20:53:08 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2010/07/19 20:53:07 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2010/07/19 20:53:07 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2010/07/19 20:53:06 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2010/07/19 20:53:06 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2010/07/19 20:53:06 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2010/07/19 20:53:05 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2010/07/19 20:53:05 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2010/07/19 20:53:05 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2010/07/19 20:53:05 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2010/07/19 20:53:04 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2010/07/19 20:53:04 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2010/07/19 20:53:04 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2010/07/19 20:53:04 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2010/07/19 20:53:02 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2010/07/19 20:53:02 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2010/07/19 20:53:01 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2010/07/19 20:53:01 | 000,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys
[2010/07/19 20:53:01 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2010/07/19 20:53:01 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2010/07/19 20:53:00 | 000,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys
[2010/07/19 20:53:00 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\battc.sys
[2010/07/19 20:52:59 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2010/07/19 20:52:59 | 000,096,640 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys
[2010/07/19 20:52:59 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2010/07/19 20:52:58 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2010/07/19 20:52:58 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2010/07/19 20:52:58 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2010/07/19 20:52:57 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2010/07/19 20:52:57 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2010/07/19 20:52:56 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2010/07/19 20:52:56 | 000,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2010/07/19 20:52:56 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2010/07/19 20:52:55 | 000,017,279 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\atv10nt5.dll
[2010/07/19 20:52:54 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\atv04nt5.dll
[2010/07/19 20:52:54 | 000,021,183 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\atv01nt5.dll
[2010/07/19 20:52:54 | 000,014,143 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\atv06nt5.dll
[2010/07/19 20:52:54 | 000,011,359 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\atv02nt5.dll
[2010/07/19 20:52:52 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ativvaxx.dll
[2010/07/19 20:52:51 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ativtmxx.dll
[2010/07/19 20:52:51 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ativmvxx.ax
[2010/07/19 20:52:51 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ativdaxx.ax
[2010/07/19 20:52:49 | 000,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll
[2010/07/19 20:52:49 | 000,070,528 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys
[2010/07/19 20:52:49 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinxsxx.sys
[2010/07/19 20:52:48 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atintuxx.sys
[2010/07/19 20:52:48 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinxbxx.sys
[2010/07/19 20:52:48 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinsnxx.sys
[2010/07/19 20:52:48 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinttxx.sys
[2010/07/19 20:52:47 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinrvxx.sys
[2010/07/19 20:52:47 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinraxx.sys
[2010/07/19 20:52:47 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinpdxx.sys
[2010/07/19 20:52:46 | 000,281,600 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys
[2010/07/19 20:52:46 | 000,075,136 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys
[2010/07/19 20:52:46 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinbtxx.sys
[2010/07/19 20:52:46 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinmdxx.sys
[2010/07/19 20:52:45 | 000,289,664 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys
[2010/07/19 20:52:45 | 000,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll
[2010/07/19 20:52:45 | 000,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll
[2010/07/19 20:52:45 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2010/07/19 20:52:44 | 000,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll
[2010/07/19 20:52:43 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ati3duag.dll
[2010/07/19 20:52:43 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ati3d1ag.dll
[2010/07/19 20:52:43 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mtag.sys
[2010/07/19 20:52:42 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2dvaa.dll
[2010/07/19 20:52:42 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mtaa.sys
[2010/07/19 20:52:42 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2cqag.dll
[2010/07/19 20:52:42 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2dvag.dll
[2010/07/19 20:52:41 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1xsxx.sys
[2010/07/19 20:52:40 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1tuxx.sys
[2010/07/19 20:52:40 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1xbxx.sys
[2010/07/19 20:52:40 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1ttxx.sys
[2010/07/19 20:52:39 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1rvxx.sys
[2010/07/19 20:52:39 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1raxx.sys
[2010/07/19 20:52:39 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1snxx.sys
[2010/07/19 20:52:39 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1pdxx.sys
[2010/07/19 20:52:38 | 000,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2010/07/19 20:52:38 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2010/07/19 20:52:38 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1btxx.sys
[2010/07/19 20:52:38 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1mdxx.sys
[2010/07/19 20:52:37 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2010/07/19 20:52:37 | 000,014,848 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc3550.sys
[2010/07/19 20:52:36 | 000,026,496 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc.sys
[2010/07/19 20:52:36 | 000,022,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asc3350p.sys
[2010/07/19 20:52:35 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2010/07/19 20:52:34 | 000,043,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\dllcache\amdagp.sys
[2010/07/19 20:52:34 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2010/07/19 20:52:34 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2010/07/19 20:52:34 | 000,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\amsint.sys
[2010/07/19 20:52:33 | 000,042,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\alim1541.sys
[2010/07/19 20:52:33 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys
[2010/07/19 20:52:33 | 000,005,248 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\aliide.sys
[2010/07/19 20:52:32 | 000,056,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78xx.sys
[2010/07/19 20:52:32 | 000,055,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78u2.sys
[2010/07/19 20:52:32 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys
[2010/07/19 20:52:32 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aha154x.sys
[2010/07/19 20:52:27 | 000,044,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agpcpq.sys
[2010/07/19 20:52:27 | 000,042,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agp440.sys
[2010/07/19 20:52:26 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2010/07/19 20:52:23 | 000,003,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv11nt5.dll
[2010/07/19 20:52:23 | 000,003,711 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv09nt5.dll
[2010/07/19 20:52:23 | 000,003,135 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv08nt5.dll
[2010/07/19 20:52:22 | 000,003,647 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv07nt5.dll
[2010/07/19 20:52:22 | 000,003,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv05nt5.dll
[2010/07/19 20:52:21 | 000,004,255 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv01nt5.dll
[2010/07/19 20:52:21 | 000,003,967 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv02nt5.dll
[2010/07/19 20:52:19 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adpu160m.sys
[2010/07/19 20:52:18 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2010/07/19 20:52:18 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2010/07/19 20:52:18 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2010/07/19 20:52:17 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2010/07/19 20:52:17 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2010/07/19 20:52:17 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2010/07/19 20:52:16 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2010/07/19 20:52:15 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2010/07/19 20:52:15 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2010/07/19 20:52:15 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2010/07/19 20:52:14 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2010/07/19 20:52:14 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2010/07/19 20:52:14 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\abp480n5.sys
[2010/07/19 20:52:13 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2010/07/19 20:52:13 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2010/07/19 20:52:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2010/07/19 20:52:10 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2010/07/19 20:52:10 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2010/07/19 20:52:10 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2010/07/19 20:52:09 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2010/07/19 20:51:53 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2010/07/19 19:40:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Malwarebytes
[2010/07/19 19:40:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/07/19 19:40:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/07/19 19:40:29 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/07/19 19:40:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2002/04/10 20:41:06 | 000,065,536 | ---- | C] ( ) -- C:\WINDOWS\System32\A3d.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/08/17 09:56:21 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\User\My Documents\gmer.zip
[2010/08/17 09:55:31 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\My Documents\OTL.exe
[2010/08/17 07:07:58 | 000,002,828 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2010/08/17 06:11:06 | 000,521,942 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/17 06:11:06 | 000,441,454 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/17 06:11:06 | 000,071,264 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/17 06:07:13 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/08/17 06:06:58 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/08/17 06:06:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/08/16 20:46:01 | 018,350,080 | -H-- | M] () -- C:\Documents and Settings\User\NTUSER.DAT
[2010/08/16 15:40:57 | 000,000,079 | -HS- | M] () -- C:\Documents and Settings\User\ntuser.ini
[2010/08/16 12:47:08 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/15 19:13:12 | 000,000,023 | ---- | M] () -- C:\WINDOWS\BlendSettings.ini
[2010/08/11 15:45:15 | 000,679,024 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/09 18:24:36 | 000,161,296 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2010/07/27 01:30:35 | 008,462,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2010/07/24 12:29:45 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\User\cacls
[2010/07/24 10:51:52 | 000,423,656 | ---- | M] (Oracle) -- C:\WINDOWS\System32\deployJava1.dll
[2010/07/24 10:51:52 | 000,153,376 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javaws.exe
[2010/07/24 10:51:52 | 000,145,184 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javaw.exe
[2010/07/24 10:51:52 | 000,145,184 | ---- | M] (Oracle) -- C:\WINDOWS\System32\java.exe
[2010/07/24 10:51:52 | 000,073,728 | ---- | M] (Oracle) -- C:\WINDOWS\System32\javacpl.cpl
[2010/07/20 12:25:18 | 000,000,536 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - User - Full System Scan.job
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/08/17 09:56:19 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\User\My Documents\gmer.zip
[2010/07/24 12:29:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\User\cacls
[2010/07/19 21:01:35 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2010/07/19 21:01:35 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2010/07/19 20:58:48 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2010/07/19 20:58:48 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2010/07/19 20:57:37 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2010/07/19 20:55:41 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2010/07/19 20:55:41 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2010/07/19 20:55:40 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2010/07/19 20:55:40 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2010/07/19 20:55:39 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2010/07/19 20:54:36 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2010/07/19 20:54:36 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2010/07/19 20:54:36 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2010/07/19 20:52:52 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2010/07/19 20:52:52 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2010/07/19 20:52:52 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2010/07/19 20:52:51 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2010/07/19 20:52:50 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2010/07/19 20:52:50 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2010/07/19 20:52:50 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2010/07/19 20:52:50 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2010/07/19 20:52:49 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2010/07/19 20:52:44 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2009/10/27 11:47:34 | 000,000,047 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009/08/20 16:02:50 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2009/08/20 16:02:50 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2009/08/01 07:08:07 | 000,339,968 | ---- | C] () -- C:\WINDOWS\System32\pythoncom25.dll
[2009/08/01 07:08:07 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\pywintypes25.dll
[2009/05/23 17:21:57 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2009/04/10 12:42:31 | 000,005,627 | R--- | C] () -- C:\WINDOWS\System32\Ludap17.ini
[2009/04/10 12:42:31 | 000,000,039 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2009/03/17 14:08:49 | 000,078,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\SSHDRV85.sys
[2009/01/27 20:25:22 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/27 16:12:05 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2009/01/27 16:12:05 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\65140F188F.sys
[2009/01/14 15:17:25 | 000,279,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009/01/14 15:17:25 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2007/11/26 22:56:28 | 000,151,415 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2007/10/12 02:11:58 | 000,022,334 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2006/06/26 11:33:40 | 000,023,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2005/05/03 06:38:42 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\P17.dll
[2003/10/02 05:48:18 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 487 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
< End of report >


===========================================================================================


OTL Extras logfile created on: 8/17/2010 10:31:15 AM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Documents and Settings\User\My Documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 67.00% Memory free
5.00 Gb Paging File | 4.00 Gb Available in Paging File | 91.00% Paging File free
Paging file location(s): C:\pagefile.sys 3000 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 173.59 Gb Free Space | 74.54% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: OWNER-B21F24D4F
Current User Name: User
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-57989841-1770027372-1801674531-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with Corel Paint Shop Pro Photo X2] -- "C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.)
Directory [cmd] -- cmd.exe /k cd "%L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe -- File not found
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- File not found
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\Microsoft Games for Windows - LIVE\Redist\DirectX\DXSETUP.exe" = C:\Program Files\Microsoft Games for Windows - LIVE\Redist\DirectX\DXSETUP.exe:*:Enabled:DXSETUP.exe -- File not found
"C:\Program Files\Microsoft Games for Windows - LIVE\Client\GFWLClient.exe" = C:\Program Files\Microsoft Games for Windows - LIVE\Client\GFWLClient.exe:*:Disabled:GFWLClient.exe -- File not found
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\eMusic Download Manager\xulrunner\xulrunner.exe" = C:\Program Files\eMusic Download Manager\xulrunner\xulrunner.exe:*:Enabled:eMusic Download Manager -- (Mozilla Foundation)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager -- File not found
"C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe" = C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe:*:Enabled:LinksysWirelessManager.exe -- (Linksys, LLC)
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" = C:\Program Files\Alwil Software\Avast5\AvastUI.exe:*:Enabled:avast! Free Antivirus -- File not found
"C:\Program Files\Dragon Age\bin_ship\daorigins.exe" = C:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Origins Game -- (BioWare)
"C:\Program Files\Dragon Age\DAOriginsLauncher.exe" = C:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Origins Launcher -- (BioWare)
"C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe" = C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Origins Updater -- (BioWare)
"C:\Program Files\Dragon Age\tools\GffEditor.exe" = C:\Program Files\Dragon Age\tools\GffEditor.exe:*:Enabled:Dragon Age Toolset GFF editor -- (BioWare)
"C:\Program Files\Dragon Age\tools\ErfEditor.exe" = C:\Program Files\Dragon Age\tools\ErfEditor.exe:*:Enabled:Dragon Age Toolset ERF editor -- (BioWare)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{707EB912-C597-49D8-9460-46CC9AB03EBE}" = Corel Painter Photo Essentials 4
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{16D919E6-F019-4E15-BFBE-4A85EF19DA57}" = Oblivion - Spell Tomes
"{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}" = Sound Blaster Audigy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"{2205B8AE-490E-43F2-AB43-C13C2BEC86A7}" = DDS Thumbnail Viewer
"{23D683DD-93C6-48E6-B84E-78B57778F126}" = Oblivion - Construction Set
"{24aab420-4e30-4496-9739-3e216f3de6ae}" = Python 2.6.2
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 21
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2F2E3D62-8B8C-448F-8900-451325E50948}" = Oblivion - Wizard's Tower
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3ABEBD00-299D-4DCA-967F-B912163AB5EA}" = Oblivion - Horse Armor Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}" = Oblivion - Vile Lair
"{56EC96C1-1FC1-4188-9A96-8142A2EE694F}" = Pure Networks Platform
"{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2
"{66039B36-96AE-40D1-8A32-071F7A61B738}" = Microsoft LifeChat
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2
"{707EB912-C597-49D8-9460-46CC9AB03EBE}" = Corel Painter Photo Essentials 4
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AB3A249-FB81-416B-917A-A2A10E74C503}" = iTunes
"{7F815C5F-D2A4-4173-B7C0-55A9D6F87E38}" = MobileMe Control Panel
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AC049F7-1383-45C3-9E7D-F93CA667F9E1}" = UMVPLStandalone
"{8D1BB69C-9BD7-491F-9ECB-EA2BCE1B1010}" = The Conformulator
"{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A0A20753-92DF-4631-82B4-9CACE2FCED6A}" = Oblivion - The Fighter's Stronghold
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C325F588-D6B1-4A7F-B6A2-914C75DDA348}" = Morrowind
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DB3C800B-081B-4146-B4E3-EFB5B77AA913}" = TES Construction Set
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E8AEA11B-E60A-455E-B008-E4E763604612}" = Browser Configuration Utility
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{EC425CFC-EE78-4A91-AA25-3BFA65B75364}" = Oblivion - Orrery
"{EC42ED6A-751D-45C0-A4F9-8CD00E4690FC}" = Logitech QuickCam
"{EF295F5C-7B57-47AA-8889-6B3E8E214E89}" = Oblivion - Mehrunes Razor
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FFFFFD17-B460-41EB-93F1-C48ABAD63828}" = Oblivion - Thieves Den
"1EC46BD120B0DFF33FB607971D9518CC4ADC68CB" = Windows Driver Package - Advanced Micro Devices (AmdPPM) Processor (08/10/2007 1.0.0.0)
"342C18BCBCBED6905E53C982AA36C4830D43716E" = Windows Driver Package - NVIDIA System (05/13/2005 5.1.2600.0450)
"3AB84797D160AF55A0CC9990F040AFD2E44CD3B7" = Windows Driver Package - NVIDIA (nv) Display (12/05/2007 6.14.11.6921)
"53F13DB4D9611FD63BE580F06F0729BF236ABE68" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"5820ED5B6B185D354EB99DCB0240AF46811B907C" = Windows Driver Package - NVIDIA (nv) Display (12/05/2007 6.14.11.6921)
"7-Zip" = 7-Zip 4.64
"8616D564CF16B5649AD2CCD417FAF71FF9A55845" = Windows Driver Package - NVIDIA System (06/08/2006 4.5.7)
"9B82E81C2EA3F59964ACFEA95931137ED7DE208F" = Windows Driver Package - NVIDIA System (11/09/2006 4.6.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.10
"Audacity_is1" = Audacity 1.2.6
"Blender" = Blender (remove only)
"Blender228a" = Blender 2.28a (remove only)
"BlenderNIFScripts" = Blender NIF Scripts (remove only)
"BroadJump Client Foundation" = BroadJump Client Foundation
"CCleaner" = CCleaner
"comtypes-py2.6" = Python 2.6 comtypes-0.5.2
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"DC548C3F89CE1AB445090A6F9D054CF2A31194C5" = Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (04/17/2008 5.10.0.5605)
"ED890752825526FA58235D78560583E7AB099DA1" = Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (04/17/2008 5.10.0.5605)
"eMusic Download Manager" = eMusic Download Manager 4.1.2
"ExtractNow_is1" = ExtractNow
"Eye Candy 4000" = Eye Candy 4000
"Fraps" = Fraps
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"ImageSkill Background Remover 3" = ImageSkill Background Remover 3
"InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Linksys Wireless Manager" = Linksys Wireless Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Morrowind AnimKit" = Morrowind AnimKit 2.0 (remove only)
"Mozilla Firefox (3.5.11)" = Mozilla Firefox (3.5.11)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NifSkope" = NifSkope (remove only)
"NIS" = Norton Internet Security
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Oblivion mod manager_is1" = Oblivion mod manager 1.1.12
"PIL-py2.5" = Python 2.5 PIL-1.1.6
"psyco-py2.6" = Python 2.6 psyco-1.6
"PyFFI-py2.5" = Python 2.5 PyFFI-1.2.2
"pywin32-py2.5" = Python 2.5 pywin32-212
"QcDrv" = Logitech® Camera Driver
"SpywareBlaster_is1" = SpywareBlaster 4.3
"ST6UNST #1" = Morrowind Enchanted Editor
"SysInfo" = Creative System Information
"SystemRequirementsLab" = System Requirements Lab
"TUGZip_is1" = TUGZip 3.5
"VLC media player" = VLC media player 0.9.9
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"wxPython2.8-ansi-py25_is1" = wxPython 2.8.7.1 (ansi) for Python 2.5
"Yahoo! Mail" = AT&T Yahoo! Internet Mail

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/25/2010 7:38:22 PM | Computer Name = OWNER-B21F24D4F | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> Cannot
load C:/Program Files/NVIDIA Corporation/NetworkAccessManager/Apache Group/Apache2/modules/mod_auth.so
into server: The specified module could not be found. .

Error - 6/25/2010 7:38:23 PM | Computer Name = OWNER-B21F24D4F | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

Error - 6/25/2010 7:45:07 PM | Computer Name = OWNER-B21F24D4F | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> Syntax
error on line 139 of C:/Program Files/NVIDIA Corporation/NetworkAccessManager/Apache
Group/Apache2/conf/httpd.conf: .

Error - 6/25/2010 7:45:07 PM | Computer Name = OWNER-B21F24D4F | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> Cannot
load C:/Program Files/NVIDIA Corporation/NetworkAccessManager/Apache Group/Apache2/modules/mod_auth.so
into server: The specified module could not be found. .

Error - 6/25/2010 7:45:09 PM | Computer Name = OWNER-B21F24D4F | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

Error - 6/25/2010 8:33:13 PM | Computer Name = OWNER-B21F24D4F | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> Syntax
error on line 139 of C:/Program Files/NVIDIA Corporation/NetworkAccessManager/Apache
Group/Apache2/conf/httpd.conf: .

Error - 6/25/2010 8:33:13 PM | Computer Name = OWNER-B21F24D4F | Source = SecurityCenter | ID = 1802
Description = The Windows Security Center Service was unable to establish event
queries with WMI to monitor third party AntiVirus and Firewall.

Error - 7/13/2010 11:31:42 AM | Computer Name = OWNER-B21F24D4F | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 7/13/2010 11:31:42 AM | Computer Name = OWNER-B21F24D4F | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 8/5/2010 8:56:48 PM | Computer Name = OWNER-B21F24D4F | Source = Bonjour Service | ID = 100
Description = 568: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)


< End of report >

Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, chocolate in one hand, beer in the other, totally worn out and screaming 'WOOO HOOOOO what a ride!'

#5 SpiritedTreasure

SpiritedTreasure
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:10 AM

Posted 17 August 2010 - 11:14 AM

I disconnected from the internet and disabled my Norton 2010

then ran GMER, which seemed to be scanning a lot of files.
However I got a blue screen which stated the following:

kwkyropd.sys

Page fault in non paged area

ac71ac3e at ac71a000
datestamp 4b274f8d
Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, chocolate in one hand, beer in the other, totally worn out and screaming 'WOOO HOOOOO what a ride!'

#6 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,088 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:10 PM

Posted 17 August 2010 - 11:42 AM

Hi Spirit, looks like we have indeed a few problems here.

COMBOFIX
---------------
Please download ComboFix from one of these locations:
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#7 SpiritedTreasure

SpiritedTreasure
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:10 AM

Posted 17 August 2010 - 12:32 PM

gmer is holding each Norton file for minutes..
I got fed up with waiting.

Here is what it scanned after about one hour.
Just exactly how many HOURS does Gmer take to run?

I will do these others now.

Thank you
================================

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-08-17 12:19:23
Windows 5.1.2600 Service Pack 3
Running: abrakadab.exe; Driver: C:\DOCUME~1\User\LOCALS~1\Temp\kwkyrpod.sys


---- System - GMER 1.0.15 ----

SSDT 8A32BA98 ZwAlertResumeThread
SSDT 8A1CE990 ZwAlertThread
SSDT 8A317A48 ZwAllocateVirtualMemory
SSDT 8A1E3570 ZwAssignProcessToJobObject
SSDT 8A2062E0 ZwConnectPort
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwCreateKey [0xB064D210]
SSDT 89BAB740 ZwCreateMutant
SSDT 8A26AAB8 ZwCreateSymbolicLinkObject
SSDT 8A1A14A8 ZwCreateThread
SSDT 8A167050 ZwDebugActiveProcess
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteKey [0xB064D490]
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteValueKey [0xB064D9F0]
SSDT 8A317CE0 ZwDuplicateObject
SSDT 89B9DDF8 ZwFreeVirtualMemory
SSDT 8A16A050 ZwImpersonateAnonymousToken
SSDT 8A150050 ZwImpersonateThread
SSDT 8A2BDB30 ZwLoadDriver
SSDT 89B9DC58 ZwMapViewOfSection
SSDT 897FF868 ZwOpenEvent
SSDT 8A317FC0 ZwOpenProcess
SSDT 8A38A518 ZwOpenProcessToken
SSDT 8A1A4900 ZwOpenSection
SSDT 8A317E70 ZwOpenThread
SSDT 8A3165B0 ZwProtectVirtualMemory
SSDT 8A1CEE50 ZwResumeThread
SSDT 8A26C0D0 ZwSetContextThread
SSDT 89AF1FC0 ZwSetInformationProcess
SSDT 8A16ED90 ZwSetSystemInformation
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwSetValueKey [0xB064DC40]
SSDT 8A250A38 ZwSuspendProcess
SSDT 8A294300 ZwSuspendThread
SSDT 8A19A5D8 ZwTerminateProcess
SSDT 8A247050 ZwTerminateThread
SSDT 8A1D6978 ZwUnmapViewOfSection
SSDT 8A3175F8 ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

? SYMDS.SYS The system cannot find the file specified. !
? SYMEFA.SYS The system cannot find the file specified. !
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB2D21380, 0x566445, 0xE8000020]
.text C:\WINDOWS\system32\drivers\SSHDRV85.sys section is writeable [0xB078E000, 0x24A24, 0xE8000020]
.pklstb C:\WINDOWS\system32\drivers\SSHDRV85.sys entry point in ".pklstb" section [0xB07C1000]
.relo2 C:\WINDOWS\system32\drivers\SSHDRV85.sys unknown last section [0xB07D7000, 0x8E, 0x42000040]
.text C:\WINDOWS\system32\DRIVERS\atksgt.sys section is writeable [0xAF514300, 0x3AF78, 0xE8000020]
.text C:\WINDOWS\system32\DRIVERS\lirsgt.sys section is writeable [0xB83E8300, 0x1BCE, 0xE8000020]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\Explorer.EXE[2024] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [01C22E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[2024] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [01C22C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[2024] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [01C22C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\WINDOWS\Explorer.EXE[2024] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [01C22C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\User\Desktop\abrakadab.exe[2352] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtCreateFile] [00802E70] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\User\Desktop\abrakadab.exe[2352] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [00802C30] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\User\Desktop\abrakadab.exe[2352] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtClose] [00802C50] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
IAT C:\Documents and Settings\User\Desktop\abrakadab.exe[2352] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [00802C40] C:\Program Files\Common Files\Logitech\LVMVFM\LVPrcInj.dll (Logitech Helper Library./Logitech Inc.)
=======================================

Here is what is the first quick thing it scans

===============================

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-08-17 12:20:21
Windows 5.1.2600 Service Pack 3
Running: abrakadab.exe; Driver: C:\DOCUME~1\User\LOCALS~1\Temp\kwkyrpod.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

---- EOF - GMER 1.0.15 ----


And why is it holding my Norton files for so long? Each dll for 2 or 3 minutes.
Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, chocolate in one hand, beer in the other, totally worn out and screaming 'WOOO HOOOOO what a ride!'

