Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet Explorer Hijacked - Searchs Redirected


  • This topic is locked This topic is locked
19 replies to this topic

#1 techgirl888

techgirl888

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Chicago, IL USA
  • Local time:05:09 AM

Posted 01 September 2010 - 11:30 AM

After running multiple virus/malware scans (McAfee, AVG, MalwareBytes, AdAware, Spybot) removing many issues I still have the problem of my searches being redirected to additional search sites. Maintance has also been run (disk check, scan disk, defrag. Also ran CC and Advance System Care scans). Do not know what to do. Computer runs slowly on start up and opening IE. Computer locks up often. I have included in this post DDS and attached Attach.txt as requested. GMER will not complete computer locks up and sometimes I recieve a system virtual memory low message in my bottom right task bar. Although not requested in the preparation guide I have also attached hijackthis log incase needed. Any help you can provide is appreciated.


DDS (Ver_10-03-17.01) - NTFSx86
Run by Owner at 14:20:03.71 on Sat 08/28/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.160 [GMT -5:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Documents and Settings\Owner\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.msn.com
mStart Page = hxxp://www.msn.com
uInternet Connection Wizard,ShellNext = iexplore
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [Advanced SystemCare 3] "c:\program files\iobit\advanced systemcare 3\AWC.exe" /startup
mRun: [nwiz] nwiz.exe /install
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1282690133203
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
Hosts: 127.0.0.1 www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\yls50t8j.default\
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - plugin: c:\program files\java\jre1.5.0_06\bin\NPJPI150_06.dll

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-8-23 64288]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-8-26 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-8-26 29584]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-8-26 243024]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-8-26 921952]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-8-26 308136]
R3 ndisrd;WinpkFilter Service;c:\windows\system32\drivers\ndisrd.sys [2010-8-5 20480]
S2 Ias;Network Security;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-8-12 1355416]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2010-8-12 15008]

=============== Created Last 30 ================

2010-08-26 19:47:15 0 d--h--w- C:\$AVG
2010-08-26 18:44:19 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-08-26 18:44:14 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-08-26 18:44:02 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-08-26 18:43:33 0 d-----w- c:\windows\system32\drivers\Avg
2010-08-26 18:39:39 0 d-----w- c:\docume~1\alluse~1\applic~1\avg9
2010-08-25 04:35:16 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-08-25 04:35:10 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-08-25 04:35:08 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-08-25 04:34:59 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-08-25 04:34:53 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-08-25 04:34:44 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
2010-08-25 04:34:44 28288 ----a-w- c:\windows\system32\dllcache\xjis.nls
2010-08-25 04:34:23 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-08-25 04:34:19 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys
2010-08-25 04:34:15 19200 ----a-w- c:\windows\system32\dllcache\wstcodec.sys
2010-08-25 04:34:13 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys
2010-08-25 04:33:43 154624 ----a-w- c:\windows\system32\dllcache\wlluc48.sys
2010-08-25 04:33:38 34890 ----a-w- c:\windows\system32\dllcache\wlandrv2.sys
2010-08-25 04:33:27 771581 ----a-w- c:\windows\system32\dllcache\winacisa.sys
2010-08-25 04:33:21 53760 ----a-w- c:\windows\system32\dllcache\wiamsmud.dll
2010-08-25 04:33:16 87040 ----a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2010-08-25 04:33:15 41600 ----a-w- c:\windows\system32\dllcache\weitekp9.dll
2010-08-25 04:33:15 31232 ----a-w- c:\windows\system32\dllcache\weitekp9.sys
2010-08-25 04:33:09 701386 ----a-w- c:\windows\system32\dllcache\wdhaalba.sys
2010-08-25 04:33:08 23615 ----a-w- c:\windows\system32\dllcache\wch7xxnt.sys
2010-08-25 04:33:06 31744 ----a-w- c:\windows\system32\dllcache\wceusbsh.sys
2010-08-25 04:33:02 35871 ----a-w- c:\windows\system32\dllcache\wbfirdma.sys
2010-08-25 04:31:55 765884 ----a-w- c:\windows\system32\dllcache\usrti.sys
2010-08-25 04:31:50 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys
2010-08-25 04:31:45 7556 ----a-w- c:\windows\system32\dllcache\usroslba.sys
2010-08-25 04:31:40 224802 ----a-w- c:\windows\system32\dllcache\usr1807a.sys
2010-08-25 04:31:35 794399 ----a-w- c:\windows\system32\dllcache\usr1806v.sys
2010-08-25 04:31:30 793598 ----a-w- c:\windows\system32\dllcache\usr1806.sys
2010-08-25 04:31:26 794654 ----a-w- c:\windows\system32\dllcache\usr1801.sys
2010-08-25 04:31:24 26112 ----a-w- c:\windows\system32\dllcache\usbser.sys
2010-08-25 04:31:22 60032 ----a-w- c:\windows\system32\dllcache\usbaudio.sys
2010-08-25 04:31:20 32384 ----a-w- c:\windows\system32\dllcache\usb101et.sys
2010-08-25 04:31:13 94720 ----a-w- c:\windows\system32\dllcache\umaxud32.dll
2010-08-25 04:31:08 28160 ----a-w- c:\windows\system32\dllcache\umaxu40.dll
2010-08-25 04:31:04 26624 ----a-w- c:\windows\system32\dllcache\umaxu22.dll
2010-08-25 04:30:56 69632 ----a-w- c:\windows\system32\dllcache\umaxu12.dll
2010-08-25 04:30:51 50688 ----a-w- c:\windows\system32\dllcache\umaxscan.dll
2010-08-25 04:30:46 22912 ----a-w- c:\windows\system32\dllcache\umaxpcls.sys
2010-08-25 04:30:42 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll
2010-08-25 04:30:37 47616 ----a-w- c:\windows\system32\dllcache\umaxcam.dll
2010-08-25 04:30:32 211968 ----a-w- c:\windows\system32\dllcache\um54scan.dll
2010-08-25 04:30:27 216064 ----a-w- c:\windows\system32\dllcache\um34scan.dll
2010-08-25 04:30:22 36736 ----a-w- c:\windows\system32\dllcache\ultra.sys
2