#8 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,088 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:10 PM

Posted 17 August 2010 - 12:33 PM

Hi, Norton has some kernel hooks to detect rootkit activity. For GMER this is very suspicious, that can be the cause for the delay in scanning.

See my previous post for instructions. smile.gif

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#9 SpiritedTreasure

SpiritedTreasure
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:10 AM

Posted 17 August 2010 - 12:55 PM

Here is the last log from Combo fix.
It wanted me online to install recovery thing and I disabled internet when I disabled Norton.
I could not get it to enable until I enabled Norton by restarting.

It's not safe for me to remain online without any protection .......

So you are saying gmer will only scan accurately without taking 14 hours if I scan in safe mode?
And what is wrong with the root kit detector that I used?

Do you still need GMER? I am pretty fed up with it at this point. I had to change the file name for it to even work without blue screening my pc.

What exactly do you see that is infecting my system on these logs?

============================================================

ComboFix 10-08-16.04 - User 08/17/2010 12:39:21.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1415 [GMT -5:00]
Running from: c:\documents and settings\User\Desktop\ComboFix.exe
AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: ActiveArmor Firewall *enabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\settings.reg
c:\windows\system32\Data

.
((((((((((((((((((((((((( Files Created from 2010-07-17 to 2010-08-17 )))))))))))))))))))))))))))))))
.

2010-08-09 23:24 . 2010-08-09 23:24 161296 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2010-08-04 17:36 . 2010-08-04 17:36 503808 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-2275285d-n\msvcp71.dll
2010-08-04 17:36 . 2010-08-04 17:36 499712 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-2275285d-n\jmc.dll
2010-08-04 17:36 . 2010-08-04 17:36 348160 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-2275285d-n\msvcr71.dll
2010-08-04 17:36 . 2010-08-04 17:36 61440 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-66f98260-n\decora-sse.dll
2010-08-04 17:36 . 2010-08-04 17:36 12800 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-66f98260-n\decora-d3d.dll
2010-07-24 15:52 . 2010-07-24 15:52 -------- d-----w- c:\program files\Common Files\Java
2010-07-20 02:00 . 2008-04-14 08:04 29311 -c--a-w- c:\windows\system32\dllcache\watv01nt.sys
2010-07-20 01:59 . 2001-08-17 23:53 7040 -c--a-w- c:\windows\system32\dllcache\snyaitmc.sys
2010-07-20 01:58 . 2001-08-17 23:51 19584 -c--a-w- c:\windows\system32\dllcache\rasirda.sys
2010-07-20 01:57 . 2008-04-14 09:53 126686 -c--a-w- c:\windows\system32\dllcache\mtlmnt5.sys
2010-07-20 01:56 . 2001-08-18 08:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2010-07-20 01:55 . 2008-04-14 15:41 32285 -c--a-w- c:\windows\system32\dllcache\hsfcisp2.dll
2010-07-20 01:54 . 2001-08-18 08:36 61952 -c--a-w- c:\windows\system32\dllcache\eqnloop.exe
2010-07-20 01:53 . 2001-08-17 23:51 6656 -c--a-w- c:\windows\system32\dllcache\cmdide.sys
2010-07-20 01:52 . 2001-08-18 00:56 342336 -c--a-w- c:\windows\system32\dllcache\banshee.dll
2010-07-20 01:51 . 2001-08-18 00:56 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-07-20 00:40 . 2010-07-20 00:40 -------- d-----w- c:\documents and settings\User\Application Data\Malwarebytes
2010-07-20 00:40 . 2010-04-29 20:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-20 00:40 . 2010-07-20 00:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-07-20 00:40 . 2010-04-29 20:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-20 00:40 . 2010-07-20 00:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-17 15:21 . 2009-01-14 00:45 -------- d-----w- c:\documents and settings\User\Application Data\Skype
2010-08-17 13:31 . 2009-01-14 00:46 -------- d-----w- c:\documents and settings\User\Application Data\skypePM
2010-08-17 12:07 . 2009-01-27 21:12 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2010-08-17 12:07 . 2009-01-27 21:12 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2010-08-14 14:02 . 2009-01-05 00:27 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-08-14 14:02 . 2009-01-05 00:27 -------- d-----w- c:\program files\SpywareBlaster
2010-08-08 12:57 . 2010-03-05 20:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-08-04 01:29 . 2009-09-01 16:32 -------- d-----w- c:\program files\Electronic Arts
2010-08-03 22:17 . 2009-01-05 00:24 -------- d-----w- c:\program files\CCleaner
2010-08-03 19:04 . 2009-06-25 17:09 -------- d-----w- c:\program files\Panda Security
2010-08-02 16:33 . 2009-01-04 19:48 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-28 13:14 . 2009-02-10 01:05 -------- d-----w- c:\program files\Bethesda Softworks
2010-07-24 15:59 . 2009-01-04 21:01 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-24 15:51 . 2010-05-02 12:40 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-24 15:48 . 2009-03-10 14:00 -------- d-----w- c:\program files\Java
2010-07-15 12:17 . 2009-01-04 22:05 -------- d-----w- c:\program files\Common Files\Motive
2010-07-14 21:17 . 2010-04-06 14:14 -------- d-----w- c:\program files\QuickTime
2010-07-06 23:39 . 2010-02-02 20:16 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-06-30 12:31 . 2008-04-14 10:42 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-26 01:58 . 2009-01-04 19:47 -------- d-----w- c:\program files\NVIDIA Corporation
2010-06-26 01:58 . 2009-02-07 03:15 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-06-26 00:33 . 2010-03-05 20:38 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-06-25 23:35 . 2010-06-25 22:57 -------- d-----w- c:\program files\VDMSound
2010-06-24 12:22 . 2008-04-14 10:42 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-23 15:00 . 2010-05-02 16:15 -------- d-----w- c:\program files\iTunes
2010-06-23 14:59 . 2010-06-23 14:59 -------- d-----w- c:\program files\iPod
2010-06-23 14:59 . 2009-01-06 15:28 -------- d-----w- c:\program files\Common Files\Apple
2010-06-23 14:55 . 2010-06-23 14:55 -------- d-----w- c:\program files\Bonjour
2010-06-23 14:53 . 2010-06-23 14:53 72504 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.2.0.61\SetupAdmin.exe
2010-06-23 13:44 . 2008-04-14 06:00 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2008-04-14 05:45 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2008-04-14 10:41 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2009-01-03 18:24 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:41 . 2008-04-14 10:42 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-04 17:29 . 2010-06-04 17:29 71992 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe
2010-06-01 13:51 . 2009-01-06 12:53 174972 ---ha-w- c:\windows\system32\mlfcache.dat
2010-05-26 19:07 . 2010-05-26 19:07 503808 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3a6033fb-n\msvcp71.dll
2010-05-26 19:07 . 2010-05-26 19:07 499712 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3a6033fb-n\jmc.dll
2010-05-26 19:07 . 2010-05-26 19:07 348160 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3a6033fb-n\msvcr71.dll
2010-05-26 19:07 . 2010-05-26 19:07 61440 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-30f93d61-n\decora-sse.dll
2010-05-26 19:07 . 2010-05-26 19:07 12800 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-30f93d61-n\decora-d3d.dll
2010-05-20 18:59 . 2010-05-20 18:59 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-05-20 18:59 . 2010-05-20 18:59 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
.

------- Sigcheck -------

[-] 2008-05-27 . 57FF046BF5F22B29AEE0177449139565 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2002-09-11 368706]
"LogitechCommunicationsManager"="c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-06-26 497200]
"LVCOMSX"="c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-06-26 243248]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"P17Helper"="P17.dll" [2005-05-03 64512]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-06-15 47408]
"RTHDCPL"="RTHDCPL.EXE" [2009-01-13 18084864]
"Corel File Shell Monitor"="c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [2008-08-08 16712]
"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-12-13 642856]
"Linksys Wireless Manager"="c:\program files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe" [2009-02-15 1358384]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-04 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-04 13670504]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2009-03-08 128512]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AT&T Self Support Tool.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\AT&T Self Support Tool.lnk
backup=c:\windows\pss\AT&T Self Support Tool.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
1 [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 09:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeChat]
2008-08-21 17:16 267296 ----a-w- c:\program files\Microsoft LifeChat\LifeChat.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
2006-06-26 16:34 614960 ----a-w- c:\program files\Logitech\QuickCam10\QuickCam10.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
2005-08-24 13:51 442455 ----a-w- c:\progra~1\SBCSEL~1\SMARTB~1\MotiveSB.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-18 02:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 16:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\eMusic Download Manager\\xulrunner\\xulrunner.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Linksys\\Linksys Wireless Manager\\LinksysWirelessManager.exe"=
"c:\\Program Files\\Dragon Age\\bin_ship\\daorigins.exe"=
"c:\\Program Files\\Dragon Age\\DAOriginsLauncher.exe"=
"c:\\Program Files\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"=
"c:\\Program Files\\Dragon Age\\tools\\GffEditor.exe"=
"c:\\Program Files\\Dragon Age\\tools\\ErfEditor.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1107000.00C\symds.sys [5/25/2010 11:48 AM 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1107000.00C\symefa.sys [5/25/2010 11:48 AM 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\BASHDefs\20100719.001\BHDrvx86.sys [7/19/2010 6:28 PM 692272]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1107000.00C\cchpx86.sys [5/25/2010 11:48 AM 501888]
R1 SSHDRV85;SSHDRV85;c:\windows\system32\drivers\SSHDRV85.sys [3/17/2009 2:08 PM 78848]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1107000.00C\ironx86.sys [5/25/2010 11:48 AM 116784]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe [5/25/2010 11:48 AM 126392]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [7/19/2010 12:48 PM 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\IPSDefs\20100813.004\IDSXpx86.sys [8/14/2010 6:22 AM 331640]
S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [1/4/2009 1:37 PM 20160]
S3 AWEAlloc;AWE Memory Allocation Driver;c:\windows\system32\DRIVERS\awealloc.sys --> c:\windows\system32\DRIVERS\awealloc.sys [?]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [12/15/2009 3:07 PM 25832]
.
Contents of the 'Scheduled Tasks' folder

2010-07-20 c:\windows\Tasks\Norton Internet Security - User - Full System Scan.job
- c:\program files\Norton Internet Security\Engine\17.7.0.12\navw32.exe [2010-05-25 05:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.hyperchat.com/
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
Trusted Zone: motive.com\pattta.att
Trusted Zone: motive.com\patttbc.att
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\zrmh9chn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.hyperchat.com/
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: c:\program files\eMusic Download Manager\plugin\npemusic.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-ATT-SST - c:\program files\ATT-SST\McciBrowser.exe
HKLM-Run-ATT-SST_McciTrayApp - c:\program files\ATT-SST\McciTrayApp.exe
HKLM-Run-nwiz - nwiz.exe
AddRemove-_{707EB912-C597-49D8-9460-46CC9AB03EBE} - c:\program files\Corel\Corel Painter Photo Essentials 4\MSILauncher {707EB912-C597-49D8-9460-46CC9AB03EBE}



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-17 12:43
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\17.7.0.12\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-57989841-1770027372-1801674531-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:77,2f,1b,cb,e3,24,74,23,fc,4c,5c,87,2f,d0,f9,81,40,2b,db,9d,b4,9d,fe,
89,16,a2,71,f2,8c,1a,6b,ac,2a,0e,6f,cc,d8,08,fc,cf,05,78,39,ff,62,79,13,f2,\
"??"=hex:69,6f,5c,46,6a,89,f9,ee,2d,48,e0,10,87,42,1e,12

[HKEY_USERS\S-1-5-21-57989841-1770027372-1801674531-1005\Software\SecuROM\License information*]
"datasecu"=hex:7c,86,b6,2e,9d,2d,c2,e7,ce,38,63,db,da,2e,28,fa,3d,8c,61,37,ae,
aa,cf,36,3f,95,57,81,25,16,7b,6f,51,9a,08,29,02,0b,2d,c7,57,bc,5a,75,65,c7,\
"rkeysecu"=hex:82,c3,15,4f,bb,1d,3b,7f,84,f5,53,93,76,d6,d1,ff
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(1040)
c:\windows\system32\nvappfilter.dll
.
Completion time: 2010-08-17 12:46:12
ComboFix-quarantined-files.txt 2010-08-17 17:46

Pre-Run: 186,272,718,848 bytes free
Post-Run: 186,235,252,736 bytes free

- - End Of File - - 3458FEB0E559EB13F3C328DD592A132B

Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, chocolate in one hand, beer in the other, totally worn out and screaming 'WOOO HOOOOO what a ride!'

#10 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,088 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:10 PM

Posted 17 August 2010 - 01:15 PM

Hello again,
QUOTE
So you are saying gmer will only scan accurately without taking 14 hours if I scan in safe mode?
And what is wrong with the root kit detector that I used?
No, what I trying to say was, this is quite normal. For now, no more need for GMER. GMER scans for rootkit, but cannot make a distinction between good files hooking up the kernel and bad files doing the same.

Please click Start > Run, type sfc /scannow and press enter. Let the system file checker run unhindered. Note - you may be prompted for your XP CD.

Once done, please rerun Combofix and post me the new log.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#11 SpiritedTreasure

SpiritedTreasure
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:10 AM

Posted 17 August 2010 - 01:26 PM

I ask again:

What have you found on my computer?

off for more scanning.
Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, chocolate in one hand, beer in the other, totally worn out and screaming 'WOOO HOOOOO what a ride!'

#12 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,088 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:10 PM

Posted 17 August 2010 - 01:33 PM

Hi, sorry I forgot to answer that question. smile.gif

You had not so much an active infection, as a few leftovers that could create more problems. The most important from them was the fact that your Security Center could not turn on, which can leave your computer vulnerable to malware.

I'll wait for the new log.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#13 SpiritedTreasure

SpiritedTreasure
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:10 AM

Posted 17 August 2010 - 01:58 PM

First, thank you for being so patient and articulate with a worried old woman!


What next? =s=
================================

ComboFix 10-08-17.01 - User 08/17/2010 13:48:17.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1265 [GMT -5:00]
Running from: c:\documents and settings\User\Desktop\ComboFix.exe
AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: ActiveArmor Firewall *enabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((( Files Created from 2010-07-17 to 2010-08-17 )))))))))))))))))))))))))))))))
.

2010-08-17 18:29 . 2010-08-17 18:42 -------- d-----w- c:\windows\LastGood
2010-08-09 23:24 . 2010-08-09 23:24 161296 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2010-08-04 17:36 . 2010-08-04 17:36 503808 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-2275285d-n\msvcp71.dll
2010-08-04 17:36 . 2010-08-04 17:36 499712 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-2275285d-n\jmc.dll
2010-08-04 17:36 . 2010-08-04 17:36 348160 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-2275285d-n\msvcr71.dll
2010-08-04 17:36 . 2010-08-04 17:36 61440 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-66f98260-n\decora-sse.dll
2010-08-04 17:36 . 2010-08-04 17:36 12800 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-66f98260-n\decora-d3d.dll
2010-07-24 15:52 . 2010-07-24 15:52 -------- d-----w- c:\program files\Common Files\Java
2010-07-20 02:00 . 2008-04-14 08:04 29311 -c--a-w- c:\windows\system32\dllcache\watv01nt.sys
2010-07-20 01:59 . 2001-08-17 23:53 7040 -c--a-w- c:\windows\system32\dllcache\snyaitmc.sys
2010-07-20 01:58 . 2001-08-17 23:51 19584 -c--a-w- c:\windows\system32\dllcache\rasirda.sys
2010-07-20 01:57 . 2008-04-14 09:53 126686 -c--a-w- c:\windows\system32\dllcache\mtlmnt5.sys
2010-07-20 01:56 . 2001-08-18 08:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2010-07-20 01:55 . 2008-04-14 15:41 32285 -c--a-w- c:\windows\system32\dllcache\hsfcisp2.dll
2010-07-20 01:54 . 2001-08-18 08:36 61952 -c--a-w- c:\windows\system32\dllcache\eqnloop.exe
2010-07-20 01:53 . 2001-08-17 23:51 6656 -c--a-w- c:\windows\system32\dllcache\cmdide.sys
2010-07-20 01:52 . 2001-08-18 00:56 342336 -c--a-w- c:\windows\system32\dllcache\banshee.dll
2010-07-20 01:51 . 2001-08-18 00:56 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-07-20 00:40 . 2010-07-20 00:40 -------- d-----w- c:\documents and settings\User\Application Data\Malwarebytes
2010-07-20 00:40 . 2010-04-29 20:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-20 00:40 . 2010-07-20 00:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-07-20 00:40 . 2010-04-29 20:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-20 00:40 . 2010-07-20 00:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-17 15:21 . 2009-01-14 00:45 -------- d-----w- c:\documents and settings\User\Application Data\Skype
2010-08-17 13:31 . 2009-01-14 00:46 -------- d-----w- c:\documents and settings\User\Application Data\skypePM
2010-08-17 12:07 . 2009-01-27 21:12 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2010-08-17 12:07 . 2009-01-27 21:12 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2010-08-14 14:02 . 2009-01-05 00:27 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-08-14 14:02 . 2009-01-05 00:27 -------- d-----w- c:\program files\SpywareBlaster
2010-08-08 12:57 . 2010-03-05 20:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-08-04 01:29 . 2009-09-01 16:32 -------- d-----w- c:\program files\Electronic Arts
2010-08-03 22:17 . 2009-01-05 00:24 -------- d-----w- c:\program files\CCleaner
2010-08-03 19:04 . 2009-06-25 17:09 -------- d-----w- c:\program files\Panda Security
2010-08-02 16:33 . 2009-01-04 19:48 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-28 13:14 . 2009-02-10 01:05 -------- d-----w- c:\program files\Bethesda Softworks
2010-07-24 15:59 . 2009-01-04 21:01 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-24 15:51 . 2010-05-02 12:40 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-24 15:48 . 2009-03-10 14:00 -------- d-----w- c:\program files\Java
2010-07-15 12:17 . 2009-01-04 22:05 -------- d-----w- c:\program files\Common Files\Motive
2010-07-14 21:17 . 2010-04-06 14:14 -------- d-----w- c:\program files\QuickTime
2010-07-06 23:39 . 2010-02-02 20:16 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-06-30 12:31 . 2008-04-14 10:42 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-26 01:58 . 2009-01-04 19:47 -------- d-----w- c:\program files\NVIDIA Corporation
2010-06-26 01:58 . 2009-02-07 03:15 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-06-26 00:33 . 2010-03-05 20:38 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-06-25 23:35 . 2010-06-25 22:57 -------- d-----w- c:\program files\VDMSound
2010-06-24 12:22 . 2008-04-14 10:42 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-23 15:00 . 2010-05-02 16:15 -------- d-----w- c:\program files\iTunes
2010-06-23 14:59 . 2010-06-23 14:59 -------- d-----w- c:\program files\iPod
2010-06-23 14:59 . 2009-01-06 15:28 -------- d-----w- c:\program files\Common Files\Apple
2010-06-23 14:55 . 2010-06-23 14:55 -------- d-----w- c:\program files\Bonjour
2010-06-23 14:53 . 2010-06-23 14:53 72504 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.2.0.61\SetupAdmin.exe
2010-06-23 13:44 . 2008-04-14 06:00 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2008-04-14 05:45 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2008-04-14 10:41 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2009-01-03 18:24 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:41 . 2008-04-14 10:42 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-04 17:29 . 2010-06-04 17:29 71992 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe
2010-06-01 13:51 . 2009-01-06 12:53 174972 ---ha-w- c:\windows\system32\mlfcache.dat
2010-05-26 19:07 . 2010-05-26 19:07 503808 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3a6033fb-n\msvcp71.dll
2010-05-26 19:07 . 2010-05-26 19:07 499712 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3a6033fb-n\jmc.dll
2010-05-26 19:07 . 2010-05-26 19:07 348160 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3a6033fb-n\msvcr71.dll
2010-05-26 19:07 . 2010-05-26 19:07 61440 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-30f93d61-n\decora-sse.dll
2010-05-26 19:07 . 2010-05-26 19:07 12800 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-30f93d61-n\decora-d3d.dll
2010-05-20 18:59 . 2010-05-20 18:59 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-05-20 18:59 . 2010-05-20 18:59 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
.

------- Sigcheck -------

[-] 2008-05-27 . 57FF046BF5F22B29AEE0177449139565 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-08-17_17.44.19 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-08-17 17:49 . 2010-08-17 17:49 16384 c:\windows\Temp\Perflib_Perfdata_e8.dat
+ 2010-08-17 17:48 . 2010-08-17 17:48 16384 c:\windows\Temp\Perflib_Perfdata_79c.dat
+ 2004-08-12 14:03 . 2010-08-17 17:52 71264 c:\windows\system32\perfc009.dat
- 2004-08-12 14:03 . 2010-08-17 17:29 71264 c:\windows\system32\perfc009.dat
+ 2010-08-17 18:42 . 2001-08-18 08:36 23040 c:\windows\LastGood\system32\dllcache\xrxwbtmp.dll
+ 2010-08-17 18:42 . 2008-04-14 15:42 18944 c:\windows\LastGood\system32\dllcache\xrxscnui.dll
+ 2010-08-17 18:42 . 2001-08-18 08:37 27648 c:\windows\LastGood\system32\dllcache\xrxftplt.exe
+ 2010-08-17 18:42 . 2001-08-18 08:37 99865 c:\windows\LastGood\system32\dllcache\xlog.exe
+ 2010-08-17 18:41 . 2001-08-17 22:11 16970 c:\windows\LastGood\system32\dllcache\xem336n5.sys
+ 2010-08-17 18:41 . 2008-04-14 08:04 19455 c:\windows\LastGood\system32\dllcache\wvchntxx.sys
+ 2010-08-17 18:41 . 2008-04-14 08:04 12063 c:\windows\LastGood\system32\dllcache\wsiintxx.sys
+ 2010-08-17 18:41 . 2001-08-17 22:12 34890 c:\windows\LastGood\system32\dllcache\wlandrv2.sys
+ 2010-08-17 18:41 . 2001-08-18 08:36 53760 c:\windows\LastGood\system32\dllcache\wiamsmud.dll
+ 2010-08-17 18:41 . 2001-08-18 08:36 87040 c:\windows\LastGood\system32\dllcache\wiafbdrv.dll
+ 2010-08-17 18:41 . 2006-02-28 12:00 31232 c:\windows\LastGood\system32\dllcache\weitekp9.sys
+ 2010-08-17 18:41 . 2006-02-28 12:00 41600 c:\windows\LastGood\system32\dllcache\weitekp9.dll
+ 2010-08-17 18:41 . 2008-04-14 08:04 23615 c:\windows\LastGood\system32\dllcache\wch7xxnt.sys
+ 2010-08-17 18:41 . 2008-04-14 10:15 31744 c:\windows\LastGood\system32\dllcache\wceusbsh.sys
+ 2010-08-17 18:41 . 2001-08-17 22:10 35871 c:\windows\LastGood\system32\dllcache\wbfirdma.sys
+ 2010-08-17 18:41 . 2008-04-14 08:04 25471 c:\windows\LastGood\system32\dllcache\watv10nt.sys
+ 2010-08-17 18:41 . 2008-04-14 08:04 22271 c:\windows\LastGood\system32\dllcache\watv06nt.sys
+ 2010-08-17 18:41 . 2008-04-14 08:04 33599 c:\windows\LastGood\system32\dllcache\watv04nt.sys
+ 2010-08-17 18:41 . 2008-04-14 08:04 19551 c:\windows\LastGood\system32\dllcache\watv02nt.sys
+ 2010-08-17 18:41 . 2008-04-14 08:04 29311 c:\windows\LastGood\system32\dllcache\watv01nt.sys
+ 2010-08-17 18:41 . 2008-04-14 08:04 11935 c:\windows\LastGood\system32\dllcache\wadv11nt.sys
+ 2010-08-17 18:41 . 2008-04-14 08:04 11871 c:\windows\LastGood\system32\dllcache\wadv09nt.sys
+ 2010-08-17 18:41 . 2008-04-14 08:04 11295 c:\windows\LastGood\system32\dllcache\wadv08nt.sys
+ 2010-08-17 18:41 . 2008-04-14 08:04 11807 c:\windows\LastGood\system32\dllcache\wadv07nt.sys
+ 2010-08-17 18:41 . 2008-04-14 08:04 11775 c:\windows\LastGood\system32\dllcache\wadv05nt.sys
+ 2010-08-17 18:41 . 2008-04-14 08:04 12127 c:\windows\LastGood\system32\dllcache\wadv02nt.sys
+ 2010-08-17 18:41 . 2008-04-14 08:04 12415 c:\windows\LastGood\system32\dllcache\wadv01nt.sys
+ 2010-08-17 18:41 . 2008-04-14 10:13 14208 c:\windows\LastGood\system32\dllcache\wacompen.sys
+ 2010-08-17 18:41 . 2001-08-17 22:13 16925 c:\windows\LastGood\system32\dllcache\w940nd.sys
+ 2010-08-17 18:41 . 2001-08-17 22:13 19016 c:\windows\LastGood\system32\dllcache\w926nd.sys
+ 2010-08-17 18:41 . 2001-08-17 22:13 19528 c:\windows\LastGood\system32\dllcache\w840nd.sys
+ 2010-08-17 18:41 . 2006-02-28 12:00 48256 c:\windows\LastGood\system32\dllcache\w32.dll
+ 2010-08-17 18:41 . 2001-08-17 23:28 64605 c:\windows\LastGood\system32\dllcache\vvoice.sys
+ 2010-08-17 18:41 . 2008-04-14 10:41 86073 c:\windows\LastGood\system32\dllcache\voicesub.dll
+ 2010-08-17 18:41 . 2001-08-17 23:49 24576 c:\windows\LastGood\system32\dllcache\viairda.sys
+ 2010-08-17 18:41 . 2008-04-14 10:06 42240 c:\windows\LastGood\system32\dllcache\viaagp.sys
+ 2010-08-17 18:41 . 2008-04-14 15:42 11325 c:\windows\LastGood\system32\dllcache\vchnt5.dll
+ 2010-08-17 18:40 . 2008-04-14 10:15 20608 c:\windows\LastGood\system32\dllcache\usbuhci.sys
+ 2010-08-17 18:40 . 2008-04-14 10:15 26112 c:\windows\LastGood\system32\dllcache\usbser.sys
+ 2010-08-17 18:40 . 2008-04-14 10:26 12800 c:\windows\LastGood\system32\dllcache\usb8023x.sys
+ 2010-08-17 18:40 . 2008-04-14 08:05 32384 c:\windows\LastGood\system32\dllcache\usb101et.sys
+ 2010-08-17 18:40 . 2008-04-14 10:41 76288 c:\windows\LastGood\system32\dllcache\uniime.dll
+ 2010-08-17 18:40 . 2001-08-18 08:36 94720 c:\windows\LastGood\system32\dllcache\umaxud32.dll
+ 2010-08-17 18:40 . 2001-08-18 08:36 28160 c:\windows\LastGood\system32\dllcache\umaxu40.dll
+ 2010-08-17 18:40 . 2001-08-18 08:36 26624 c:\windows\LastGood\system32\dllcache\umaxu22.dll
+ 2010-08-17 18:40 . 2001-08-18 08:36 69632 c:\windows\LastGood\system32\dllcache\umaxu12.dll
+ 2010-08-17 18:40 . 2001-08-18 08:36 50688 c:\windows\LastGood\system32\dllcache\umaxscan.dll
+ 2010-08-17 18:40 . 2001-08-17 23:58 22912 c:\windows\LastGood\system32\dllcache\umaxpcls.sys
+ 2010-08-17 18:40 . 2001-08-18 08:36 50176 c:\windows\LastGood\system32\dllcache\umaxp60.dll
+ 2010-08-17 18:40 . 2001-08-18 08:36 47616 c:\windows\LastGood\system32\dllcache\umaxcam.dll
+ 2010-08-17 18:40 . 2001-08-17 23:52 36736 c:\windows\LastGood\system32\dllcache\ultra.sys
+ 2010-08-17 18:40 . 2008-04-14 10:06 44672 c:\windows\LastGood\system32\dllcache\uagp35.sys
+ 2010-08-17 18:40 . 2001-08-17 23:48 11520 c:\windows\LastGood\system32\dllcache\twotrack.sys
+ 2010-08-17 18:40 . 2006-02-28 12:00 14336 c:\windows\LastGood\system32\dllcache\tsprof.exe
+ 2010-08-17 18:40 . 2001-08-17 22:12 34375 c:\windows\LastGood\system32\dllcache\tpro4.sys
+ 2010-08-17 18:40 . 2001-08-18 08:35 42496 c:\windows\LastGood\system32\dllcache\tp4res.dll
+ 2010-08-17 18:40 . 2008-04-14 15:42 82944 c:\windows\LastGood\system32\dllcache\tp4mon.exe
+ 2010-08-17 18:40 . 2001-08-18 08:36 31744 c:\windows\LastGood\system32\dllcache\tp4.dll
+ 2010-08-17 18:40 . 2001-08-17 22:10 28232 c:\windows\LastGood\system32\dllcache\tos4mo.sys
+ 2010-08-17 18:40 . 2008-04-14 10:41 10240 c:\windows\LastGood\system32\dllcache\tmigrate.dll
+ 2010-08-17 18:40 . 2006-02-28 12:00 44032 c:\windows\LastGood\system32\dllcache\tintlphr.exe
+ 2010-08-17 18:40 . 2001-08-18 00:56 81408 c:\windows\LastGood\system32\dllcache\tgiul50.dll
+ 2010-08-17 18:40 . 2006-02-28 12:00 19464 c:\windows\LastGood\system32\dllcache\tdspx.sys
+ 2010-08-17 18:40 . 2001-08-17 22:13 17129 c:\windows\LastGood\system32\dllcache\tdkcd31.sys
+ 2010-08-17 18:40 . 2001-08-17 22:13 37961 c:\windows\LastGood\system32\dllcache\tdk100b.sys
+ 2010-08-17 18:40 . 2006-02-28 12:00 21896 c:\windows\LastGood\system32\dllcache\tdipx.sys
+ 2010-08-17 18:40 . 2006-02-28 12:00 13192 c:\windows\LastGood\system32\dllcache\tdasync.sys
+ 2010-08-17 18:30 . 2003-03-24 21:52 16384 c:\windows\LastGood\system32\dllcache\tcptsat.dll
+ 2010-08-17 18:30 . 2003-03-24 21:52 32827 c:\windows\LastGood\system32\dllcache\tcptest.exe
+ 2010-08-17 18:40 . 2001-08-17 23:49 30464 c:\windows\LastGood\system32\dllcache\tbatm155.sys
+ 2010-08-17 18:40 . 2001-08-17 22:50 36640 c:\windows\LastGood\system32\dllcache\t2r4mini.sys
+ 2010-08-17 18:40 . 2001-08-18 00:07 32640 c:\windows\LastGood\system32\dllcache\symc8xx.sys
+ 2010-08-17 18:40 . 2001-08-18 00:07 16256 c:\windows\LastGood\system32\dllcache\symc810.sys
+ 2010-08-17 18:40 . 2001-08-18 00:07 30688 c:\windows\LastGood\system32\dllcache\sym_u3.sys
+ 2010-08-17 18:40 . 2001-08-18 00:07 28384 c:\windows\LastGood\system32\dllcache\sym_hi.sys
+ 2010-08-17 18:40 . 2001-08-18 08:36 94293 c:\windows\LastGood\system32\dllcache\sxports.dll
+ 2010-08-17 18:40 . 2001-08-18 08:36 10240 c:\windows\LastGood\system32\dllcache\swpidflt.dll
+ 2010-08-17 18:40 . 2001-08-18 08:36 10240 c:\windows\LastGood\system32\dllcache\swpdflt2.dll
+ 2010-08-17 18:40 . 2001-08-18 08:36 53760 c:\windows\LastGood\system32\dllcache\sw_wheel.dll
+ 2010-08-17 18:40 . 2001-08-18 08:36 41472 c:\windows\LastGood\system32\dllcache\sw_effct.dll
+ 2010-08-17 18:40 . 2001-08-18 08:36 53248 c:\windows\LastGood\system32\dllcache\stlncoin.dll
+ 2010-08-17 18:40 . 2001-08-17 23:51 16896 c:\windows\LastGood\system32\dllcache\stcusb.sys
+ 2010-08-17 18:40 . 2001-08-17 22:11 48736 c:\windows\LastGood\system32\dllcache\srwlnd5.sys
+ 2010-08-17 18:40 . 2001-08-18 08:36 99328 c:\windows\LastGood\system32\dllcache\srusd.dll
+ 2010-08-17 18:40 . 2001-08-18 08:36 24660 c:\windows\LastGood\system32\dllcache\spxupchk.dll
+ 2010-08-17 18:40 . 2001-08-17 23:51 61824 c:\windows\LastGood\system32\dllcache\speed.sys
+ 2010-08-17 18:40 . 2001-08-18 00:07 19072 c:\windows\LastGood\system32\dllcache\sparrow.sys
+ 2010-08-17 18:39 . 2001-08-17 22:51 37040 c:\windows\LastGood\system32\dllcache\sonypi.sys
+ 2010-08-17 18:39 . 2001-08-17 22:51 20752 c:\windows\LastGood\system32\dllcache\sonync.sys
+ 2010-08-17 18:39 . 2008-04-14 10:42 39936 c:\windows\LastGood\system32\dllcache\snmpthrd.dll
+ 2010-08-17 18:39 . 2006-02-28 12:00 10240 c:\windows\LastGood\system32\dllcache\snmpstup.dll
+ 2010-08-17 18:39 . 2008-04-14 10:42 33280 c:\windows\LastGood\system32\dllcache\snmp.exe
+ 2010-08-17 18:39 . 2001-08-17 22:51 58368 c:\windows\LastGood\system32\dllcache\smiminib.sys
+ 2010-08-17 18:39 . 2006-02-28 12:00 15872 c:\windows\LastGood\system32\dllcache\smierrsm.dll
+ 2010-08-17 18:39 . 2001-08-17 22:12 25034 c:\windows\LastGood\system32\dllcache\smcpwr2n.sys
+ 2010-08-17 18:39 . 2001-08-17 22:10 35913 c:\windows\LastGood\system32\dllcache\smcirda.sys
+ 2010-08-17 18:39 . 2001-08-17 22:12 24576 c:\windows\LastGood\system32\dllcache\smc8000n.sys
+ 2010-08-17 18:39 . 2008-04-14 10:06 16000 c:\windows\LastGood\system32\dllcache\smbbatt.sys
+ 2010-08-17 18:39 . 2006-02-28 12:00 31744 c:\windows\LastGood\system32\dllcache\smb6w.dll
+ 2010-08-17 18:39 . 2001-08-18 08:36 45568 c:\windows\LastGood\system32\dllcache\smb3w.dll
+ 2010-08-17 18:39 . 2001-08-18 08:36 33792 c:\windows\LastGood\system32\dllcache\smb0w.dll
+ 2010-08-17 18:39 . 2006-02-28 12:00 31744 c:\windows\LastGood\system32\dllcache\sma3w.dll
+ 2010-08-17 18:39 . 2001-08-18 08:36 28672 c:\windows\LastGood\system32\dllcache\sma0w.dll
+ 2010-08-17 18:39 . 2006-02-28 12:00 38912 c:\windows\LastGood\system32\dllcache\sm9aw.dll
+ 2010-08-17 18:39 . 2006-02-28 12:00 26624 c:\windows\LastGood\system32\dllcache\sm93w.dll
+ 2010-08-17 18:39 . 2006-02-28 12:00 26624 c:\windows\LastGood\system32\dllcache\sm92w.dll
+ 2010-08-17 18:39 . 2001-08-18 08:36 28160 c:\windows\LastGood\system32\dllcache\sm91w.dll
+ 2010-08-17 18:39 . 2006-02-28 12:00 26112 c:\windows\LastGood\system32\dllcache\sm90w.dll
+ 2010-08-17 18:39 . 2006-02-28 12:00 26112 c:\windows\LastGood\system32\dllcache\sm8dw.dll
+ 2010-08-17 18:39 . 2006-02-28 12:00 29184 c:\windows\LastGood\system32\dllcache\sm8cw.dll
+ 2010-08-17 18:39 . 2006-02-28 12:00 26112 c:\windows\LastGood\system32\dllcache\sm8aw.dll
+ 2010-08-17 18:39 . 2006-02-28 12:00 26112 c:\windows\LastGood\system32\dllcache\sm89w.dll
+ 2010-08-17 18:39 . 2006-02-28 12:00 30208 c:\windows\LastGood\system32\dllcache\sm87w.dll
+ 2010-08-17 18:39 . 2006-02-28 12:00 30208 c:\windows\LastGood\system32\dllcache\sm81w.dll
+ 2010-08-17 18:39 . 2006-02-28 12:00 25088 c:\windows\LastGood\system32\dllcache\sm59w.dll
+ 2010-08-17 18:39 . 2008-04-14 09:53 13240 c:\windows\LastGood\system32\dllcache\slwdmsup.sys
+ 2010-08-17 18:39 . 2008-04-14 15:42 73796 c:\windows\LastGood\system32\dllcache\slserv.exe
+ 2010-08-17 18:39 . 2008-04-14 15:42 32866 c:\windows\LastGood\system32\dllcache\slrundll.exe
+ 2010-08-17 18:39 . 2008-04-14 09:53 95424 c:\windows\LastGood\system32\dllcache\slnthal.sys
+ 2010-08-17 18:39 . 2008-04-14 15:42 73832 c:\windows\LastGood\system32\dllcache\slcoinst.dll
+ 2010-08-17 18:39 . 2008-04-14 08:05 63547 c:\windows\LastGood\system32\dllcache\sla30nd5.sys
+ 2010-08-17 18:39 . 2001-08-17 22:12 91294 c:\windows\LastGood\system32\dllcache\skfpwin.sys
+ 2010-08-17 18:39 . 2001-08-17 22:12 94698 c:\windows\LastGood\system32\dllcache\sk98xwin.sys
+ 2010-08-17 18:39 . 2001-08-17 22:50 50432 c:\windows\LastGood\system32\dllcache\sisv.sys
+ 2010-08-17 18:39 . 2008-04-14 08:05 32768 c:\windows\LastGood\system32\dllcache\sisnic.sys
+ 2010-08-17 18:39 . 2008-04-14 10:06 40960 c:\windows\LastGood\system32\dllcache\sisagp.sys
+ 2010-08-17 18:39 . 2001-08-17 22:50 68608 c:\windows\LastGood\system32\dllcache\sis6306p.sys
+ 2010-08-17 18:39 . 2006-02-28 12:00 18944 c:\windows\LastGood\system32\dllcache\simptcp.dll
+ 2010-08-17 18:30 . 2003-03-24 21:52 16437 c:\windows\LastGood\system32\dllcache\shtml.exe
+ 2010-08-17 18:30 . 2003-03-24 21:52 20536 c:\windows\LastGood\system32\dllcache\shtml.dll
+ 2010-08-17 18:39 . 2001-07-22 00:29 18400 c:\windows\LastGood\system32\dllcache\sgsmld.sys
+ 2010-08-17 18:39 . 2001-08-17 22:51 98080 c:\windows\LastGood\system32\dllcache\sgiulnt5.sys
+ 2010-08-17 18:39 . 2001-08-17 22:19 36480 c:\windows\LastGood\system32\dllcache\sfmanm.sys
+ 2010-08-17 18:39 . 2001-08-17 23:48 17664 c:\windows\LastGood\system32\dllcache\sermouse.sys
+ 2010-08-17 18:39 . 2008-04-14 10:15 11520 c:\windows\LastGood\system32\dllcache\scsiscan.sys
+ 2010-08-17 18:39 . 2001-08-17 23:52 11648 c:\windows\LastGood\system32\dllcache\scsiprnt.sys
+ 2010-08-17 18:39 . 2001-08-17 23:51 17280 c:\windows\LastGood\system32\dllcache\scr111.sys
+ 2010-08-17 18:39 . 2001-08-17 23:51 16640 c:\windows\LastGood\system32\dllcache\scmstcs.sys
+ 2010-08-17 18:39 . 2001-08-17 23:51 23936 c:\windows\LastGood\system32\dllcache\sccmusbm.sys
+ 2010-08-17 18:39 . 2001-08-17 23:51 23936 c:\windows\LastGood\system32\dllcache\sccmn50m.sys
+ 2010-08-17 18:39 . 2008-04-14 10:10 43904 c:\windows\LastGood\system32\dllcache\sbp2port.sys
+ 2010-08-17 18:39 . 2001-08-17 22:50 75392 c:\windows\LastGood\system32\dllcache\s3savmxm.sys
+ 2010-08-17 18:39 . 2001-08-17 22:50 77824 c:\windows\LastGood\system32\dllcache\s3sav4m.sys
+ 2010-08-17 18:39 . 2001-08-17 22:50 61504 c:\windows\LastGood\system32\dllcache\s3sav3dm.sys
+ 2010-08-17 18:39 . 2001-08-18 08:36 62496 c:\windows\LastGood\system32\dllcache\s3mtrio.dll
+ 2010-08-17 18:39 . 2001-08-17 22:50 41216 c:\windows\LastGood\system32\dllcache\s3mt3d.sys
+ 2010-08-17 18:39 . 2001-08-17 23:57 65664 c:\windows\LastGood\system32\dllcache\s3legacy.sys
+ 2010-08-17 18:30 . 2001-08-18 00:56 66048 c:\windows\LastGood\system32\dllcache\s3legacy.dll
+ 2010-08-17 18:38 . 2001-08-18 08:36 82432 c:\windows\LastGood\system32\dllcache\rwia450.dll
+ 2010-08-17 18:38 . 2001-08-18 08:36 79872 c:\windows\LastGood\system32\dllcache\rwia430.dll
+ 2010-08-17 18:38 . 2006-02-28 12:00 79872 c:\windows\LastGood\system32\dllcache\rwia330.dll
+ 2010-08-17 18:38 . 2006-02-28 12:00 79872 c:\windows\LastGood\system32\dllcache\rwia001.dll
+ 2010-08-17 18:38 . 2008-04-14 15:42 29696 c:\windows\LastGood\system32\dllcache\rw450ext.dll
+ 2010-08-17 18:38 . 2008-04-14 15:42 27648 c:\windows\LastGood\system32\dllcache\rw430ext.dll
+ 2010-08-17 18:38 . 2008-04-14 10:42 29184 c:\windows\LastGood\system32\dllcache\rw330ext.dll
+ 2010-08-17 18:38 . 2008-04-14 10:42 27648 c:\windows\LastGood\system32\dllcache\rw001ext.dll
+ 2010-08-17 18:38 . 2008-04-14 08:05 20992 c:\windows\LastGood\system32\dllcache\rtl8139.sys
+ 2010-08-17 18:38 . 2001-08-17 22:12 19017 c:\windows\LastGood\system32\dllcache\rtl8029.sys
+ 2010-08-17 18:38 . 2001-08-17 22:19 30720 c:\windows\LastGood\system32\dllcache\rthwcls.sys
+ 2010-08-17 18:38 . 2008-04-14 10:10 79104 c:\windows\LastGood\system32\dllcache\rocket.sys
+ 2010-08-17 18:38 . 2008-04-14 10:26 30592 c:\windows\LastGood\system32\dllcache\rndismpx.sys
+ 2010-08-17 18:38 . 2001-08-17 22:12 37563 c:\windows\LastGood\system32\dllcache\rlnet5.sys
+ 2010-08-17 18:38 . 2008-04-14 10:16 59136 c:\windows\LastGood\system32\dllcache\rfcomm.sys
+ 2010-08-17 18:38 . 2001-08-18 08:36 86097 c:\windows\LastGood\system32\dllcache\reslog32.dll
+ 2010-08-17 18:38 . 2006-02-28 12:00 14848 c:\windows\LastGood\system32\dllcache\register.exe
+ 2010-08-17 18:38 . 2008-04-14 09:53 13776 c:\windows\LastGood\system32\dllcache\recagent.sys
+ 2010-08-17 18:38 . 2001-08-17 23:51 19584 c:\windows\LastGood\system32\dllcache\rasirda.sys
+ 2010-08-17 18:38 . 2008-04-14 05:11 20736 c:\windows\LastGood\system32\dllcache\ramdisk.sys
+ 2010-08-17 18:38 . 2001-08-18 08:36 41472 c:\windows\LastGood\system32\dllcache\qvusd.dll
+ 2010-08-17 18:38 . 2006-02-28 12:00 16384 c:\windows\LastGood\system32\dllcache\quser.exe
+ 2010-08-17 18:38 . 2001-08-17 23:52 49024 c:\windows\LastGood\system32\dllcache\ql1280.sys
+ 2010-08-17 18:38 . 2001-08-17 23:52 40448 c:\windows\LastGood\system32\dllcache\ql1240.sys
+ 2010-08-17 18:38 . 2001-08-17 23:52 45312 c:\windows\LastGood\system32\dllcache\ql12160.sys
+ 2010-08-17 18:38 . 2001-08-17 23:52 33152 c:\windows\LastGood\system32\dllcache\ql10wnt.sys
+ 2010-08-17 18:38 . 2001-08-17 23:52 40320 c:\windows\LastGood\system32\dllcache\ql1080.sys
+ 2010-08-17 18:38 . 2001-08-18 08:36 35328 c:\windows\LastGood\system32\dllcache\psisload.dll
+ 2010-08-17 18:38 . 2001-08-17 23:51 16128 c:\windows\LastGood\system32\dllcache\pscr.sys
+ 2010-08-17 18:38 . 2008-04-14 10:11 17664 c:\windows\LastGood\system32\dllcache\ppa3.sys
+ 2010-08-17 18:38 . 2001-08-17 23:53 17792 c:\windows\LastGood\system32\dllcache\ppa.sys
+ 2010-08-17 18:38 . 2006-02-28 12:00 11264 c:\windows\LastGood\system32\dllcache\pmxmcro.dll
+ 2010-08-17 18:38 . 2008-04-14 10:40 67584 c:\windows\LastGood\system32\dllcache\pmigrate.dll
+ 2010-08-17 18:38 . 2008-04-14 03:13 70144 c:\windows\LastGood\system32\dllcache\pintlphr.exe
+ 2010-08-17 18:38 . 2008-04-14 10:40 53760 c:\windows\LastGood\system32\dllcache\pintlcsd.dll
+ 2010-08-17 18:38 . 2001-08-18 00:07 19840 c:\windows\LastGood\system32\dllcache\philtune.sys
+ 2010-08-17 18:38 . 2001-08-18 00:04 92416 c:\windows\LastGood\system32\dllcache\phildec.sys
+ 2010-08-17 18:38 . 2001-08-18 00:04 75776 c:\windows\LastGood\system32\dllcache\philcam1.sys
+ 2010-08-17 18:38 . 2001-08-18 08:36 16384 c:\windows\LastGood\system32\dllcache\philcam1.dll
+ 2010-08-17 18:38 . 2008-04-14 10:14 28032 c:\windows\LastGood\system32\dllcache\perm3.sys
+ 2010-08-17 18:38 . 2008-04-14 10:14 27904 c:\windows\LastGood\system32\dllcache\perm2.sys
+ 2010-08-17 18:38 . 2001-08-18 00:07 27296 c:\windows\LastGood\system32\dllcache\perc2.sys
+ 2010-08-17 18:38 . 2001-08-18 08:36 86016 c:\windows\LastGood\system32\dllcache\pctspk.exe
+ 2010-08-17 18:38 . 2001-08-17 22:11 35328 c:\windows\LastGood\system32\dllcache\pcntpci5.sys
+ 2010-08-17 18:38 . 2001-08-17 22:11 29769 c:\windows\LastGood\system32\dllcache\pcntn5m.sys
+ 2010-08-17 18:38 . 2001-08-17 22:11 30282 c:\windows\LastGood\system32\dllcache\pcntn5hl.sys
+ 2010-08-17 18:38 . 2001-08-17 22:12 26153 c:\windows\LastGood\system32\dllcache\pcmlm56.sys
+ 2010-08-17 18:38 . 2008-04-14 08:05 29502 c:\windows\LastGood\system32\dllcache\pca200e.sys
+ 2010-08-17 18:37 . 2001-08-17 22:12 30495 c:\windows\LastGood\system32\dllcache\pc100nds.sys
+ 2010-08-17 18:37 . 2008-04-14 10:40 15360 c:\windows\LastGood\system32\dllcache\padrs804.dll
+ 2010-08-17 18:37 . 2006-02-28 12:00 14336 c:\windows\LastGood\system32\dllcache\padrs412.dll
+ 2010-08-17 18:37 . 2006-02-28 12:00 36927 c:\windows\LastGood\system32\dllcache\padrs411.dll
+ 2010-08-17 18:37 . 2008-04-14 10:40 15872 c:\windows\LastGood\system32\dllcache\padrs404.dll
+ 2010-08-17 18:37 . 2001-08-18 08:36 41984 c:\windows\LastGood\system32\dllcache\ovui2rc.dll
+ 2010-08-17 18:37 . 2001-08-18 08:36 44544 c:\windows\LastGood\system32\dllcache\ovui2.dll
+ 2010-08-17 18:37 . 2001-08-18 00:05 25216 c:\windows\LastGood\system32\dllcache\ovsound2.sys
+ 2010-08-17 18:37 . 2001-08-18 08:36 39424 c:\windows\LastGood\system32\dllcache\ovcoms.exe
+ 2010-08-17 18:37 . 2001-08-18 08:36 20480 c:\windows\LastGood\system32\dllcache\ovcomc.dll
+ 2010-08-17 18:37 . 2001-08-18 00:05 31872 c:\windows\LastGood\system32\dllcache\ovce.sys
+ 2010-08-17 18:37 . 2001-08-18 00:05 28032 c:\windows\LastGood\system32\dllcache\ovcd.sys
+ 2010-08-17 18:37 . 2001-08-18 00:05 48000 c:\windows\LastGood\system32\dllcache\ovcam2.sys
+ 2010-08-17 18:37 . 2001-08-18 00:05 25088 c:\windows\LastGood\system32\dllcache\ovca.sys
+ 2010-08-17 18:37 . 2001-08-17 23:28 54186 c:\windows\LastGood\system32\dllcache\otcsercb.sys
+ 2010-08-17 18:37 . 2001-08-17 22:12 43689 c:\windows\LastGood\system32\dllcache\otceth5.sys
+ 2010-08-17 18:37 . 2001-08-17 22:12 27209 c:\windows\LastGood\system32\dllcache\otc06x5.sys
+ 2010-08-17 18:37 . 2001-08-17 22:20 54528 c:\windows\LastGood\system32\dllcache\opl3sax.sys
+ 2010-08-17 18:37 . 2001-08-17 22:49 51552 c:\windows\LastGood\system32\dllcache\ntgrip.sys
+ 2010-08-17 18:37 . 2008-04-14 10:24 28672 c:\windows\LastGood\system32\dllcache\nscirda.sys
+ 2010-08-17 18:37 . 2001-08-17 22:20 87040 c:\windows\LastGood\system32\dllcache\nm6wdm.sys
+ 2010-08-17 18:37 . 2001-08-17 22:12 32840 c:\windows\LastGood\system32\dllcache\ngrpci.sys
+ 2010-08-17 18:37 . 2001-08-17 22:11 65278 c:\windows\LastGood\system32\dllcache\netflx3.sys
+ 2010-08-17 18:37 . 2001-08-17 22:50 39264 c:\windows\LastGood\system32\dllcache\neo20xx.sys
+ 2010-08-17 18:37 . 2001-08-18 08:36 60480 c:\windows\LastGood\system32\dllcache\neo20xx.dll
+ 2010-08-17 18:37 . 2001-08-17 23:49 15872 c:\windows\LastGood\system32\dllcache\ne2000.sys
+ 2010-08-17 18:37 . 2001-08-18 00:56 91488 c:\windows\LastGood\system32\dllcache\n9i3disp.dll
+ 2010-08-17 18:37 . 2001-08-17 22:50 27936 c:\windows\LastGood\system32\dllcache\n9i3d.sys
+ 2010-08-17 18:37 . 2001-08-17 22:50 33088 c:\windows\LastGood\system32\dllcache\n9i128v2.sys
+ 2010-08-17 18:37 . 2001-08-18 08:36 59104 c:\windows\LastGood\system32\dllcache\n9i128v2.dll
+ 2010-08-17 18:37 . 2001-08-17 22:50 13664 c:\windows\LastGood\system32\dllcache\n9i128.sys
+ 2010-08-17 18:37 . 2001-08-18 00:56 35392 c:\windows\LastGood\system32\dllcache\n9i128.dll
+ 2010-08-17 18:37 . 2001-08-17 22:11 52255 c:\windows\LastGood\system32\dllcache\n1000nt5.sys
+ 2010-08-17 18:37 . 2001-08-17 23:50 75520 c:\windows\LastGood\system32\dllcache\mxport.sys
+ 2010-08-17 18:37 . 2001-08-17 23:49 19968 c:\windows\LastGood\system32\dllcache\mxnic.sys
+ 2010-08-17 18:37 . 2001-08-18 08:36 19968 c:\windows\LastGood\system32\dllcache\mxicfg.dll
+ 2010-08-17 18:37 . 2001-08-17 23:50 21888 c:\windows\LastGood\system32\dllcache\mxcard.sys
+ 2010-08-17 18:37 . 2008-04-14 10:13 12672 c:\windows\LastGood\system32\dllcache\mutohpen.sys
+ 2010-08-17 18:37 . 2008-04-14 10:16 49024 c:\windows\LastGood\system32\dllcache\mstape.sys
+ 2010-08-17 18:37 . 2001-08-17 23:48 12416 c:\windows\LastGood\system32\dllcache\msriffwv.sys
+ 2010-08-17 18:36 . 2008-04-14 10:42 40960 c:\windows\LastGood\system32\dllcache\msiregmv.exe
+ 2010-08-17 18:36 . 2008-04-14 10:24 22016 c:\windows\LastGood\system32\dllcache\msircomm.sys
+ 2010-08-17 18:36 . 2006-02-28 12:00 98304 c:\windows\LastGood\system32\dllcache\msir3jp.dll
+ 2010-08-17 18:36 . 2001-08-18 00:02 35200 c:\windows\LastGood\system32\dllcache\msgame.sys
+ 2010-08-17 18:36 . 2008-04-14 10:16 51200 c:\windows\LastGood\system32\dllcache\msdv.sys
+ 2010-08-17 18:36 . 2001-08-17 23:52 17280 c:\windows\LastGood\system32\dllcache\mraid35x.sys
+ 2010-08-17 18:36 . 2008-04-14 10:16 15232 c:\windows\LastGood\system32\dllcache\mpe.sys
+ 2010-08-17 18:36 . 2001-08-17 23:57 16128 c:\windows\LastGood\system32\dllcache\modemcsa.sys
+ 2010-08-17 18:36 . 2006-02-28 12:00 34304 c:\windows\LastGood\system32\dllcache\migisol.exe
+ 2010-08-17 18:36 . 2006-02-28 12:00 92416 c:\windows\LastGood\system32\dllcache\mga.sys
+ 2010-08-17 18:36 . 2006-02-28 12:00 92032 c:\windows\LastGood\system32\dllcache\mga.dll
+ 2010-08-17 18:36 . 2008-04-14 10:11 26112 c:\windows\LastGood\system32\dllcache\memstpci.sys
+ 2010-08-17 18:36 . 2001-08-18 08:36 47616 c:\windows\LastGood\system32\dllcache\memgrp.dll
+ 2010-08-17 18:36 . 2001-08-17 22:19 48768 c:\windows\LastGood\system32\dllcache\maestro.sys
+ 2010-08-17 18:36 . 2001-08-18 08:36 58880 c:\windows\LastGood\system32\dllcache\m3092dc.dll
+ 2010-08-17 18:36 . 2001-08-18 08:36 58368 c:\windows\LastGood\system32\dllcache\m3091dc.dll
+ 2010-08-17 18:36 . 2001-08-17 22:49 22848 c:\windows\LastGood\system32\dllcache\lwusbhid.sys
+ 2010-08-17 18:36 . 2008-04-14 08:09 20864 c:\windows\LastGood\system32\dllcache\lwadihid.sys
+ 2010-08-17 18:36 . 2008-04-14 10:41 18944 c:\windows\LastGood\system32\dllcache\lprmon.dll
+ 2010-08-17 18:36 . 2008-04-14 10:41 22528 c:\windows\LastGood\system32\dllcache\lpdsvc.dll
+ 2010-08-17 18:36 . 2001-08-17 22:12 70730 c:\windows\LastGood\system32\dllcache\lne100tx.sys
+ 2010-08-17 18:36 . 2001-08-17 22:12 20573 c:\windows\LastGood\system32\dllcache\lne100.sys
+ 2010-08-17 18:36 . 2001-08-17 22:11 25065 c:\windows\LastGood\system32\dllcache\lmndis3.sys
+ 2010-08-17 18:36 . 2008-04-14 10:41 33792 c:\windows\LastGood\system32\dllcache\lmmib2.dll
+ 2010-08-17 18:36 . 2001-08-17 23:51 15744 c:\windows\LastGood\system32\dllcache\lit220p.sys
+ 2010-08-17 18:36 . 2008-04-14 10:10 34688 c:\windows\LastGood\system32\dllcache\lbrtfdc.sys
+ 2010-08-17 18:36 . 2001-08-17 22:12 26442 c:\windows\LastGood\system32\dllcache\lanepic5.sys
+ 2010-08-17 18:36 . 2001-08-17 22:12 19016 c:\windows\LastGood\system32\dllcache\ktc111.sys
+ 2010-08-17 18:36 . 2001-08-18 08:36 37376 c:\windows\LastGood\system32\dllcache\kousd.dll
+ 2010-08-17 18:36 . 2006-02-28 12:00 70656 c:\windows\LastGood\system32\dllcache\korwbrkr.dll
+ 2010-08-17 18:36 . 2008-04-14 15:41 48640 c:\windows\LastGood\system32\dllcache\kdsui.dll
+ 2010-08-17 18:35 . 2008-04-14 10:09 14592 c:\windows\LastGood\system32\dllcache\kbdhid.sys
+ 2010-08-17 18:35 . 2006-02-28 12:00 18432 c:\windows\LastGood\system32\dllcache\jupiw.dll
+ 2010-08-17 18:35 . 2001-08-17 23:49 26624 c:\windows\LastGood\system32\dllcache\irstusb.sys
+ 2010-08-17 18:35 . 2001-08-17 23:51 18688 c:\windows\LastGood\system32\dllcache\irsir.sys
+ 2010-08-17 18:35 . 2008-04-14 15:41 28160 c:\windows\LastGood\system32\dllcache\irmon.dll
+ 2010-08-17 18:35 . 2001-08-17 23:49 23552 c:\windows\LastGood\system32\dllcache\irmk7.sys
+ 2010-08-17 18:35 . 2008-04-14 10:24 88192 c:\windows\LastGood\system32\dllcache\irda.sys
+ 2010-08-17 18:35 . 2008-04-14 10:41 35328 c:\windows\LastGood\system32\dllcache\iprip.dll
+ 2010-08-17 18:35 . 2001-08-17 22:12 45632 c:\windows\LastGood\system32\dllcache\ip5515.sys
+ 2010-08-17 18:35 . 2001-08-18 08:36 90200 c:\windows\LastGood\system32\dllcache\io8ports.dll
+ 2010-08-17 18:35 . 2001-08-17 23:50 38784 c:\windows\LastGood\system32\dllcache\io8.sys
+ 2010-08-17 18:35 . 2001-08-17 23:47 13056 c:\windows\LastGood\system32\dllcache\inport.sys
+ 2010-08-17 18:35 . 2001-08-17 23:52 16000 c:\windows\LastGood\system32\dllcache\ini910u.sys
+ 2010-08-17 18:35 . 2006-02-28 12:00 59392 c:\windows\LastGood\system32\dllcache\imscinst.exe
+ 2010-08-17 18:35 . 2006-02-28 12:00 59904 c:\windows\LastGood\system32\dllcache\imkrinst.exe
+ 2010-08-17 18:35 . 2006-02-28 12:00 45109 c:\windows\LastGood\system32\dllcache\imjpuex.exe
+ 2010-08-17 18:35 . 2008-04-14 10:39 81976 c:\windows\LastGood\system32\dllcache\imjpdct.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 57398 c:\windows\LastGood\system32\dllcache\imjpdadm.exe
+ 2010-08-17 18:35 . 2006-02-28 12:00 44032 c:\windows\LastGood\system32\dllcache\imekrmig.exe
+ 2010-08-17 18:35 . 2008-04-14 10:39 86016 c:\windows\LastGood\system32\dllcache\imekrmbx.dll
+ 2010-08-17 18:35 . 2001-08-18 08:36 20480 c:\windows\LastGood\system32\dllcache\icam5ext.dll
+ 2010-08-17 18:35 . 2001-08-18 08:36 45056 c:\windows\LastGood\system32\dllcache\icam5com.dll
+ 2010-08-17 18:35 . 2001-08-18 08:36 61952 c:\windows\LastGood\system32\dllcache\icam4ext.dll
+ 2010-08-17 18:35 . 2001-08-18 08:36 91136 c:\windows\LastGood\system32\dllcache\icam4com.dll
+ 2010-08-17 18:35 . 2001-08-18 08:36 26624 c:\windows\LastGood\system32\dllcache\icam3ext.dll
+ 2010-08-17 18:34 . 2001-08-18 00:06 38528 c:\windows\LastGood\system32\dllcache\ibmvcap.sys
+ 2010-08-17 18:34 . 2001-08-17 22:11 28700 c:\windows\LastGood\system32\dllcache\ibmexmp.sys
+ 2010-08-17 18:34 . 2001-08-17 22:49 58592 c:\windows\LastGood\system32\dllcache\i740nt5.sys
+ 2010-08-17 18:34 . 2008-04-14 10:11 18560 c:\windows\LastGood\system32\dllcache\i2omp.sys
+ 2010-08-17 18:34 . 2008-04-14 15:41 32285 c:\windows\LastGood\system32\dllcache\hsfcisp2.dll
+ 2010-08-17 18:34 . 2001-08-17 23:28 50751 c:\windows\LastGood\system32\dllcache\hsf_tone.sys
+ 2010-08-17 18:34 . 2001-08-17 23:28 73279 c:\windows\LastGood\system32\dllcache\hsf_spkp.sys
+ 2010-08-17 18:34 . 2001-08-17 23:28 44863 c:\windows\LastGood\system32\dllcache\hsf_soar.sys
+ 2010-08-17 18:34 . 2001-08-17 23:28 57471 c:\windows\LastGood\system32\dllcache\hsf_samp.sys
+ 2010-08-17 18:34 . 2001-08-17 23:28 67167 c:\windows\LastGood\system32\dllcache\hsf_bsc2.sys
+ 2010-08-17 18:34 . 2001-08-18 08:36 19456 c:\windows\LastGood\system32\dllcache\hr1w.dll
+ 2010-08-17 18:34 . 2001-08-18 08:36 13312 c:\windows\LastGood\system32\dllcache\hpsjmcro.dll
+ 2010-08-17 18:34 . 2001-08-18 00:07 25952 c:\windows\LastGood\system32\dllcache\hpn.sys
+ 2010-08-17 18:34 . 2001-08-18 08:36 32768 c:\windows\LastGood\system32\dllcache\hpgtmcro.dll
+ 2010-08-17 18:34 . 2001-08-18 08:36 68608 c:\windows\LastGood\system32\dllcache\hpgt53tk.dll
+ 2010-08-17 18:34 . 2001-08-18 08:36 31232 c:\windows\LastGood\system32\dllcache\hpgt42tk.dll
+ 2010-08-17 18:34 . 2001-08-18 08:36 93696 c:\windows\LastGood\system32\dllcache\hpgt42.dll
+ 2010-08-17 18:34 . 2001-08-18 08:36 48128 c:\windows\LastGood\system32\dllcache\hpgt33tk.dll
+ 2010-08-17 18:34 . 2001-08-18 08:36 89088 c:\windows\LastGood\system32\dllcache\hpgt33.dll
+ 2010-08-17 18:34 . 2001-08-18 08:36 83968 c:\windows\LastGood\system32\dllcache\hpgt21.dll
+ 2010-08-17 18:34 . 2008-04-14 10:41 39936 c:\windows\LastGood\system32\dllcache\hostmib.dll
+ 2010-08-17 18:34 . 2008-04-14 10:15 19200 c:\windows\LastGood\system32\dllcache\hidir.sys
+ 2010-08-17 18:34 . 2008-04-14 10:16 25600 c:\windows\LastGood\system32\dllcache\hidbth.sys
+ 2010-08-17 18:34 . 2008-04-14 10:06 20352 c:\windows\LastGood\system32\dllcache\hidbatt.sys
+ 2010-08-17 18:34 . 2006-02-28 12:00 36864 c:\windows\LastGood\system32\dllcache\hanjadic.dll
+ 2010-08-17 18:34 . 2008-04-14 10:10 28288 c:\windows\LastGood\system32\dllcache\grserial.sys
+ 2010-08-17 18:34 . 2001-08-17 23:51 82304 c:\windows\LastGood\system32\dllcache\grclass.sys
+ 2010-08-17 18:34 . 2001-08-17 23:51 17408 c:\windows\LastGood\system32\dllcache\gpr400.sys
+ 2010-08-17 18:34 . 2008-04-14 10:15 59136 c:\windows\LastGood\system32\dllcache\gckernel.sys
+ 2010-08-17 18:34 . 2008-04-14 10:15 10624 c:\windows\LastGood\system32\dllcache\gameenum.sys
+ 2010-08-17 18:34 . 2008-04-14 10:06 46464 c:\windows\LastGood\system32\dllcache\gagp30kx.sys
+ 2010-08-17 18:34 . 2006-02-28 12:00 11264 c:\windows\LastGood\system32\dllcache\fxssend.exe
+ 2010-08-17 18:34 . 2006-02-28 12:00 31744 c:\windows\LastGood\system32\dllcache\fxsroute.dll
+ 2010-08-17 18:33 . 2008-04-14 10:41 23552 c:\windows\LastGood\system32\dllcache\fxsmon.dll
+ 2010-08-17 18:33 . 2008-04-14 10:41 23552 c:\windows\LastGood\system32\dllcache\fxsext32.dll
+ 2010-08-17 18:33 . 2008-04-14 10:41 55296 c:\windows\LastGood\system32\dllcache\fxsevent.dll
+ 2010-08-17 18:33 . 2008-04-14 10:41 26624 c:\windows\LastGood\system32\dllcache\fxsdrv.dll
+ 2010-08-17 18:33 . 2008-04-14 10:41 72192 c:\windows\LastGood\system32\dllcache\fxscom.dll
+ 2010-08-17 18:33 . 2001-08-18 08:36 92160 c:\windows\LastGood\system32\dllcache\fuusd.dll
+ 2010-08-17 18:29 . 2003-03-24 21:52 20538 c:\windows\LastGood\system32\dllcache\fpremadm.exe
+ 2010-08-17 18:29 . 2003-03-24 21:52 20541 c:\windows\LastGood\system32\dllcache\fpexedll.dll
+ 2010-08-17 18:33 . 2003-03-24 21:52 94208 c:\windows\LastGood\system32\dllcache\fpencode.dll
+ 2010-08-17 18:33 . 2003-03-24 21:52 20541 c:\windows\LastGood\system32\dllcache\fpadmdll.dll
+ 2010-08-17 18:33 . 2003-03-24 21:52 24632 c:\windows\LastGood\system32\dllcache\fpadmcgi.exe
+ 2010-08-17 18:29 . 2003-03-24 21:52 14608 c:\windows\LastGood\system32\dllcache\fp98sadm.exe
+ 2010-08-17 18:29 . 2003-03-24 21:52 49212 c:\windows\LastGood\system32\dllcache\fp4awebs.dll
+ 2010-08-17 18:29 . 2003-03-24 21:52 32826 c:\windows\LastGood\system32\dllcache\fp4avss.dll
+ 2010-08-17 18:29 . 2003-03-24 21:52 41020 c:\windows\LastGood\system32\dllcache\fp4avnb.dll
+ 2010-08-17 18:29 . 2003-03-24 21:52 49210 c:\windows\LastGood\system32\dllcache\fp4areg.dll
+ 2010-08-17 18:29 . 2003-03-24 21:52 82035 c:\windows\LastGood\system32\dllcache\fp4anscp.dll
+ 2010-08-17 18:33 . 2008-04-14 08:05 34173 c:\windows\LastGood\system32\dllcache\forehe.sys
+ 2010-08-17 18:33 . 2001-08-18 08:36 71680 c:\windows\LastGood\system32\dllcache\fnfilter.dll
+ 2010-08-17 18:33 . 2006-02-28 12:00 14848 c:\windows\LastGood\system32\dllcache\flattemp.exe
+ 2010-08-17 18:33 . 2001-08-17 22:13 27165 c:\windows\LastGood\system32\dllcache\fetnd5.sys
+ 2010-08-17 18:33 . 2001-08-17 22:10 22090 c:\windows\LastGood\system32\dllcache\fem556n5.sys
+ 2010-08-17 18:33 . 2001-08-17 22:12 24618 c:\windows\LastGood\system32\dllcache\fa410nd5.sys
+ 2010-08-17 18:33 . 2001-08-17 22:12 16074 c:\windows\LastGood\system32\dllcache\fa312nd5.sys
+ 2010-08-17 18:33 . 2001-08-17 22:11 11850 c:\windows\LastGood\system32\dllcache\f3ab18xj.sys
+ 2010-08-17 18:33 . 2001-08-17 22:11 12362 c:\windows\LastGood\system32\dllcache\f3ab18xi.sys
+ 2010-08-17 18:39 . 2001-08-18 03:36 12288 c:\windows\LastGood\system32\dllcache\EXCH_smtpctrs.dll
+ 2010-08-17 18:39 . 2001-08-18 03:36 26112 c:\windows\LastGood\system32\dllcache\EXCH_seos.dll
+ 2010-08-17 18:39 . 2001-08-18 03:36 57856 c:\windows\LastGood\system32\dllcache\EXCH_scripto.dll
+ 2010-08-17 18:38 . 2001-08-18 03:36 23040 c:\windows\LastGood\system32\dllcache\EXCH_regtrace.exe
+ 2010-08-17 18:37 . 2001-08-18 03:36 38912 c:\windows\LastGood\system32\dllcache\EXCH_ntfsdrv.dll
+ 2010-08-17 18:36 . 2001-08-18 03:36 65536 c:\windows\LastGood\system32\dllcache\EXCH_mailmsg.dll
+ 2010-08-17 18:33 . 2001-08-18 03:36 43520 c:\windows\LastGood\system32\dllcache\EXCH_fcachdll.dll
+ 2010-08-17 18:30 . 2001-08-18 03:36 45056 c:\windows\LastGood\system32\dllcache\EXCH_aqadmin.dll
+ 2010-08-17 18:33 . 2001-08-17 22:12 16998 c:\windows\LastGood\system32\dllcache\ex10.sys
+ 2010-08-17 18:33 . 2008-04-14 10:42 92160 c:\windows\LastGood\system32\dllcache\evntwin.exe
+ 2010-08-17 18:33 . 2008-04-14 10:42 24064 c:\windows\LastGood\system32\dllcache\evntcmd.exe
+ 2010-08-17 18:33 . 2006-02-28 12:00 25856 c:\windows\LastGood\system32\dllcache\et4000.sys
+ 2010-08-17 18:33 . 2006-02-28 12:00 45056 c:\windows\LastGood\system32\dllcache\esunid.dll
+ 2010-08-17 18:33 . 2001-08-18 08:36 45568 c:\windows\LastGood\system32\dllcache\esunib.dll
+ 2010-08-17 18:33 . 2001-08-18 08:36 45568 c:\windows\LastGood\system32\dllcache\esuni.dll
+ 2010-08-17 18:33 . 2006-02-28 12:00 57856 c:\windows\LastGood\system32\dllcache\esuimgd.dll
+ 2010-08-17 18:33 . 2001-08-18 08:36 34816 c:\windows\LastGood\system32\dllcache\esuimg.dll
+ 2010-08-17 18:33 . 2006-02-28 12:00 31744 c:\windows\LastGood\system32\dllcache\esucmd.dll
+ 2010-08-17 18:33 . 2001-08-18 08:36 43008 c:\windows\LastGood\system32\dllcache\esucm.dll
+ 2010-08-17 18:33 . 2001-08-17 22:19 63360 c:\windows\LastGood\system32\dllcache\ess.sys
+ 2010-08-17 18:33 . 2001-08-17 22:19 72192 c:\windows\LastGood\system32\dllcache\es1969.sys
+ 2010-08-17 18:33 . 2001-08-17 22:19 40704 c:\windows\LastGood\system32\dllcache\es1371mp.sys
+ 2010-08-17 18:33 . 2001-08-17 22:19 37120 c:\windows\LastGood\system32\dllcache\es1370mp.sys
+ 2010-08-17 18:33 . 2001-08-18 08:36 61952 c:\windows\LastGood\system32\dllcache\eqnloop.exe
+ 2010-08-17 18:33 . 2001-08-18 08:36 51200 c:\windows\LastGood\system32\dllcache\eqnlogr.exe
+ 2010-08-17 18:33 . 2001-08-18 08:36 53248 c:\windows\LastGood\system32\dllcache\eqndiag.exe
+ 2010-08-17 18:33 . 2001-08-17 22:12 18503 c:\windows\LastGood\system32\dllcache\epro4.sys
+ 2010-08-17 18:33 . 2001-08-17 22:10 19996 c:\windows\LastGood\system32\dllcache\em556n4.sys
+ 2010-08-17 18:33 . 2001-08-17 22:10 25159 c:\windows\LastGood\system32\dllcache\elnk3.sys
+ 2010-08-17 18:33 . 2001-08-17 22:11 70174 c:\windows\LastGood\system32\dllcache\el98xn5.sys
+ 2010-08-17 18:33 . 2001-08-17 22:11 66591 c:\windows\LastGood\system32\dllcache\el90xbc5.sys
+ 2010-08-17 18:33 . 2001-08-17 22:11 77386 c:\windows\LastGood\system32\dllcache\el656nd5.sys
+ 2010-08-17 18:33 . 2001-08-17 22:11 69194 c:\windows\LastGood\system32\dllcache\el656cd5.sys
+ 2010-08-17 18:33 . 2001-08-17 22:10 26141 c:\windows\LastGood\system32\dllcache\el589nd5.sys
+ 2010-08-17 18:33 . 2001-08-17 22:10 69692 c:\windows\LastGood\system32\dllcache\el575nd5.sys
+ 2010-08-17 18:33 . 2001-08-17 22:10 24653 c:\windows\LastGood\system32\dllcache\el574nd4.sys
+ 2010-08-17 18:33 . 2001-08-17 22:10 55999 c:\windows\LastGood\system32\dllcache\el556nd5.sys
+ 2010-08-17 18:33 . 2001-08-17 22:10 44103 c:\windows\LastGood\system32\dllcache\el515.sys
+ 2010-08-17 18:33 . 2001-08-17 22:12 19594 c:\windows\LastGood\system32\dllcache\e100isa4.sys
+ 2010-08-17 18:33 . 2001-08-17 22:12 50719 c:\windows\LastGood\system32\dllcache\e1000nt5.sys
+ 2010-08-17 18:33 . 2001-08-18 00:07 20192 c:\windows\LastGood\system32\dllcache\dpti2o.sys
+ 2010-08-17 18:33 . 2001-08-17 22:12 28062 c:\windows\LastGood\system32\dllcache\dp83820.sys
+ 2010-08-17 18:33 . 2001-08-17 23:47 23808 c:\windows\LastGood\system32\dllcache\dot4usb.sys
+ 2010-08-17 18:33 . 2001-08-17 23:47 12928 c:\windows\LastGood\system32\dllcache\dot4prt.sys
+ 2010-08-17 18:33 . 2001-08-17 22:11 29696 c:\windows\LastGood\system32\dllcache\dm9pci5.sys
+ 2010-08-17 18:33 . 2001-08-17 22:11 26698 c:\windows\LastGood\system32\dllcache\dlh5xnd5.sys
+ 2010-08-17 18:33 . 2001-08-18 08:36 29768 c:\windows\LastGood\system32\dllcache\divasu.dll
+ 2010-08-17 18:33 . 2001-08-18 08:36 37962 c:\windows\LastGood\system32\dllcache\divaprop.dll
+ 2010-08-17 18:33 . 2001-08-18 08:36 38985 c:\windows\LastGood\system32\dllcache\disrvsu.dll
+ 2010-08-17 18:33 . 2001-08-18 08:36 31305 c:\windows\LastGood\system32\dllcache\disrvpp.dll
+ 2010-08-17 18:32 . 2001-08-17 22:13 91305 c:\windows\LastGood\system32\dllcache\dimaint.sys
+ 2010-08-17 18:32 . 2001-08-17 22:17 42432 c:\windows\LastGood\system32\dllcache\digirlpt.sys
+ 2010-08-17 18:32 . 2001-08-17 22:14 21606 c:\windows\LastGood\system32\dllcache\digiisdn.sys
+ 2010-08-17 18:32 . 2001-08-18 08:36 41046 c:\windows\LastGood\system32\dllcache\digiisdn.dll
+ 2010-08-17 18:32 . 2001-08-17 22:17 90525 c:\windows\LastGood\system32\dllcache\digifep5.sys
+ 2010-08-17 18:32 . 2001-08-17 22:13 37735 c:\windows\LastGood\system32\dllcache\digiasyn.sys
+ 2010-08-17 18:32 . 2001-08-18 08:36 65622 c:\windows\LastGood\system32\dllcache\digiasyn.dll
+ 2010-08-17 18:31 . 2001-08-18 08:36 32256 c:\windows\LastGood\system32\dllcache\diapi2NT.dll
+ 2010-08-17 18:32 . 2001-08-17 22:17 29531 c:\windows\LastGood\system32\dllcache\dgapci.sys
+ 2010-08-17 18:32 . 2001-08-17 22:11 24649 c:\windows\LastGood\system32\dllcache\dfe650d.sys
+ 2010-08-17 18:32 . 2001-08-17 22:11 24648 c:\windows\LastGood\system32\dllcache\dfe650.sys
+ 2010-08-17 18:32 . 2001-08-18 08:36 24064 c:\windows\LastGood\system32\dllcache\devldr32.exe
+ 2010-08-17 18:32 . 2001-08-17 22:11 20928 c:\windows\LastGood\system32\dllcache\defpa.sys
+ 2010-08-17 18:32 . 2001-08-18 08:36 86016 c:\windows\LastGood\system32\dllcache\dc240usd.dll
+ 2010-08-17 18:32 . 2001-08-17 22:12 63208 c:\windows\LastGood\system32\dllcache\dc21x4.sys
+ 2010-08-17 18:32 . 2001-08-18 08:36 80896 c:\windows\LastGood\system32\dllcache\dc210usd.dll
+ 2010-08-17 18:32 . 2001-08-18 08:36 25600 c:\windows\LastGood\system32\dllcache\dc210_32.dll
+ 2010-08-17 18:32 . 2001-08-17 23:52 14720 c:\windows\LastGood\system32\dllcache\dac960nt.sys
+ 2010-08-17 18:32 . 2001-08-18 08:36 27648 c:\windows\LastGood\system32\dllcache\cyzports.dll
+ 2010-08-17 18:32 . 2001-08-17 23:50 49792 c:\windows\LastGood\system32\dllcache\cyzport.sys
+ 2010-08-17 18:32 . 2001-08-18 08:36 27136 c:\windows\LastGood\system32\dllcache\cyzcoins.dll
+ 2010-08-17 18:32 . 2001-08-18 08:36 27648 c:\windows\LastGood\system32\dllcache\cyyports.dll
+ 2010-08-17 18:32 . 2001-08-17 23:50 50176 c:\windows\LastGood\system32\dllcache\cyyport.sys
+ 2010-08-17 18:32 . 2001-08-18 08:36 28672 c:\windows\LastGood\system32\dllcache\cyycoins.dll
+ 2010-08-17 18:32 . 2001-08-17 23:50 14848 c:\windows\LastGood\system32\dllcache\cyclom-y.sys
+ 2010-08-17 18:32 . 2001-08-17 23:50 17152 c:\windows\LastGood\system32\dllcache\cyclad-z.sys
+ 2010-08-17 18:32 . 2008-04-14 08:06 48640 c:\windows\LastGood\system32\dllcache\cwrwdm.sys
+ 2010-08-17 18:32 . 2001-08-17 22:19 93952 c:\windows\LastGood\system32\dllcache\cwcwdm.sys
+ 2010-08-17 18:32 . 2001-08-17 22:19 72832 c:\windows\LastGood\system32\dllcache\cwbwdm.sys
+ 2010-08-17 18:32 . 2001-08-17 22:19 96256 c:\windows\LastGood\system32\dllcache\ctlsb16.sys
+ 2010-08-17 18:32 . 2001-08-17 22:19 42112 c:\windows\LastGood\system32\dllcache\crtaud.sys
+ 2010-08-17 18:32 . 2006-02-28 12:00 18944 c:\windows\LastGood\system32\dllcache\cprofile.exe
+ 2010-08-17 18:32 . 2001-08-17 22:11 60970 c:\windows\LastGood\system32\dllcache\cpqtrnd5.sys
+ 2010-08-17 18:32 . 2001-08-17 22:13 21533 c:\windows\LastGood\system32\dllcache\cpqndis5.sys
+ 2010-08-17 18:32 . 2001-08-17 23:52 14976 c:\windows\LastGood\system32\dllcache\cpqarray.sys
+ 2010-08-17 18:32 . 2006-02-28 12:00 57399 c:\windows\LastGood\system32\dllcache\cplexe.exe
+ 2010-08-17 18:32 . 2008-04-14 10:06 10240 c:\windows\LastGood\system32\dllcache\compbatt.sys
+ 2010-08-17 18:32 . 2001-08-17 22:11 39936 c:\windows\LastGood\system32\dllcache\cnxt1803.sys
+ 2010-08-17 18:32 . 2001-08-18 08:36 44032 c:\windows\LastGood\system32\dllcache\cnusd.dll
+ 2010-08-17 18:32 . 2001-08-17 23:51 20736 c:\windows\LastGood\system32\dllcache\cmbp0wdm.sys
+ 2010-08-17 18:32 . 2008-04-14 10:06 13952 c:\windows\LastGood\system32\dllcache\cmbatt.sys
+ 2010-08-17 18:32 . 2001-08-17 23:57 45696 c:\windows\LastGood\system32\dllcache\cirrus.sys
+ 2010-08-17 18:32 . 2001-08-18 00:56 91264 c:\windows\LastGood\system32\dllcache\cirrus.dll
+ 2010-08-17 18:32 . 2008-04-14 10:39 56320 c:\windows\LastGood\system32\dllcache\chtskdic.dll
+ 2010-08-17 18:32 . 2008-04-14 10:39 97792 c:\windows\LastGood\system32\dllcache\chtmbx.dll
+ 2010-08-17 18:32 . 2006-02-28 12:00 14336 c:\windows\LastGood\system32\dllcache\chgusr.exe
+ 2010-08-17 18:32 . 2006-02-28 12:00 15872 c:\windows\LastGood\system32\dllcache\chgport.exe
+ 2010-08-17 18:32 . 2006-02-28 12:00 13312 c:\windows\LastGood\system32\dllcache\chglogon.exe
+ 2010-08-17 18:32 . 2008-04-14 15:41 15423 c:\windows\LastGood\system32\dllcache\ch7xxnt5.dll
+ 2010-08-17 18:32 . 2001-08-17 22:13 49182 c:\windows\LastGood\system32\dllcache\cem56n5.sys
+ 2010-08-17 18:32 . 2001-08-17 22:13 22044 c:\windows\LastGood\system32\dllcache\cem33n5.sys
+ 2010-08-17 18:32 . 2001-08-17 22:13 22044 c:\windows\LastGood\system32\dllcache\cem28n5.sys
+ 2010-08-17 18:32 . 2001-08-17 22:13 27164 c:\windows\LastGood\system32\dllcache\ce3n5.sys
+ 2010-08-17 18:32 . 2001-08-17 22:13 21530 c:\windows\LastGood\system32\dllcache\ce2n5.sys
+ 2010-08-17 18:31 . 2001-08-17 22:13 46108 c:\windows\LastGood\system32\dllcache\cben5.sys
+ 2010-08-17 18:31 . 2001-08-17 22:12 39680 c:\windows\LastGood\system32\dllcache\cb325.sys
+ 2010-08-17 18:31 . 2001-08-17 22:12 37916 c:\windows\LastGood\system32\dllcache\cb102.sys
+ 2010-08-17 18:31 . 2006-02-28 12:00 54528 c:\windows\LastGood\system32\dllcache\cap7146.sys
+ 2010-08-17 18:31 . 2001-08-18 08:36 74240 c:\windows\LastGood\system32\dllcache\camexo20.dll
+ 2010-08-17 18:31 . 2006-02-28 12:00 10752 c:\windows\LastGood\system32\dllcache\c_iscii.dll
+ 2010-08-17 18:31 . 2001-08-17 23:51 13824 c:\windows\LastGood\system32\dllcache\bulltlp3.sys
+ 2010-08-17 18:31 . 2008-04-14 10:16 18944 c:\windows\LastGood\system32\dllcache\bthusb.sys
+ 2010-08-17 18:31 . 2008-04-14 10:16 36480 c:\windows\LastGood\system32\dllcache\bthprint.sys
+ 2010-08-17 18:31 . 2008-04-14 10:16 37888 c:\windows\LastGood\system32\dllcache\bthmodem.sys
+ 2010-08-17 18:31 . 2008-04-14 10:16 17024 c:\windows\LastGood\system32\dllcache\bthenum.sys
+ 2010-08-17 18:31 . 2001-08-17 22:11 31529 c:\windows\LastGood\system32\dllcache\brzwlan.sys
+ 2010-08-17 18:31 . 2001-08-17 23:12 10368 c:\windows\LastGood\system32\dllcache\brusbscn.sys
+ 2010-08-17 18:31 . 2001-08-17 23:12 11008 c:\windows\LastGood\system32\dllcache\brusbmdm.sys
+ 2010-08-17 18:31 . 2001-08-17 23:12 60416 c:\windows\LastGood\system32\dllcache\brserwdm.sys
+ 2010-08-17 18:31 . 2001-08-17 23:12 39552 c:\windows\LastGood\system32\dllcache\brparwdm.sys
+ 2010-08-17 18:31 . 2001-08-18 08:36 41472 c:\windows\LastGood\system32\dllcache\brmfusb.dll
+ 2010-08-17 18:31 . 2001-08-18 08:36 32256 c:\windows\LastGood\system32\dllcache\brmfrsmg.exe
+ 2010-08-17 18:31 . 2001-08-18 08:36 29696 c:\windows\LastGood\system32\dllcache\brmflpt.dll
+ 2010-08-17 18:31 . 2001-08-18 08:36 81408 c:\windows\LastGood\system32\dllcache\brmfcwia.dll
+ 2010-08-17 18:31 . 2001-08-18 08:36 15360 c:\windows\LastGood\system32\dllcache\brmfbidi.dll
+ 2010-08-17 18:31 . 2001-08-17 23:12 12160 c:\windows\LastGood\system32\dllcache\brfiltlo.sys
+ 2010-08-17 18:31 . 2001-08-18 08:36 12800 c:\windows\LastGood\system32\dllcache\brevif.dll
+ 2010-08-17 18:31 . 2001-08-18 08:36 19456 c:\windows\LastGood\system32\dllcache\brbidiif.dll
+ 2010-08-17 18:31 . 2008-04-14 10:16 11776 c:\windows\LastGood\system32\dllcache\bdasup.sys
+ 2010-08-17 18:31 . 2001-08-17 22:11 26568 c:\windows\LastGood\system32\dllcache\bcm4e5.sys
+ 2010-08-17 18:31 . 2001-08-17 22:11 54271 c:\windows\LastGood\system32\dllcache\bcm42xx5.sys
+ 2010-08-17 18:31 . 2001-08-17 22:11 66557 c:\windows\LastGood\system32\dllcache\bcm42u.sys
+ 2010-08-17 18:31 . 2008-04-14 10:06 14208 c:\windows\LastGood\system32\dllcache\battc.sys
+ 2010-08-17 18:31 . 2001-08-17 22:48 36128 c:\windows\LastGood\system32\dllcache\banshee.sys
+ 2010-08-17 18:31 . 2001-08-17 22:11 96640 c:\windows\LastGood\system32\dllcache\b57xp32.sys
+ 2010-08-17 18:31 . 2001-08-17 22:13 89952 c:\windows\LastGood\system32\dllcache\b1cbase.sys
+ 2010-08-17 18:31 . 2001-08-17 22:19 36992 c:\windows\LastGood\system32\dllcache\aztw2320.sys
+ 2010-08-17 18:31 . 2001-08-17 22:13 37568 c:\windows\LastGood\system32\dllcache\avmwan.sys
+ 2010-08-17 18:31 . 2001-08-18 08:36 87552 c:\windows\LastGood\system32\dllcache\avmcoxp.dll
+ 2010-08-17 18:31 . 2008-04-14 10:16 13696 c:\windows\LastGood\system32\dllcache\avcstrm.sys
+ 2010-08-17 18:31 . 2001-08-18 00:01 36096 c:\windows\LastGood\system32\dllcache\avcaudio.sys
+ 2010-08-17 18:31 . 2008-04-14 10:16 38912 c:\windows\LastGood\system32\dllcache\avc.sys
+ 2010-08-17 18:29 . 2003-03-24 21:52 16439 c:\windows\LastGood\system32\dllcache\author.exe
+ 2010-08-17 18:29 . 2003-03-24 21:52 20540 c:\windows\LastGood\system32\dllcache\author.dll
+ 2010-08-17 18:31 . 2008-04-14 15:41 17279 c:\windows\LastGood\system32\dllcache\atv10nt5.dll
+ 2010-08-17 18:31 . 2008-04-14 15:41 14143 c:\windows\LastGood\system32\dllcache\atv06nt5.dll
+ 2010-08-17 18:31 . 2008-04-14 15:41 25471 c:\windows\LastGood\system32\dllcache\atv04nt5.dll
+ 2010-08-17 18:31 . 2008-04-14 15:41 11359 c:\windows\LastGood\system32\dllcache\atv02nt5.dll
+ 2010-08-17 18:31 . 2008-04-14 15:41 21183 c:\windows\LastGood\system32\dllcache\atv01nt5.dll
+ 2010-08-17 18:31 . 2001-08-17 22:49 23552 c:\windows\LastGood\system32\dllcache\atixbar.sys
+ 2010-08-17 18:31 . 2001-08-17 22:49 26624 c:\windows\LastGood\system32\dllcache\ativxbar.sys
+ 2010-08-17 18:31 . 2001-08-17 22:49 19456 c:\windows\LastGood\system32\dllcache\ativttxx.sys
+ 2010-08-17 18:31 . 2008-04-14 15:41 32768 c:\windows\LastGood\system32\dllcache\ativtmxx.dll
+ 2010-08-17 18:31 . 2001-08-17 22:49 17152 c:\windows\LastGood\system32\dllcache\atitvsnd.sys
+ 2010-08-17 18:31 . 2001-08-17 22:49 17152 c:\windows\LastGood\system32\dllcache\atitunep.sys
+ 2010-08-17 18:31 . 2001-08-17 22:49 26880 c:\windows\LastGood\system32\dllcache\atirtsnd.sys
+ 2010-08-17 18:31 . 2001-08-17 22:49 49920 c:\windows\LastGood\system32\dllcache\atirtcap.sys
+ 2010-08-17 18:31 . 2001-08-17 22:48 70528 c:\windows\LastGood\system32\dllcache\atiragem.sys
+ 2010-08-17 18:31 . 2001-08-17 22:49 10240 c:\windows\LastGood\system32\dllcache\atipcxxx.sys
+ 2010-08-17 18:31 . 2008-04-14 08:04 63488 c:\windows\LastGood\system32\dllcache\atinxsxx.sys
+ 2010-08-17 18:31 . 2008-04-14 08:04 31744 c:\windows\LastGood\system32\dllcache\atinxbxx.sys
+ 2010-08-17 18:31 . 2008-04-14 08:04 73216 c:\windows\LastGood\system32\dllcache\atintuxx.sys
+ 2010-08-17 18:31 . 2008-04-14 08:04 13824 c:\windows\LastGood\system32\dllcache\atinttxx.sys
+ 2010-08-17 18:31 . 2008-04-14 08:04 28672 c:\windows\LastGood\system32\dllcache\atinsnxx.sys
+ 2010-08-17 18:31 . 2008-04-14 08:04 52224 c:\windows\LastGood\system32\dllcache\atinraxx.sys
+ 2010-08-17 18:31 . 2008-04-14 08:04 14336 c:\windows\LastGood\system32\dllcache\atinpdxx.sys
+ 2010-08-17 18:31 . 2008-04-14 08:04 13824 c:\windows\LastGood\system32\dllcache\atinmdxx.sys
+ 2010-08-17 18:31 . 2008-04-14 08:04 57856 c:\windows\LastGood\system32\dllcache\atinbtxx.sys
+ 2010-08-17 18:30 . 2001-08-17 22:49 75136 c:\windows\LastGood\system32\dllcache\atimpae.sys
+ 2010-08-17 18:30 . 2001-08-18 08:36 37376 c:\windows\LastGood\system32\dllcache\atievxx.exe
+ 2010-08-17 18:30 . 2001-08-17 22:49 46464 c:\windows\LastGood\system32\dllcache\atibt829.sys
+ 2010-08-17 18:30 . 2008-04-14 08:04 34735 c:\windows\LastGood\system32\dllcache\ati1xsxx.sys
+ 2010-08-17 18:30 . 2008-04-14 08:04 29455 c:\windows\LastGood\system32\dllcache\ati1xbxx.sys
+ 2010-08-17 18:30 . 2008-04-14 08:04 36463 c:\windows\LastGood\system32\dllcache\ati1tuxx.sys
+ 2010-08-17 18:30 . 2008-04-14 08:04 21343 c:\windows\LastGood\system32\dllcache\ati1ttxx.sys
+ 2010-08-17 18:30 . 2008-04-14 08:04 26367 c:\windows\LastGood\system32\dllcache\ati1snxx.sys
+ 2010-08-17 18:30 . 2008-04-14 08:04 63663 c:\windows\LastGood\system32\dllcache\ati1rvxx.sys
+ 2010-08-17 18:30 . 2008-04-14 08:04 30671 c:\windows\LastGood\system32\dllcache\ati1raxx.sys
+ 2010-08-17 18:30 . 2008-04-14 08:04 12047 c:\windows\LastGood\system32\dllcache\ati1pdxx.sys
+ 2010-08-17 18:30 . 2008-04-14 08:04 11615 c:\windows\LastGood\system32\dllcache\ati1mdxx.sys
+ 2010-08-17 18:30 . 2008-04-14 08:04 56623 c:\windows\LastGood\system32\dllcache\ati1btxx.sys
+ 2010-08-17 18:30 . 2001-08-17 23:57 77568 c:\windows\LastGood\system32\dllcache\ati.sys
+ 2010-08-17 18:30 . 2001-08-18 00:55 96128 c:\windows\LastGood\system32\dllcache\ati.dll
+ 2010-08-17 18:30 . 2001-08-17 22:12 97354 c:\windows\LastGood\system32\dllcache\aspndis3.sys
+ 2010-08-17 18:30 . 2001-08-17 23:51 14848 c:\windows\LastGood\system32\dllcache\asc3550.sys
+ 2010-08-17 18:30 . 2001-08-17 23:52 22400 c:\windows\LastGood\system32\dllcache\asc3350p.sys
+ 2010-08-17 18:30 . 2001-08-17 23:52 26496 c:\windows\LastGood\system32\dllcache\asc.sys
+ 2010-08-17 18:30 . 2008-04-14 08:05 36224 c:\windows\LastGood\system32\dllcache\an983.sys
+ 2010-08-17 18:30 . 2001-08-17 23:52 12032 c:\windows\LastGood\system32\dllcache\amsint.sys
+ 2010-08-17 18:30 . 2008-04-14 10:06 43008 c:\windows\LastGood\system32\dllcache\amdagp.sys
+ 2010-08-17 18:30 . 2001-08-17 22:11 16969 c:\windows\LastGood\system32\dllcache\amb8002.sys
+ 2010-08-17 18:30 . 2008-04-14 10:06 42752 c:\windows\LastGood\system32\dllcache\alim1541.sys
+ 2010-08-17 18:30 . 2001-08-17 23:49 26624 c:\windows\LastGood\system32\dllcache\alifir.sys
+ 2010-08-17 18:30 . 2001-08-17 22:11 27678 c:\windows\LastGood\system32\dllcache\ali5261.sys
+ 2010-08-17 18:30 . 2001-08-18 00:07 56960 c:\windows\LastGood\system32\dllcache\aic78xx.sys
+ 2010-08-17 18:30 . 2001-08-18 00:07 55168 c:\windows\LastGood\system32\dllcache\aic78u2.sys
+ 2010-08-17 18:30 . 2001-08-17 23:52 12800 c:\windows\LastGood\system32\dllcache\aha154x.sys
+ 2010-08-17 18:30 . 2007-04-03 04:56 19456 c:\windows\LastGood\system32\dllcache\agt0804.dll
+ 2010-08-17 18:30 . 2007-04-03 04:56 19456 c:\windows\LastGood\system32\dllcache\agt0412.dll
+ 2010-08-17 18:30 . 2007-04-03 04:56 19456 c:\windows\LastGood\system32\dllcache\agt0411.dll
+ 2010-08-17 18:30 . 2007-04-03 04:56 19456 c:\windows\LastGood\system32\dllcache\agt040d.dll
+ 2010-08-17 18:30 . 2007-04-03 04:56 19456 c:\windows\LastGood\system32\dllcache\agt0404.dll
+ 2010-08-17 18:30 . 2007-04-03 04:56 19456 c:\windows\LastGood\system32\dllcache\agt0401.dll
+ 2010-08-17 18:30 . 2008-04-14 10:06 44928 c:\windows\LastGood\system32\dllcache\agpcpq.sys
+ 2010-08-17 18:30 . 2008-04-14 10:06 42368 c:\windows\LastGood\system32\dllcache\agp440.sys
+ 2010-08-17 18:30 . 2001-08-17 22:11 46112 c:\windows\LastGood\system32\dllcache\adptsf50.sys
+ 2010-08-17 18:30 . 2008-04-14 08:06 10880 c:\windows\LastGood\system32\dllcache\admjoy.sys
+ 2010-08-17 18:29 . 2003-03-24 21:52 16439 c:\windows\LastGood\system32\dllcache\admin.exe
+ 2010-08-17 18:29 . 2003-03-24 21:52 20540 c:\windows\LastGood\system32\dllcache\admin.dll
+ 2010-08-17 18:30 . 2001-08-18 08:36 61440 c:\windows\LastGood\system32\dllcache\acerscad.dll
+ 2010-08-17 18:30 . 2008-04-14 08:06 84480 c:\windows\LastGood\system32\dllcache\ac97via.sys
+ 2010-08-17 18:30 . 2001-08-17 22:20 96256 c:\windows\LastGood\system32\dllcache\ac97intc.sys
+ 2010-08-17 18:30 . 2001-08-17 23:52 23552 c:\windows\LastGood\system32\dllcache\abp480n5.sys
+ 2010-08-17 18:30 . 2001-08-18 00:55 38400 c:\windows\LastGood\system32\dllcache\8514a.dll
+ 2010-08-17 18:30 . 2008-04-14 10:16 48128 c:\windows\LastGood\system32\dllcache\61883.sys
+ 2010-08-17 18:30 . 2008-04-14 10:10 12288 c:\windows\LastGood\system32\dllcache\4mmdat.sys
+ 2010-08-17 18:30 . 2001-08-18 00:06 11264 c:\windows\LastGood\system32\dllcache\1394vdbg.sys
+ 2010-08-17 18:42 . 2001-08-18 08:37 4608 c:\windows\LastGood\system32\dllcache\xrxflnch.exe
+ 2010-08-17 18:41 . 2008-04-14 15:42 8192 c:\windows\LastGood\system32\dllcache\wshirda.dll
+ 2010-08-17 18:41 . 2008-04-14 10:10 5376 c:\windows\LastGood\system32\dllcache\viaide.sys
+ 2010-08-17 18:41 . 2001-08-17 23:28 7556 c:\windows\LastGood\system32\dllcache\usroslba.sys
+ 2010-08-17 18:40 . 2001-08-17 23:51 4992 c:\windows\LastGood\system32\dllcache\toside.sys
+ 2010-08-17 18:40 . 2001-08-17 23:52 7040 c:\windows\LastGood\system32\dllcache\tandqic.sys
+ 2010-08-17 18:40 . 2001-08-18 00:02 3968 c:\windows\LastGood\system32\dllcache\swusbflt.sys
+ 2010-08-17 18:39 . 2001-08-17 23:56 7552 c:\windows\LastGood\system32\dllcache\sonypvu1.sys
+ 2010-08-17 18:39 . 2001-08-17 23:53 9600 c:\windows\LastGood\system32\dllcache\sonymc.sys
+ 2010-08-17 18:39 . 2008-04-14 10:10 7552 c:\windows\LastGood\system32\dllcache\sonyait.sys
+ 2010-08-17 18:39 . 2001-08-17 23:53 7040 c:\windows\LastGood\system32\dllcache\snyaitmc.sys
+ 2010-08-17 18:39 . 2008-04-14 10:42 8704 c:\windows\LastGood\system32\dllcache\snmptrap.exe
+ 2010-08-17 18:39 . 2008-04-14 10:42 6144 c:\windows\LastGood\system32\dllcache\snmpmib.dll
+ 2010-08-17 18:39 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\smimsgif.dll
+ 2010-08-17 18:39 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\smierrsy.dll
+ 2010-08-17 18:39 . 2001-08-17 23:57 6784 c:\windows\LastGood\system32\dllcache\smbhc.sys
+ 2010-08-17 18:39 . 2008-04-14 10:06 6912 c:\windows\LastGood\system32\dllcache\smbclass.sys
+ 2010-08-17 18:39 . 2008-04-14 10:06 5888 c:\windows\LastGood\system32\dllcache\smbali.sys
+ 2010-08-17 18:39 . 2008-04-14 15:42 3901 c:\windows\LastGood\system32\dllcache\siint5.dll
+ 2010-08-17 18:39 . 2001-08-17 23:53 6784 c:\windows\LastGood\system32\dllcache\serscan.sys
+ 2010-08-17 18:39 . 2001-08-17 23:53 6912 c:\windows\LastGood\system32\dllcache\seaddsmc.sys
+ 2010-08-17 18:38 . 2001-08-18 08:36 9216 c:\windows\LastGood\system32\dllcache\rsmgrstr.dll
+ 2010-08-17 18:38 . 2001-08-17 22:19 3840 c:\windows\LastGood\system32\dllcache\rpfun.sys
+ 2010-08-17 18:38 . 2001-08-17 23:53 3328 c:\windows\LastGood\system32\dllcache\qv2kux.sys
+ 2010-08-17 18:38 . 2006-02-28 12:00 9728 c:\windows\LastGood\system32\dllcache\query.exe
+ 2010-08-17 18:38 . 2008-04-14 10:10 6016 c:\windows\LastGood\system32\dllcache\qic157.sys
+ 2010-08-17 18:38 . 2001-08-18 08:36 5632 c:\windows\LastGood\system32\dllcache\ptpusb.dll
+ 2010-08-17 18:38 . 2008-04-14 10:10 8832 c:\windows\LastGood\system32\dllcache\powerfil.sys
+ 2010-08-17 18:38 . 2001-08-17 23:53 7168 c:\windows\LastGood\system32\dllcache\pnrmc.sys
+ 2010-08-17 18:38 . 2006-02-28 12:00 6144 c:\windows\LastGood\system32\dllcache\pmxgl.dll
+ 2010-08-17 18:38 . 2001-08-18 00:07 5504 c:\windows\LastGood\system32\dllcache\perc2hib.sys
+ 2010-08-17 18:37 . 2001-08-17 23:47 9344 c:\windows\LastGood\system32\dllcache\ntapm.sys
+ 2010-08-17 18:37 . 2001-08-17 23:53 7552 c:\windows\LastGood\system32\dllcache\nsmmc.sys
+ 2010-08-17 18:37 . 2001-08-18 08:36 7168 c:\windows\LastGood\system32\dllcache\mxport.dll
+ 2010-08-17 18:36 . 2001-08-18 00:00 2944 c:\windows\LastGood\system32\dllcache\msmpu401.sys
+ 2010-08-17 18:36 . 2001-08-17 23:48 6016 c:\windows\LastGood\system32\dllcache\msfsio.sys
+ 2010-08-17 18:36 . 2001-08-17 23:52 6528 c:\windows\LastGood\system32\dllcache\miniqic.sys
+ 2010-08-17 18:36 . 2008-04-14 10:42 7680 c:\windows\LastGood\system32\dllcache\migregdb.exe
+ 2010-08-17 18:36 . 2001-08-17 23:58 8320 c:\windows\LastGood\system32\dllcache\memcard.sys
+ 2010-08-17 18:36 . 2001-08-17 23:52 7424 c:\windows\LastGood\system32\dllcache\mammoth.sys
+ 2010-08-17 18:36 . 2008-04-14 10:10 7040 c:\windows\LastGood\system32\dllcache\ltotape.sys
+ 2010-08-17 18:36 . 2001-08-17 23:53 4992 c:\windows\LastGood\system32\dllcache\loop.sys
+ 2010-08-17 18:36 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\kbdvntc.dll
+ 2010-08-17 18:36 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\kbdusa.dll
+ 2010-08-17 18:36 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\kbdurdu.dll
+ 2010-08-17 18:36 . 2006-02-28 12:00 6144 c:\windows\LastGood\system32\dllcache\kbdth3.dll
+ 2010-08-17 18:36 . 2006-02-28 12:00 6144 c:\windows\LastGood\system32\dllcache\kbdth2.dll
+ 2010-08-17 18:36 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\kbdth1.dll
+ 2010-08-17 18:36 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\kbdth0.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\kbdsyr2.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\kbdsyr1.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 7680 c:\windows\LastGood\system32\dllcache\kbdnecnt.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 9216 c:\windows\LastGood\system32\dllcache\kbdnecat.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 7168 c:\windows\LastGood\system32\dllcache\kbdnec95.dll
+ 2010-08-17 18:35 . 2008-04-14 10:39 6144 c:\windows\LastGood\system32\dllcache\kbdlk41j.dll
+ 2010-08-17 18:35 . 2008-04-14 10:39 6656 c:\windows\LastGood\system32\dllcache\kbdlk41a.dll
+ 2010-08-17 18:35 . 2001-08-18 08:36 8192 c:\windows\LastGood\system32\dllcache\kbdkor.dll
+ 2010-08-17 18:35 . 2001-08-18 08:36 8704 c:\windows\LastGood\system32\dllcache\kbdjpn.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\kbdintel.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\kbdintam.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 6144 c:\windows\LastGood\system32\dllcache\kbdinpun.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\kbdinmar.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\kbdinkan.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\kbdinhin.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\kbdinguj.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\kbdindev.dll
+ 2010-08-17 18:35 . 2008-04-14 10:39 7168 c:\windows\LastGood\system32\dllcache\kbdibm02.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\kbdheb.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 5120 c:\windows\LastGood\system32\dllcache\kbdgeo.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\kbdfa.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\kbddiv2.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\kbddiv1.dll
+ 2010-08-17 18:35 . 2008-04-14 10:39 6144 c:\windows\LastGood\system32\dllcache\kbdax2.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 5120 c:\windows\LastGood\system32\dllcache\kbdarmw.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 5120 c:\windows\LastGood\system32\dllcache\kbdarme.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\kbda3.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\kbda2.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 5632 c:\windows\LastGood\system32\dllcache\kbda1.dll
+ 2010-08-17 18:35 . 2008-04-14 10:39 6144 c:\windows\LastGood\system32\dllcache\kbd106n.dll
+ 2010-08-17 18:35 . 2008-04-14 15:39 6144 c:\windows\LastGood\system32\dllcache\kbd106.dll
+ 2010-08-17 18:35 . 2001-08-18 00:55 5632 c:\windows\LastGood\system32\dllcache\kbd103.dll
+ 2010-08-17 18:35 . 2001-08-18 00:55 6144 c:\windows\LastGood\system32\dllcache\kbd101c.dll
+ 2010-08-17 18:35 . 2001-08-18 00:55 6144 c:\windows\LastGood\system32\dllcache\kbd101b.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 6144 c:\windows\LastGood\system32\dllcache\kbd101a.dll
+ 2010-08-17 18:35 . 2008-04-14 10:39 6144 c:\windows\LastGood\system32\dllcache\kbd101.dll
+ 2010-08-17 18:35 . 2008-04-14 10:10 5504 c:\windows\LastGood\system32\dllcache\intelide.sys
+ 2010-08-17 18:34 . 2001-08-18 08:34 9216 c:\windows\LastGood\system32\dllcache\ibmsgnet.dll
+ 2010-08-17 18:34 . 2008-04-14 10:11 8576 c:\windows\LastGood\system32\dllcache\i2omgmt.sys
+ 2010-08-17 18:34 . 2001-08-18 08:36 9759 c:\windows\LastGood\system32\dllcache\hsf_inst.dll
+ 2010-08-17 18:34 . 2001-08-17 23:52 5760 c:\windows\LastGood\system32\dllcache\hpt4qic.sys
+ 2010-08-17 18:34 . 2001-08-18 00:02 2688 c:\windows\LastGood\system32\dllcache\hidswvd.sys
+ 2010-08-17 18:34 . 2001-08-18 00:02 8576 c:\windows\LastGood\system32\dllcache\hidgame.sys
+ 2010-08-17 18:33 . 2008-04-14 10:39 6656 c:\windows\LastGood\system32\dllcache\fxsres.dll
+ 2010-08-17 18:33 . 2008-04-14 10:41 8704 c:\windows\LastGood\system32\dllcache\fxsperf.dll
+ 2010-08-17 18:33 . 2006-02-28 12:00 6144 c:\windows\LastGood\system32\dllcache\ftlx041e.dll
+ 2010-08-17 18:33 . 2008-04-14 10:39 7168 c:\windows\LastGood\system32\dllcache\f3ahvoas.dll
+ 2010-08-17 18:39 . 2001-08-18 03:36 7168 c:\windows\LastGood\system32\dllcache\EXCH_snprfdll.dll
+ 2010-08-17 18:30 . 2001-08-18 03:36 5632 c:\windows\LastGood\system32\dllcache\EXCH_adsiisex.dll
+ 2010-08-17 18:33 . 2001-08-17 23:52 7040 c:\windows\LastGood\system32\dllcache\exabyte2.sys
+ 2010-08-17 18:33 . 2001-08-17 23:53 7296 c:\windows\LastGood\system32\dllcache\elmsmc.sys
+ 2010-08-17 18:33 . 2001-08-17 23:47 8704 c:\windows\LastGood\system32\dllcache\dot4scan.sys
+ 2010-08-17 18:33 . 2008-04-14 10:10 8320 c:\windows\LastGood\system32\dllcache\dlttape.sys
+ 2010-08-17 18:33 . 2001-08-18 08:36 6216 c:\windows\LastGood\system32\dllcache\divaci.dll
+ 2010-08-17 18:32 . 2001-08-18 08:36 6729 c:\windows\LastGood\system32\dllcache\disrvci.dll
+ 2010-08-17 18:32 . 2001-08-17 23:52 7424 c:\windows\LastGood\system32\dllcache\ddsmc.sys
+ 2010-08-17 18:32 . 2001-08-17 22:19 3584 c:\windows\LastGood\system32\dllcache\cwcosnt5.sys
+ 2010-08-17 18:32 . 2001-08-17 22:19 3072 c:\windows\LastGood\system32\dllcache\cwbmidi.sys
+ 2010-08-17 18:32 . 2001-08-17 22:19 3072 c:\windows\LastGood\system32\dllcache\cwbase.sys
+ 2010-08-17 18:32 . 2001-08-18 08:36 4096 c:\windows\LastGood\system32\dllcache\ctwdm32.dll
+ 2010-08-17 18:32 . 2001-08-17 22:19 3712 c:\windows\LastGood\system32\dllcache\ctljystk.sys
+ 2010-08-17 18:32 . 2001-08-17 22:19 6912 c:\windows\LastGood\system32\dllcache\ctlfacem.sys
+ 2010-08-17 18:32 . 2001-08-17 23:51 6656 c:\windows\LastGood\system32\dllcache\cmdide.sys
+ 2010-08-17 18:32 . 2008-04-14 10:11 8192 c:\windows\LastGood\system32\dllcache\changer.sys
+ 2010-08-17 18:32 . 2006-02-28 12:00 9728 c:\windows\LastGood\system32\dllcache\change.exe
+ 2010-08-17 18:32 . 2001-08-17 23:52 7680 c:\windows\LastGood\system32\dllcache\cd20xrnt.sys
+ 2010-08-17 18:31 . 2006-02-28 12:00 6656 c:\windows\LastGood\system32\dllcache\c_is2022.dll
+ 2010-08-17 18:31 . 2001-08-18 08:36 9728 c:\windows\LastGood\system32\dllcache\brserif.dll
+ 2010-08-17 18:31 . 2001-08-18 08:36 5120 c:\windows\LastGood\system32\dllcache\brscnrsm.dll
+ 2010-08-17 18:31 . 2001-08-17 23:12 3168 c:\windows\LastGood\system32\dllcache\brparimg.sys
+ 2010-08-17 18:31 . 2001-08-17 23:12 3968 c:\windows\LastGood\system32\dllcache\brfiltup.sys
+ 2010-08-17 18:31 . 2001-08-17 23:12 2944 c:\windows\LastGood\system32\dllcache\brfilt.sys
+ 2010-08-17 18:31 . 2001-08-18 08:36 9728 c:\windows\LastGood\system32\dllcache\brcoinst.dll
+ 2010-08-17 18:31 . 2001-08-17 22:49 9472 c:\windows\LastGood\system32\dllcache\ativmdcd.sys
+ 2010-08-17 18:30 . 2001-08-17 23:47 6272 c:\windows\LastGood\system32\dllcache\apmbatt.sys
+ 2010-08-17 18:30 . 2001-08-17 23:51 5248 c:\windows\LastGood\system32\dllcache\aliide.sys
+ 2010-08-17 18:30 . 2008-04-14 15:41 3775 c:\windows\LastGood\system32\dllcache\adv11nt5.dll
+ 2010-08-17 18:30 . 2008-04-14 15:41 3711 c:\windows\LastGood\system32\dllcache\adv09nt5.dll
+ 2010-08-17 18:30 . 2008-04-14 15:41 3135 c:\windows\LastGood\system32\dllcache\adv08nt5.dll
+ 2010-08-17 18:30 . 2008-04-14 15:41 3647 c:\windows\LastGood\system32\dllcache\adv07nt5.dll
+ 2010-08-17 18:30 . 2008-04-14 15:41 3615 c:\windows\LastGood\system32\dllcache\adv05nt5.dll
+ 2010-08-17 18:30 . 2008-04-14 15:41 3967 c:\windows\LastGood\system32\dllcache\adv02nt5.dll
+ 2010-08-17 18:30 . 2008-04-14 15:41 4255 c:\windows\LastGood\system32\dllcache\adv01nt5.dll
+ 2010-08-17 18:30 . 2001-08-17 23:53 7424 c:\windows\LastGood\system32\dllcache\adicvls.sys
- 2004-08-12 14:03 . 2010-08-17 17:29 441454 c:\windows\system32\perfh009.dat
+ 2004-08-12 14:03 . 2010-08-17 17:52 441454 c:\windows\system32\perfh009.dat
+ 2010-08-17 18:42 . 2008-04-14 15:42 116224 c:\windows\LastGood\system32\dllcache\xrxwiadr.dll
+ 2010-08-17 18:41 . 2008-04-14 08:05 154624 c:\windows\LastGood\system32\dllcache\wlluc48.sys
+ 2010-08-17 18:41 . 2001-08-17 23:28 771581 c:\windows\LastGood\system32\dllcache\winacisa.sys
+ 2010-08-17 18:41 . 2001-08-17 23:28 701386 c:\windows\LastGood\system32\dllcache\wdhaalba.sys
+ 2010-08-17 18:41 . 2001-08-17 23:28 397502 c:\windows\LastGood\system32\dllcache\vpctcom.sys
+ 2010-08-17 18:41 . 2008-04-14 10:41 426041 c:\windows\LastGood\system32\dllcache\voicepad.dll
+ 2010-08-17 18:41 . 2001-08-17 23:28 604253 c:\windows\LastGood\system32\dllcache\vmodem.sys
+ 2010-08-17 18:41 . 2001-08-17 22:14 249402 c:\windows\LastGood\system32\dllcache\vinwm.sys
+ 2010-08-17 18:41 . 2001-08-17 23:28 687999 c:\windows\LastGood\system32\dllcache\usrwdxjs.sys
+ 2010-08-17 18:41 . 2001-08-17 23:28 765884 c:\windows\LastGood\system32\dllcache\usrti.sys
+ 2010-08-17 18:41 . 2001-08-17 23:28 113762 c:\windows\LastGood\system32\dllcache\usrpda.sys
+ 2010-08-17 18:41 . 2001-08-17 23:28 224802 c:\windows\LastGood\system32\dllcache\usr1807a.sys
+ 2010-08-17 18:41 . 2001-08-17 23:28 794399 c:\windows\LastGood\system32\dllcache\usr1806v.sys
+ 2010-08-17 18:41 . 2001-08-17 23:28 793598 c:\windows\LastGood\system32\dllcache\usr1806.sys
+ 2010-08-17 18:41 . 2001-08-17 23:28 794654 c:\windows\LastGood\system32\dllcache\usr1801.sys
+ 2010-08-17 18:40 . 2008-04-14 10:16 121984 c:\windows\LastGood\system32\dllcache\usbvideo.sys
+ 2010-08-17 18:40 . 2001-08-18 08:36 211968 c:\windows\LastGood\system32\dllcache\um54scan.dll
+ 2010-08-17 18:40 . 2001-08-18 08:36 216064 c:\windows\LastGood\system32\dllcache\um34scan.dll
+ 2010-08-17 18:40 . 2001-08-17 22:51 166784 c:\windows\LastGood\system32\dllcache\tridxpm.sys
+ 2010-08-17 18:40 . 2001-08-18 08:36 525568 c:\windows\LastGood\system32\dllcache\tridxp.dll
+ 2010-08-17 18:40 . 2001-08-17 22:51 159232 c:\windows\LastGood\system32\dllcache\tridkbm.sys
+ 2010-08-17 18:40 . 2001-08-18 00:56 440576 c:\windows\LastGood\system32\dllcache\tridkb.dll
+ 2010-08-17 18:40 . 2001-08-17 22:51 222336 c:\windows\LastGood\system32\dllcache\trid3dm.sys
+ 2010-08-17 18:40 . 2001-08-18 00:56 315520 c:\windows\LastGood\system32\dllcache\trid3d.dll
+ 2010-08-17 18:40 . 2001-08-18 00:02 230912 c:\windows\LastGood\system32\dllcache\tosdvd03.sys
+ 2010-08-17 18:40 . 2001-08-18 00:01 241664 c:\windows\LastGood\system32\dllcache\tosdvd02.sys
+ 2010-08-17 18:40 . 2001-08-17 22:14 123995 c:\windows\LastGood\system32\dllcache\tjisdn.sys
+ 2010-08-17 18:40 . 2006-02-28 12:00 455168 c:\windows\LastGood\system32\dllcache\tintsetp.exe
+ 2010-08-17 18:40 . 2006-02-28 12:00 185344 c:\windows\LastGood\system32\dllcache\thawbrkr.dll
+ 2010-08-17 18:40 . 2001-08-17 22:51 138528 c:\windows\LastGood\system32\dllcache\tgiulnt5.sys
+ 2010-08-17 18:40 . 2008-04-14 10:10 149376 c:\windows\LastGood\system32\dllcache\tffsport.sys
+ 2010-08-17 18:40 . 2001-08-18 00:56 172768 c:\windows\LastGood\system32\dllcache\t2r4disp.dll
+ 2010-08-17 18:40 . 2001-08-17 23:50 103936 c:\windows\LastGood\system32\dllcache\sx.sys
+ 2010-08-17 18:40 . 2001-08-18 08:36 155648 c:\windows\LastGood\system32\dllcache\stlnprop.dll
+ 2010-08-17 18:40 . 2001-08-17 22:18 285760 c:\windows\LastGood\system32\dllcache\stlnata.sys
+ 2010-08-17 18:40 . 2006-02-28 12:00 101376 c:\windows\LastGood\system32\dllcache\srusbusd.dll
+ 2010-08-17 18:40 . 2001-08-18 08:36 106584 c:\windows\LastGood\system32\dllcache\spdports.dll
+ 2010-08-17 18:39 . 2001-08-18 08:36 114688 c:\windows\LastGood\system32\dllcache\sonypi.dll
+ 2010-08-17 18:39 . 2006-02-28 12:00 143422 c:\windows\LastGood\system32\dllcache\softkey.dll
+ 2010-08-17 18:39 . 2008-04-14 10:42 188416 c:\windows\LastGood\system32\dllcache\snmpsmir.dll
+ 2010-08-17 18:39 . 2008-04-14 10:42 358400 c:\windows\LastGood\system32\dllcache\snmpincl.dll
+ 2010-08-17 18:39 . 2008-04-14 10:42 259072 c:\windows\LastGood\system32\dllcache\snmpcl.dll
+ 2010-08-17 18:39 . 2008-04-14 10:42 456192 c:\windows\LastGood\system32\dllcache\smtpsvc.dll
+ 2010-08-17 18:39 . 2001-08-18 00:56 147200 c:\windows\LastGood\system32\dllcache\smidispb.dll
+ 2010-08-17 18:39 . 2008-04-14 10:42 236544 c:\windows\LastGood\system32\dllcache\smi2smir.exe
+ 2010-08-17 18:39 . 2008-04-14 09:53 404990 c:\windows\LastGood\system32\dllcache\slntamr.sys
+ 2010-08-17 18:39 . 2008-04-14 09:53 129535 c:\windows\LastGood\system32\dllcache\slnt7554.sys
+ 2010-08-17 18:39 . 2008-04-14 15:42 188508 c:\windows\LastGood\system32\dllcache\slgen.dll
+ 2010-08-17 18:39 . 2008-04-14 15:42 286792 c:\windows\LastGood\system32\dllcache\slextspk.dll
+ 2010-08-17 18:39 . 2001-08-18 00:56 157696 c:\windows\LastGood\system32\dllcache\sisv256.dll
+ 2010-08-17 18:39 . 2001-08-18 08:36 238592 c:\windows\LastGood\system32\dllcache\sisgrv.dll
+ 2010-08-17 18:39 . 2001-08-17 22:50 104064 c:\windows\LastGood\system32\dllcache\sisgrp.sys
+ 2010-08-17 18:39 . 2001-08-18 00:56 150144 c:\windows\LastGood\system32\dllcache\sis6306v.dll
+ 2010-08-17 18:39 . 2001-08-18 00:56 252032 c:\windows\LastGood\system32\dllcache\sis300iv.dll
+ 2010-08-17 18:39 . 2001-08-17 22:50 101760 c:\windows\LastGood\system32\dllcache\sis300ip.sys
+ 2010-08-17 18:39 . 2001-07-22 00:29 161568 c:\windows\LastGood\system32\dllcache\sgsmusb.sys
+ 2010-08-17 18:39 . 2001-08-18 08:36 386560 c:\windows\LastGood\system32\dllcache\sgiul50.dll
+ 2010-08-17 18:39 . 2001-08-18 08:36 495616 c:\windows\LastGood\system32\dllcache\sblfx.dll
+ 2010-08-17 18:39 . 2001-08-18 00:56 245632 c:\windows\LastGood\system32\dllcache\s3savmx.dll
+ 2010-08-17 18:39 . 2001-08-18 00:56 198400 c:\windows\LastGood\system32\dllcache\s3sav4.dll
+ 2010-08-17 18:39 . 2001-08-18 00:56 179264 c:\windows\LastGood\system32\dllcache\s3sav3d.dll
+ 2010-08-17 18:39 . 2001-08-18 00:56 210496 c:\windows\LastGood\system32\dllcache\s3mvirge.dll
+ 2010-08-17 18:39 . 2001-08-18 00:56 182272 c:\windows\LastGood\system32\dllcache\s3mt3d.dll
+ 2010-08-17 18:39 . 2001-08-17 22:50 166720 c:\windows\LastGood\system32\dllcache\s3m.sys
+ 2010-08-17 18:39 . 2008-04-14 08:04 166912 c:\windows\LastGood\system32\dllcache\s3gnbm.sys
+ 2010-08-17 18:38 . 2008-04-14 15:42 397056 c:\windows\LastGood\system32\dllcache\s3gnb.dll
+ 2010-08-17 18:38 . 2001-08-17 23:28 714762 c:\windows\LastGood\system32\dllcache\r2mdmkxx.sys
+ 2010-08-17 18:38 . 2001-08-17 23:28 899146 c:\windows\LastGood\system32\dllcache\r2mdkxga.sys
+ 2010-08-17 18:38 . 2001-08-17 23:28 130942 c:\windows\LastGood\system32\dllcache\ptserlv.sys
+ 2010-08-17 18:38 . 2001-08-17 23:28 112574 c:\windows\LastGood\system32\dllcache\ptserlp.sys
+ 2010-08-17 18:38 . 2001-08-17 23:28 128286 c:\windows\LastGood\system32\dllcache\ptserli.sys
+ 2010-08-17 18:38 . 2008-04-14 15:42 159232 c:\windows\LastGood\system32\dllcache\ptpusd.dll
+ 2010-08-17 18:38 . 2008-04-14 15:42 363520 c:\windows\LastGood\system32\dllcache\psisdecd.dll
+ 2010-08-17 18:38 . 2006-02-28 12:00 131584 c:\windows\LastGood\system32\dllcache\pmxviceo.dll
+ 2010-08-17 18:38 . 2008-04-14 10:40 175104 c:\windows\LastGood\system32\dllcache\pintlcsa.dll
+ 2010-08-17 18:38 . 2001-08-18 08:36 121344 c:\windows\LastGood\system32\dllcache\phvfwext.dll
+ 2010-08-17 18:38 . 2001-08-18 00:04 173696 c:\windows\LastGood\system32\dllcache\philcam2.sys
+ 2010-08-17 18:38 . 2008-04-14 15:40 259328 c:\windows\LastGood\system32\dllcache\perm3dd.dll
+ 2010-08-17 18:38 . 2008-04-14 15:40 211584 c:\windows\LastGood\system32\dllcache\perm2dll.dll
+ 2010-08-17 18:38 . 2008-04-14 07:42 169984 c:\windows\LastGood\system32\dllcache\pcx500.sys
+ 2010-08-17 18:37 . 2001-08-18 00:05 351616 c:\windows\LastGood\system32\dllcache\ovcodek2.sys
+ 2010-08-17 18:37 . 2001-08-18 08:36 116736 c:\windows\LastGood\system32\dllcache\ovcodec2.dll
+ 2010-08-17 18:37 . 2001-08-17 22:50 198144 c:\windows\LastGood\system32\dllcache\nv3.sys
+ 2010-08-17 18:37 . 2001-08-18 08:36 123776 c:\windows\LastGood\system32\dllcache\nv3.dll
+ 2010-08-17 18:37 . 2008-04-14 09:53 180360 c:\windows\LastGood\system32\dllcache\ntmtlfax.sys
+ 2010-08-17 18:37 . 2001-08-17 22:20 126080 c:\windows\LastGood\system32\dllcache\nm5a2wdm.sys
+ 2010-08-17 18:37 . 2008-04-14 08:05 132695 c:\windows\LastGood\system32\dllcache\netwlan5.sys
+ 2010-08-17 18:37 . 2001-08-17 22:11 128000 c:\windows\LastGood\system32\dllcache\n100325.sys
+ 2010-08-17 18:37 . 2006-02-28 12:00 229439 c:\windows\LastGood\system32\dllcache\multibox.dll
+ 2010-08-17 18:37 . 2001-08-17 22:50 103296 c:\windows\LastGood\system32\dllcache\mtxvideo.sys
+ 2010-08-17 18:37 . 2008-04-14 08:04 452736 c:\windows\LastGood\system32\dllcache\mtxparhm.sys
+ 2010-08-17 18:37 . 2008-04-14 10:42 119808 c:\windows\LastGood\system32\dllcache\mtstocom.exe
+ 2010-08-17 18:37 . 2008-04-14 09:53 126686 c:\windows\LastGood\system32\dllcache\mtlmnt5.sys
+ 2010-08-17 18:36 . 2001-08-17 22:50 320384 c:\windows\LastGood\system32\dllcache\mgaum.sys
+ 2010-08-17 18:36 . 2001-08-18 00:56 235648 c:\windows\LastGood\system32\dllcache\mgaud.dll
+ 2010-08-17 18:36 . 2001-08-17 22:12 164586 c:\windows\LastGood\system32\dllcache\mdgndis5.sys
+ 2010-08-17 18:36 . 2001-08-17 23:28 797500 c:\windows\LastGood\system32\dllcache\ltsmt.sys
+ 2010-08-17 18:36 . 2001-08-17 23:28 802683 c:\windows\LastGood\system32\dllcache\ltsm.sys
+ 2010-08-17 18:36 . 2008-04-14 09:53 420992 c:\windows\LastGood\system32\dllcache\ltmdmntt.sys
+ 2010-08-17 18:36 . 2001-08-17 23:28 576746 c:\windows\LastGood\system32\dllcache\ltmdmntl.sys
+ 2010-08-17 18:36 . 2008-04-14 09:53 606684 c:\windows\LastGood\system32\dllcache\ltmdmnt.sys
+ 2010-08-17 18:36 . 2001-08-17 23:28 727786 c:\windows\LastGood\system32\dllcache\ltck000c.sys
+ 2010-08-17 18:36 . 2008-04-14 15:41 253952 c:\windows\LastGood\system32\dllcache\kdsusd.dll
+ 2010-08-17 18:35 . 2008-04-14 15:42 151552 c:\windows\LastGood\system32\dllcache\irftp.exe
+ 2010-08-17 18:35 . 2008-04-14 10:39 315455 c:\windows\LastGood\system32\dllcache\imskf.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 471102 c:\windows\LastGood\system32\dllcache\imskdic.dll
+ 2010-08-17 18:35 . 2008-04-14 10:39 102456 c:\windows\LastGood\system32\dllcache\imlang.dll
+ 2010-08-17 18:35 . 2008-04-14 10:39 274489 c:\windows\LastGood\system32\dllcache\imjputyc.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 262200 c:\windows\LastGood\system32\dllcache\imjputy.exe
+ 2010-08-17 18:35 . 2006-02-28 12:00 233527 c:\windows\LastGood\system32\dllcache\imjprw.exe
+ 2010-08-17 18:35 . 2006-02-28 12:00 208952 c:\windows\LastGood\system32\dllcache\imjpmig.exe
+ 2010-08-17 18:35 . 2006-02-28 12:00 196665 c:\windows\LastGood\system32\dllcache\imjpinst.exe
+ 2010-08-17 18:35 . 2006-02-28 12:00 155705 c:\windows\LastGood\system32\dllcache\imjpdsvr.exe
+ 2010-08-17 18:35 . 2006-02-28 12:00 307257 c:\windows\LastGood\system32\dllcache\imjpdct.exe
+ 2010-08-17 18:35 . 2008-04-14 10:39 716856 c:\windows\LastGood\system32\dllcache\imjpcus.dll
+ 2010-08-17 18:35 . 2008-04-14 10:39 368696 c:\windows\LastGood\system32\dllcache\imjpcic.dll
+ 2010-08-17 18:35 . 2008-04-14 10:39 811064 c:\windows\LastGood\system32\dllcache\imjp81k.dll
+ 2010-08-17 18:35 . 2006-02-28 12:00 311359 c:\windows\LastGood\system32\dllcache\imepadsv.exe
+ 2010-08-17 18:35 . 2006-02-28 12:00 102463 c:\windows\LastGood\system32\dllcache\imepadsm.dll
+ 2010-08-17 18:35 . 2008-04-14 10:39 106496 c:\windows\LastGood\system32\dllcache\imekrcic.dll
+ 2010-08-17 18:35 . 2001-08-18 08:36 372824 c:\windows\LastGood\system32\dllcache\iconf32.dll
+ 2010-08-17 18:35 . 2001-08-18 00:06 100992 c:\windows\LastGood\system32\dllcache\icam5usb.sys
+ 2010-08-17 18:35 . 2001-08-18 00:06 154496 c:\windows\LastGood\system32\dllcache\icam4usb.sys
+ 2010-08-17 18:35 . 2001-08-18 00:05 141056 c:\windows\LastGood\system32\dllcache\icam3.sys
+ 2010-08-17 18:34 . 2001-08-17 22:12 109085 c:\windows\LastGood\system32\dllcache\ibmtrp.sys
+ 2010-08-17 18:34 . 2001-08-17 22:12 100936 c:\windows\LastGood\system32\dllcache\ibmtok.sys
+ 2010-08-17 18:34 . 2008-04-14 08:04 161020 c:\windows\LastGood\system32\dllcache\i81xnt5.sys
+ 2010-08-17 18:34 . 2008-04-14 15:41 702845 c:\windows\LastGood\system32\dllcache\i81xdnt5.dll
+ 2010-08-17 18:34 . 2001-08-18 00:56 353184 c:\windows\LastGood\system32\dllcache\i740dnt5.dll
+ 2010-08-17 18:34 . 2008-04-14 09:53 685056 c:\windows\LastGood\system32\dllcache\hsfcxts2.sys
+ 2010-08-17 18:34 . 2008-04-14 09:53 220032 c:\windows\LastGood\system32\dllcache\hsfbs2s2.sys
+ 2010-08-17 18:34 . 2001-08-17 23:28 488383 c:\windows\LastGood\system32\dllcache\hsf_v124.sys
+ 2010-08-17 18:34 . 2001-08-17 23:28 542879 c:\windows\LastGood\system32\dllcache\hsf_msft.sys
+ 2010-08-17 18:34 . 2001-08-17 23:28 391199 c:\windows\LastGood\system32\dllcache\hsf_k56k.sys
+ 2010-08-17 18:34 . 2001-08-17 23:28 115807 c:\windows\LastGood\system32\dllcache\hsf_fsks.sys
+ 2010-08-17 18:34 . 2001-08-17 23:28 199711 c:\windows\LastGood\system32\dllcache\hsf_faxx.sys
+ 2010-08-17 18:34 . 2001-08-17 23:28 289887 c:\windows\LastGood\system32\dllcache\hsf_fall.sys
+ 2010-08-17 18:34 . 2001-08-17 23:28 150239 c:\windows\LastGood\system32\dllcache\hsf_amos.sys
+ 2010-08-17 18:34 . 2001-08-18 08:36 324608 c:\windows\LastGood\system32\dllcache\hpojwia.dll
+ 2010-08-17 18:34 . 2001-08-18 08:36 165888 c:\windows\LastGood\system32\dllcache\hpgt53.dll
+ 2010-08-17 18:34 . 2001-08-18 08:36 126976 c:\windows\LastGood\system32\dllcache\hpgt34tk.dll
+ 2010-08-17 18:34 . 2001-08-18 08:36 101376 c:\windows\LastGood\system32\dllcache\hpgt34.dll
+ 2010-08-17 18:34 . 2001-08-18 08:36 123392 c:\windows\LastGood\system32\dllcache\hpgt21tk.dll
+ 2010-08-17 18:34 . 2001-08-18 08:36 119296 c:\windows\LastGood\system32\dllcache\hpdigwia.dll
+ 2010-08-17 18:34 . 2001-08-17 23:28 907456 c:\windows\LastGood\system32\dllcache\hcf_msft.sys
+ 2010-08-17 18:34 . 2001-08-17 22:49 322432 c:\windows\LastGood\system32\dllcache\g400m.sys
+ 2010-08-17 18:34 . 2001-08-17 22:49 320384 c:\windows\LastGood\system32\dllcache\g200m.sys
+ 2010-08-17 18:34 . 2001-08-18 00:56 470144 c:\windows\LastGood\system32\dllcache\g200d.dll
+ 2010-08-17 18:34 . 2001-08-17 22:15 454912 c:\windows\LastGood\system32\dllcache\fxusbase.sys
+ 2010-08-17 18:34 . 2008-04-14 10:41 400384 c:\windows\LastGood\system32\dllcache\fxsxp32.dll
+ 2010-08-17 18:34 . 2008-04-14 10:41 192512 c:\windows\LastGood\system32\dllcache\fxswzrd.dll
+ 2010-08-17 18:34 . 2008-04-14 10:41 154112 c:\windows\LastGood\system32\dllcache\fxsui.dll
+ 2010-08-17 18:34 . 2008-04-14 10:41 397312 c:\windows\LastGood\system32\dllcache\fxstiff.dll
+ 2010-08-17 18:34 . 2008-04-14 10:41 246272 c:\windows\LastGood\system32\dllcache\fxst30.dll
+ 2010-08-17 18:34 . 2008-04-14 10:42 267776 c:\windows\LastGood\system32\dllcache\fxssvc.exe
+ 2010-08-17 18:34 . 2008-04-14 10:41 562176 c:\windows\LastGood\system32\dllcache\fxsst.dll
+ 2010-08-17 18:33 . 2008-04-14 10:42 229376 c:\windows\LastGood\system32\dllcache\fxscover.exe
+ 2010-08-17 18:33 . 2008-04-14 10:41 285184 c:\windows\LastGood\system32\dllcache\fxscomex.dll
+ 2010-08-17 18:33 . 2006-02-28 12:00 132608 c:\windows\LastGood\system32\dllcache\fxsclntr.dll
+ 2010-08-17 18:33 . 2008-04-14 10:42 142848 c:\windows\LastGood\system32\dllcache\fxsclnt.exe
+ 2010-08-17 18:33 . 2006-02-28 12:00 111104 c:\windows\LastGood\system32\dllcache\fxscfgwz.dll
+ 2010-08-17 18:33 . 2008-04-14 10:41 451584 c:\windows\LastGood\system32\dllcache\fxsapi.dll
+ 2010-08-17 18:33 . 2001-08-17 22:15 455296 c:\windows\LastGood\system32\dllcache\fusbbase.sys
+ 2010-08-17 18:33 . 2001-08-17 22:15 455680 c:\windows\LastGood\system32\dllcache\fus2base.sys
+ 2010-08-17 18:33 . 2001-08-17 22:15 442240 c:\windows\LastGood\system32\dllcache\fpnpbase.sys
+ 2010-08-17 18:29 . 2003-03-24 21:52 208896 c:\windows\LastGood\system32\dllcache\fpmmcsat.dll
+ 2010-08-17 18:29 . 2004-05-13 05:39 598071 c:\windows\LastGood\system32\dllcache\fpmmc.dll
+ 2010-08-17 18:29 . 2003-03-24 21:52 188494 c:\windows\LastGood\system32\dllcache\fpcount.exe
+ 2010-08-17 18:33 . 2001-08-17 22:14 441728 c:\windows\LastGood\system32\dllcache\fpcmbase.sys
+ 2010-08-17 18:33 . 2001-08-17 22:14 444416 c:\windows\LastGood\system32\dllcache\fpcibase.sys
+ 2010-08-17 18:29 . 2003-03-24 21:52 109328 c:\windows\LastGood\system32\dllcache\fp98swin.exe
+ 2010-08-17 18:29 . 2004-05-13 05:39 876653 c:\windows\LastGood\system32\dllcache\fp4awel.dll
+ 2010-08-17 18:29 . 2003-03-24 21:52 102509 c:\windows\LastGood\system32\dllcache\fp4atxt.dll
+ 2010-08-17 18:29 . 2003-03-24 21:52 147513 c:\windows\LastGood\system32\dllcache\fp4apws.dll
+ 2010-08-17 18:29 . 2004-05-13 05:39 184435 c:\windows\LastGood\system32\dllcache\fp4amsft.dll
+ 2010-08-17 18:33 . 2008-04-14 10:41 101888 c:\windows\LastGood\system32\dllcache\evntagnt.dll
+ 2010-08-17 18:33 . 2008-04-14 08:06 137088 c:\windows\LastGood\system32\dllcache\essm2e.sys
+ 2010-08-17 18:33 . 2001-08-17 23:28 347550 c:\windows\LastGood\system32\dllcache\es56tpi.sys
+ 2010-08-17 18:33 . 2001-08-17 23:28 594238 c:\windows\LastGood\system32\dllcache\es56hpi.sys
+ 2010-08-17 18:33 . 2001-08-17 23:28 595647 c:\windows\LastGood\system32\dllcache\es56cvmp.sys
+ 2010-08-17 18:33 . 2001-08-17 22:19 174464 c:\windows\LastGood\system32\dllcache\es198x.sys
+ 2010-08-17 18:33 . 2001-08-17 22:17 629952 c:\windows\LastGood\system32\dllcache\eqn.sys
+ 2010-08-17 18:33 . 2001-08-17 23:50 114944 c:\windows\LastGood\system32\dllcache\epstw2k.sys
+ 2010-08-17 18:33 . 2001-08-17 23:50 144896 c:\windows\LastGood\system32\dllcache\epcfw2k.sys
+ 2010-08-17 18:33 . 2001-08-17 22:19 283904 c:\windows\LastGood\system32\dllcache\emu10k1m.sys
+ 2010-08-17 18:33 . 2001-08-17 22:11 171520 c:\windows\LastGood\system32\dllcache\el99xn51.sys
+ 2010-08-17 18:33 . 2001-08-17 22:11 455199 c:\windows\LastGood\system32\dllcache\el985n51.sys
+ 2010-08-17 18:33 . 2001-08-17 22:11 153631 c:\windows\LastGood\system32\dllcache\el90xnd5.sys
+ 2010-08-17 18:33 . 2001-08-17 23:28 241206 c:\windows\LastGood\system32\dllcache\el656se5.sys
+ 2010-08-17 18:33 . 2001-08-17 23:28 634134 c:\windows\LastGood\system32\dllcache\el656ct5.sys
+ 2010-08-17 18:33 . 2006-02-28 12:00 514587 c:\windows\LastGood\system32\dllcache\edb500.dll
+ 2010-08-17 18:33 . 2001-08-17 22:12 117760 c:\windows\LastGood\system32\dllcache\e100b325.sys
+ 2010-08-17 18:33 . 2001-08-17 22:20 334208 c:\windows\LastGood\system32\dllcache\ds1wdm.sys
+ 2010-08-17 18:33 . 2008-04-14 10:09 206976 c:\windows\LastGood\system32\dllcache\dot4.sys
+ 2010-08-17 18:33 . 2001-08-17 22:14 952007 c:\windows\LastGood\system32\dllcache\diwan.sys
+ 2010-08-17 18:33 . 2001-08-18 08:36 236060 c:\windows\LastGood\system32\dllcache\ditrace.exe
+ 2010-08-17 18:32 . 2001-08-18 08:36 614429 c:\windows\LastGood\system32\dllcache\digiview.exe
+ 2010-08-17 18:32 . 2001-08-18 08:36 110621 c:\windows\LastGood\system32\dllcache\digirlpt.dll
+ 2010-08-17 18:32 . 2001-08-18 08:36 102484 c:\windows\LastGood\system32\dllcache\digiinf.dll
+ 2010-08-17 18:32 . 2001-08-18 08:36 159828 c:\windows\LastGood\system32\dllcache\digihlc.dll
+ 2010-08-17 18:32 . 2001-08-18 08:36 229462 c:\windows\LastGood\system32\dllcache\digifwrk.dll
+ 2010-08-17 18:32 . 2001-08-17 22:13 103044 c:\windows\LastGood\system32\dllcache\digidxb.sys
+ 2010-08-17 18:32 . 2001-08-18 08:36 131156 c:\windows\LastGood\system32\dllcache\digidbp.dll
+ 2010-08-17 18:31 . 2001-08-17 22:13 164923 c:\windows\LastGood\system32\dllcache\diapi2.sys
+ 2010-08-17 18:32 . 2001-08-18 08:36 419357 c:\windows\LastGood\system32\dllcache\dgconfig.dll
+ 2010-08-17 18:32 . 2001-08-18 08:36 256512 c:\windows\LastGood\system32\dllcache\devcon32.dll
+ 2010-08-17 18:32 . 2001-08-18 08:36 110592 c:\windows\LastGood\system32\dllcache\dc260usd.dll
+ 2010-08-17 18:32 . 2001-08-17 23:52 179584 c:\windows\LastGood\system32\dllcache\dac2w2k.sys
+ 2010-08-17 18:32 . 2001-08-17 22:12 117760 c:\windows\LastGood\system32\dllcache\d100ib5.sys
+ 2010-08-17 18:32 . 2001-08-17 22:19 111872 c:\windows\LastGood\system32\dllcache\cwcspud.sys
+ 2010-08-17 18:32 . 2008-04-14 15:41 249856 c:\windows\LastGood\system32\dllcache\ctmasetp.dll
+ 2010-08-17 18:32 . 2001-08-18 08:36 175104 c:\windows\LastGood\system32\dllcache\csamsp.dll
+ 2010-08-17 18:32 . 2001-08-18 08:36 216064 c:\windows\LastGood\system32\dllcache\cpscan.dll
+ 2010-08-17 18:32 . 2001-08-17 23:57 248064 c:\windows\LastGood\system32\dllcache\cl546xm.sys
+ 2010-08-17 18:32 . 2001-08-18 00:56 170880 c:\windows\LastGood\system32\dllcache\cl546x.dll
+ 2010-08-17 18:32 . 2001-08-18 00:56 111232 c:\windows\LastGood\system32\dllcache\cl5465.dll
+ 2010-08-17 18:32 . 2006-02-28 12:00 480256 c:\windows\LastGood\system32\dllcache\cintsetp.exe
+ 2010-08-17 18:32 . 2008-04-14 10:39 198656 c:\windows\LastGood\system32\dllcache\cintime.dll
+ 2010-08-17 18:32 . 2001-08-18 00:02 272640 c:\windows\LastGood\system32\dllcache\cinemclc.sys
+ 2010-08-17 18:32 . 2001-08-17 22:13 980034 c:\windows\LastGood\system32\dllcache\cicap.sys
+ 2010-08-17 18:32 . 2008-04-14 10:39 173568 c:\windows\LastGood\system32\dllcache\chtskf.dll
+ 2010-08-17 18:32 . 2006-02-28 12:00 838144 c:\windows\LastGood\system32\dllcache\chtbrkr.dll
+ 2010-08-17 18:29 . 2003-03-24 21:52 188480 c:\windows\LastGood\system32\dllcache\cfgwiz.exe
+ 2010-08-17 18:31 . 2001-08-17 23:28 714698 c:\windows\LastGood\system32\dllcache\cbmdmkxx.sys
+ 2010-08-17 18:31 . 2008-04-14 15:41 121856 c:\windows\LastGood\system32\dllcache\camext30.dll
+ 2010-08-17 18:31 . 2001-08-18 08:36 236032 c:\windows\LastGood\system32\dllcache\camext20.dll
+ 2010-08-17 18:31 . 2001-08-18 00:04 171264 c:\windows\LastGood\system32\dllcache\camdrv30.sys
+ 2010-08-17 18:31 . 2001-08-18 00:04 223232 c:\windows\LastGood\system32\dllcache\camdrv21.sys
+ 2010-08-17 18:31 . 2001-08-18 00:05 314752 c:\windows\LastGood\system32\dllcache\camdro21.sys
+ 2010-08-17 18:31 . 2008-04-14 10:41 218112 c:\windows\LastGood\system32\dllcache\c_g18030.dll
+ 2010-08-17 18:31 . 2008-04-14 10:21 101120 c:\windows\LastGood\system32\dllcache\bthpan.sys
+ 2010-08-17 18:31 . 2001-08-18 08:36 102400 c:\windows\LastGood\system32\dllcache\binlsvc.dll
+ 2010-08-17 18:31 . 2001-08-17 23:28 871388 c:\windows\LastGood\system32\dllcache\bcmdm.sys
+ 2010-08-17 18:31 . 2001-08-18 00:56 342336 c:\windows\LastGood\system32\dllcache\banshee.dll
+ 2010-08-17 18:31 . 2001-08-18 08:36 144384 c:\windows\LastGood\system32\dllcache\avmenum.dll
+ 2010-08-17 18:31 . 2008-04-14 15:41 516768 c:\windows\LastGood\system32\dllcache\ativvaxx.dll
+ 2010-08-17 18:31 . 2001-08-18 00:56 104832 c:\windows\LastGood\system32\dllcache\atiraged.dll
+ 2010-08-17 18:31 . 2008-04-14 08:04 104960 c:\windows\LastGood\system32\dllcache\atinrvxx.sys
+ 2010-08-17 18:30 . 2001-08-17 22:48 281600 c:\windows\LastGood\system32\dllcache\atimtai.sys
+ 2010-08-17 18:30 . 2001-08-17 22:48 289664 c:\windows\LastGood\system32\dllcache\atimpab.sys
+ 2010-08-17 18:30 . 2001-08-18 00:56 268160 c:\windows\LastGood\system32\dllcache\atidvai.dll
+ 2010-08-17 18:30 . 2001-08-18 00:56 137216 c:\windows\LastGood\system32\dllcache\atidrae.dll
+ 2010-08-17 18:30 . 2001-08-18 00:55 382592 c:\windows\LastGood\system32\dllcache\atidrab.dll
+ 2010-08-17 18:30 . 2008-04-14 15:41 870784 c:\windows\LastGood\system32\dllcache\ati3d1ag.dll
+ 2010-08-17 18:30 . 2008-04-14 08:04 701440 c:\windows\LastGood\system32\dllcache\ati2mtag.sys
+ 2010-08-17 18:30 . 2008-04-14 08:04 327040 c:\windows\LastGood\system32\dllcache\ati2mtaa.sys
+ 2010-08-17 18:30 . 2008-04-14 15:41 201728 c:\windows\LastGood\system32\dllcache\ati2dvag.dll
+ 2010-08-17 18:30 . 2008-04-14 15:41 377984 c:\windows\LastGood\system32\dllcache\ati2dvaa.dll
+ 2010-08-17 18:30 . 2008-04-14 15:41 229376 c:\windows\LastGood\system32\dllcache\ati2cqag.dll
+ 2010-08-17 18:30 . 2008-04-14 10:41 331264 c:\windows\LastGood\system32\dllcache\aqueue.dll
+ 2010-08-17 18:30 . 2001-08-18 00:07 101888 c:\windows\LastGood\system32\dllcache\adpu160m.sys
+ 2010-08-17 18:30 . 2001-08-17 22:19 747392 c:\windows\LastGood\system32\dllcache\adm8830.sys
+ 2010-08-17 18:30 . 2001-08-17 22:19 553984 c:\windows\LastGood\system32\dllcache\adm8820.sys
+ 2010-08-17 18:30 . 2001-08-17 22:19 584448 c:\windows\LastGood\system32\dllcache\adm8810.sys
+ 2010-08-17 18:30 . 2001-08-17 22:20 297728 c:\windows\LastGood\system32\dllcache\ac97sis.sys
+ 2010-08-17 18:30 . 2008-04-14 08:06 231552 c:\windows\LastGood\system32\dllcache\ac97ali.sys
+ 2010-08-17 18:30 . 2001-08-18 08:36 462848 c:\windows\LastGood\system32\dllcache\a3dapi.dll
+ 2010-08-17 18:30 . 2001-08-17 22:48 148352 c:\windows\LastGood\system32\dllcache\3dfxvsm.sys
+ 2010-08-17 18:30 . 2001-08-18 00:55 689216 c:\windows\LastGood\system32\dllcache\3dfxvs.dll
+ 2010-08-17 18:30 . 2001-08-17 23:28 762780 c:\windows\LastGood\system32\dllcache\3cwmcru.sys
+ 2010-08-17 18:30 . 2010-04-28 02:25 2189952 c:\windows\LastGood\system32\dllcache\ntoskrnl.exe
+ 2010-08-17 18:37 . 2010-04-27 13:05 2066816 c:\windows\LastGood\system32\dllcache\ntkrnlpa.exe
+ 2010-08-17 18:37 . 2008-04-14 15:42 1737856 c:\windows\LastGood\system32\dllcache\mtxparhd.dll
+ 2010-08-17 18:37 . 2008-04-14 09:53 1309184 c:\windows\LastGood\system32\dllcache\mtlstrm.sys
+ 2010-08-17 18:34 . 2008-04-14 09:53 1041536 c:\windows\LastGood\system32\dllcache\hsfdpsp2.sys
+ 2010-08-17 18:34 . 2001-08-18 00:56 1733120 c:\windows\LastGood\system32\dllcache\g400d.dll
+ 2010-08-17 18:32 . 2006-02-28 12:00 1677824 c:\windows\LastGood\system32\dllcache\chsbrkr.dll
+ 2010-08-17 18:30 . 2008-04-14 15:41 1888992 c:\windows\LastGood\system32\dllcache\ati3duag.dll
+ 2010-08-17 18:34 . 2006-02-28 12:00 10129408 c:\windows\LastGood\system32\dllcache\hwxkor.dll
+ 2010-08-17 18:34 . 2008-04-14 10:39 13463552 c:\windows\LastGood\system32\dllcache\hwxjpn.dll
+ 2010-08-17 18:34 . 2006-02-28 12:00 10096640 c:\windows\LastGood\system32\dllcache\hwxcht.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2002-09-11 368706]
"LogitechCommunicationsManager"="c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-06-26 497200]
"LVCOMSX"="c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-06-26 243248]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"P17Helper"="P17.dll" [2005-05-03 64512]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-06-15 47408]
"RTHDCPL"="RTHDCPL.EXE" [2009-01-13 18084864]
"Corel File Shell Monitor"="c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [2008-08-08 16712]
"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-12-13 642856]
"Linksys Wireless Manager"="c:\program files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe" [2009-02-15 1358384]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-04 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-04 13670504]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2009-03-08 128512]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AT&T Self Support Tool.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\AT&T Self Support Tool.lnk
backup=c:\windows\pss\AT&T Self Support Tool.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
1 [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 09:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeChat]
2008-08-21 17:16 267296 ----a-w- c:\program files\Microsoft LifeChat\LifeChat.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
2006-06-26 16:34 614960 ----a-w- c:\program files\Logitech\QuickCam10\QuickCam10.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
2005-08-24 13:51 442455 ----a-w- c:\progra~1\SBCSEL~1\SMARTB~1\MotiveSB.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-18 02:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 16:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\eMusic Download Manager\\xulrunner\\xulrunner.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Linksys\\Linksys Wireless Manager\\LinksysWirelessManager.exe"=
"c:\\Program Files\\Dragon Age\\bin_ship\\daorigins.exe"=
"c:\\Program Files\\Dragon Age\\DAOriginsLauncher.exe"=
"c:\\Program Files\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"=
"c:\\Program Files\\Dragon Age\\tools\\GffEditor.exe"=
"c:\\Program Files\\Dragon Age\\tools\\ErfEditor.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1107000.00C\symds.sys [5/25/2010 11:48 AM 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1107000.00C\symefa.sys [5/25/2010 11:48 AM 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\BASHDefs\20100719.001\BHDrvx86.sys [7/19/2010 6:28 PM 692272]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1107000.00C\cchpx86.sys [5/25/2010 11:48 AM 501888]
R1 SSHDRV85;SSHDRV85;c:\windows\system32\drivers\SSHDRV85.sys [3/17/2009 2:08 PM 78848]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1107000.00C\ironx86.sys [5/25/2010 11:48 AM 116784]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe [5/25/2010 11:48 AM 126392]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [7/19/2010 12:48 PM 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\IPSDefs\20100813.004\IDSXpx86.sys [8/14/2010 6:22 AM 331640]
S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [1/4/2009 1:37 PM 20160]
S3 AWEAlloc;AWE Memory Allocation Driver;c:\windows\system32\DRIVERS\awealloc.sys --> c:\windows\system32\DRIVERS\awealloc.sys [?]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [12/15/2009 3:07 PM 25832]
.
Contents of the 'Scheduled Tasks' folder

2010-07-20 c:\windows\Tasks\Norton Internet Security - User - Full System Scan.job
- c:\program files\Norton Internet Security\Engine\17.7.0.12\navw32.exe [2010-05-25 05:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.hyperchat.com/
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
Trusted Zone: motive.com\pattta.att
Trusted Zone: motive.com\patttbc.att
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\zrmh9chn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.hyperchat.com/
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: c:\program files\eMusic Download Manager\plugin\npemusic.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-17 13:51
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\17.7.0.12\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-57989841-1770027372-1801674531-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:77,2f,1b,cb,e3,24,74,23,fc,4c,5c,87,2f,d0,f9,81,40,2b,db,9d,b4,9d,fe,
89,16,a2,71,f2,8c,1a,6b,ac,2a,0e,6f,cc,d8,08,fc,cf,05,78,39,ff,62,79,13,f2,\
"??"=hex:69,6f,5c,46,6a,89,f9,ee,2d,48,e0,10,87,42,1e,12

[HKEY_USERS\S-1-5-21-57989841-1770027372-1801674531-1005\Software\SecuROM\License information*]
"datasecu"=hex:7c,86,b6,2e,9d,2d,c2,e7,ce,38,63,db,da,2e,28,fa,3d,8c,61,37,ae,
aa,cf,36,3f,95,57,81,25,16,7b,6f,51,9a,08,29,02,0b,2d,c7,57,bc,5a,75,65,c7,\
"rkeysecu"=hex:82,c3,15,4f,bb,1d,3b,7f,84,f5,53,93,76,d6,d1,ff
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(1040)
c:\windows\system32\nvappfilter.dll

- - - - - - - > 'explorer.exe'(264)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-08-17 13:54:10
ComboFix-quarantined-files.txt 2010-08-17 18:54
ComboFix2.txt 2010-08-17 17:46

Pre-Run: 185,522,790,400 bytes free
Post-Run: 185,902,051,328 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer

- - End Of File - - B1EA156AE1B0E456CCD69C77798CE915

Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, chocolate in one hand, beer in the other, totally worn out and screaming 'WOOO HOOOOO what a ride!'

#14 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,088 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:04:10 PM

Posted 17 August 2010 - 02:09 PM

Hello again, you're quite welcome. smile.gif

We need to replace a file, since it appears the System File Checker didn't do it.

Please make sure your XP CD is in your D:\ drive (if D:\ is not your CD drive letter, please replace d:\ in the script below with the correct drive letter).
First, click Start > Run, type notepad and press enter.

Copy/paste the following text into Notepad and save it to your desktop as copy.bat
CODE
@echo off
expand d:\i386\sfcfiles.dl_ c:\windows\sfcfiles.dll
del %0
Exit Notepad and doubleclick copy.bat to run it. A file should now be copied from your CD.

Now, please verify that the following file exists: c:\windows\sfcfiles.dll

If the file exists, please rerun Combofix and post me the new log.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#15 SpiritedTreasure

SpiritedTreasure
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:10 AM

Posted 17 August 2010 - 02:23 PM

Elise,

I did as you instructed.
I opened the folders and physically saw the file in the Windows folder..


=edit= file not files
===============

ComboFix 10-08-17.01 - User 08/17/2010 14:16:11.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1288 [GMT -5:00]
Running from: c:\documents and settings\User\Desktop\ComboFix.exe
AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: ActiveArmor Firewall *enabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((( Files Created from 2010-07-17 to 2010-08-17 )))))))))))))))))))))))))))))))
.

2010-08-17 19:13 . 2004-08-04 05:56 1580544 ----a-w- c:\windows\sfcfiles.dll
2010-08-17 18:29 . 2010-08-17 18:42 -------- d-----w- c:\windows\LastGood
2010-08-09 23:24 . 2010-08-09 23:24 161296 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2010-08-04 17:36 . 2010-08-04 17:36 503808 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-2275285d-n\msvcp71.dll
2010-08-04 17:36 . 2010-08-04 17:36 499712 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-2275285d-n\jmc.dll
2010-08-04 17:36 . 2010-08-04 17:36 348160 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-2275285d-n\msvcr71.dll
2010-08-04 17:36 . 2010-08-04 17:36 61440 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-66f98260-n\decora-sse.dll
2010-08-04 17:36 . 2010-08-04 17:36 12800 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-66f98260-n\decora-d3d.dll
2010-07-24 15:52 . 2010-07-24 15:52 -------- d-----w- c:\program files\Common Files\Java
2010-07-20 02:00 . 2008-04-14 08:04 29311 -c--a-w- c:\windows\system32\dllcache\watv01nt.sys
2010-07-20 01:59 . 2001-08-17 23:53 7040 -c--a-w- c:\windows\system32\dllcache\snyaitmc.sys
2010-07-20 01:58 . 2001-08-17 23:51 19584 -c--a-w- c:\windows\system32\dllcache\rasirda.sys
2010-07-20 01:57 . 2008-04-14 09:53 126686 -c--a-w- c:\windows\system32\dllcache\mtlmnt5.sys
2010-07-20 01:56 . 2001-08-18 08:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2010-07-20 01:55 . 2008-04-14 15:41 32285 -c--a-w- c:\windows\system32\dllcache\hsfcisp2.dll
2010-07-20 01:54 . 2001-08-18 08:36 61952 -c--a-w- c:\windows\system32\dllcache\eqnloop.exe
2010-07-20 01:53 . 2001-08-17 23:51 6656 -c--a-w- c:\windows\system32\dllcache\cmdide.sys
2010-07-20 01:52 . 2001-08-18 00:56 342336 -c--a-w- c:\windows\system32\dllcache\banshee.dll
2010-07-20 01:51 . 2001-08-18 00:56 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-07-20 00:40 . 2010-07-20 00:40 -------- d-----w- c:\documents and settings\User\Application Data\Malwarebytes
2010-07-20 00:40 . 2010-04-29 20:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-20 00:40 . 2010-07-20 00:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-07-20 00:40 . 2010-04-29 20:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-20 00:40 . 2010-07-20 00:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-17 15:21 . 2009-01-14 00:45 -------- d-----w- c:\documents and settings\User\Application Data\Skype
2010-08-17 13:31 . 2009-01-14 00:46 -------- d-----w- c:\documents and settings\User\Application Data\skypePM
2010-08-17 12:07 . 2009-01-27 21:12 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2010-08-17 12:07 . 2009-01-27 21:12 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2010-08-14 14:02 . 2009-01-05 00:27 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-08-14 14:02 . 2009-01-05 00:27 -------- d-----w- c:\program files\SpywareBlaster
2010-08-08 12:57 . 2010-03-05 20:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-08-04 01:29 . 2009-09-01 16:32 -------- d-----w- c:\program files\Electronic Arts
2010-08-03 22:17 . 2009-01-05 00:24 -------- d-----w- c:\program files\CCleaner
2010-08-03 19:04 . 2009-06-25 17:09 -------- d-----w- c:\program files\Panda Security
2010-08-02 16:33 . 2009-01-04 19:48 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-28 13:14 . 2009-02-10 01:05 -------- d-----w- c:\program files\Bethesda Softworks
2010-07-24 15:59 . 2009-01-04 21:01 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-24 15:51 . 2010-05-02 12:40 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-24 15:48 . 2009-03-10 14:00 -------- d-----w- c:\program files\Java
2010-07-15 12:17 . 2009-01-04 22:05 -------- d-----w- c:\program files\Common Files\Motive
2010-07-14 21:17 . 2010-04-06 14:14 -------- d-----w- c:\program files\QuickTime
2010-07-06 23:39 . 2010-02-02 20:16 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-06-30 12:31 . 2008-04-14 10:42 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-26 01:58 . 2009-01-04 19:47 -------- d-----w- c:\program files\NVIDIA Corporation
2010-06-26 01:58 . 2009-02-07 03:15 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-06-26 00:33 . 2010-03-05 20:38 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-06-25 23:35 . 2010-06-25 22:57 -------- d-----w- c:\program files\VDMSound
2010-06-24 12:22 . 2008-04-14 10:42 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-23 15:00 . 2010-05-02 16:15 -------- d-----w- c:\program files\iTunes
2010-06-23 14:59 . 2010-06-23 14:59 -------- d-----w- c:\program files\iPod
2010-06-23 14:59 . 2009-01-06 15:28 -------- d-----w- c:\program files\Common Files\Apple
2010-06-23 14:55 . 2010-06-23 14:55 -------- d-----w- c:\program files\Bonjour
2010-06-23 14:53 . 2010-06-23 14:53 72504 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.2.0.61\SetupAdmin.exe
2010-06-23 13:44 . 2008-04-14 06:00 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2008-04-14 05:45 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2008-04-14 10:41 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2009-01-03 18:24 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:41 . 2008-04-14 10:42 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-04 17:29 . 2010-06-04 17:29 71992 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.33.16.0\SetupAdmin.exe
2010-06-01 13:51 . 2009-01-06 12:53 174972 ---ha-w- c:\windows\system32\mlfcache.dat
2010-05-26 19:07 . 2010-05-26 19:07 503808 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3a6033fb-n\msvcp71.dll
2010-05-26 19:07 . 2010-05-26 19:07 499712 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3a6033fb-n\jmc.dll
2010-05-26 19:07 . 2010-05-26 19:07 348160 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-3a6033fb-n\msvcr71.dll
2010-05-26 19:07 . 2010-05-26 19:07 61440 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-30f93d61-n\decora-sse.dll
2010-05-26 19:07 . 2010-05-26 19:07 12800 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-30f93d61-n\decora-d3d.dll
2010-05-20 18:59 . 2010-05-20 18:59 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-05-20 18:59 . 2010-05-20 18:59 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
.

------- Sigcheck -------

[-] 2008-05-27 . 57FF046BF5F22B29AEE0177449139565 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2004-08-04 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2002-09-11 368706]
"LogitechCommunicationsManager"="c:\program files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-06-26 497200]
"LVCOMSX"="c:\program files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-06-26 243248]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"P17Helper"="P17.dll" [2005-05-03 64512]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-06-15 47408]
"RTHDCPL"="RTHDCPL.EXE" [2009-01-13 18084864]
"Corel File Shell Monitor"="c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [2008-08-08 16712]
"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-12-13 642856]
"Linksys Wireless Manager"="c:\program files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe" [2009-02-15 1358384]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-04 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-04 13670504]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2009-03-08 128512]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AT&T Self Support Tool.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\AT&T Self Support Tool.lnk
backup=c:\windows\pss\AT&T Self Support Tool.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
1 [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 09:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeChat]
2008-08-21 17:16 267296 ----a-w- c:\program files\Microsoft LifeChat\LifeChat.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
2006-06-26 16:34 614960 ----a-w- c:\program files\Logitech\QuickCam10\QuickCam10.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
2005-08-24 13:51 442455 ----a-w- c:\progra~1\SBCSEL~1\SMARTB~1\MotiveSB.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-18 02:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 16:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\eMusic Download Manager\\xulrunner\\xulrunner.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Linksys\\Linksys Wireless Manager\\LinksysWirelessManager.exe"=
"c:\\Program Files\\Dragon Age\\bin_ship\\daorigins.exe"=
"c:\\Program Files\\Dragon Age\\DAOriginsLauncher.exe"=
"c:\\Program Files\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"=
"c:\\Program Files\\Dragon Age\\tools\\GffEditor.exe"=
"c:\\Program Files\\Dragon Age\\tools\\ErfEditor.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1107000.00C\symds.sys [5/25/2010 11:48 AM 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1107000.00C\symefa.sys [5/25/2010 11:48 AM 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\BASHDefs\20100719.001\BHDrvx86.sys [7/19/2010 6:28 PM 692272]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1107000.00C\cchpx86.sys [5/25/2010 11:48 AM 501888]
R1 SSHDRV85;SSHDRV85;c:\windows\system32\drivers\SSHDRV85.sys [3/17/2009 2:08 PM 78848]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1107000.00C\ironx86.sys [5/25/2010 11:48 AM 116784]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe [5/25/2010 11:48 AM 126392]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [7/19/2010 12:48 PM 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\IPSDefs\20100813.004\IDSXpx86.sys [8/14/2010 6:22 AM 331640]
S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [1/4/2009 1:37 PM 20160]
S3 AWEAlloc;AWE Memory Allocation Driver;c:\windows\system32\DRIVERS\awealloc.sys --> c:\windows\system32\DRIVERS\awealloc.sys [?]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [12/15/2009 3:07 PM 25832]
.
Contents of the 'Scheduled Tasks' folder

2010-07-20 c:\windows\Tasks\Norton Internet Security - User - Full System Scan.job
- c:\program files\Norton Internet Security\Engine\17.7.0.12\navw32.exe [2010-05-25 05:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.hyperchat.com/
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
Trusted Zone: motive.com\pattta.att
Trusted Zone: motive.com\patttbc.att
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\zrmh9chn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.hyperchat.com/
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: c:\program files\eMusic Download Manager\plugin\npemusic.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-17 14:19
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\17.7.0.12\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-57989841-1770027372-1801674531-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:77,2f,1b,cb,e3,24,74,23,fc,4c,5c,87,2f,d0,f9,81,40,2b,db,9d,b4,9d,fe,
89,16,a2,71,f2,8c,1a,6b,ac,2a,0e,6f,cc,d8,08,fc,cf,05,78,39,ff,62,79,13,f2,\
"??"=hex:69,6f,5c,46,6a,89,f9,ee,2d,48,e0,10,87,42,1e,12

[HKEY_USERS\S-1-5-21-57989841-1770027372-1801674531-1005\Software\SecuROM\License information*]
"datasecu"=hex:7c,86,b6,2e,9d,2d,c2,e7,ce,38,63,db,da,2e,28,fa,3d,8c,61,37,ae,
aa,cf,36,3f,95,57,81,25,16,7b,6f,51,9a,08,29,02,0b,2d,c7,57,bc,5a,75,65,c7,\
"rkeysecu"=hex:82,c3,15,4f,bb,1d,3b,7f,84,f5,53,93,76,d6,d1,ff
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(1040)
c:\windows\system32\nvappfilter.dll

- - - - - - - > 'explorer.exe'(1952)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-08-17 14:21:00
ComboFix-quarantined-files.txt 2010-08-17 19:20
ComboFix2.txt 2010-08-17 18:54
ComboFix3.txt 2010-08-17 17:46

Pre-Run: 185,916,669,952 bytes free
Post-Run: 185,968,447,488 bytes free

- - End Of File - - 5C01E203A954CCB363DB2B94FDDF93B5

Edited by SpiritedTreasure, 17 August 2010 - 02:27 PM.

Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, chocolate in one hand, beer in the other, totally worn out and screaming 'WOOO HOOOOO what a ride!'




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users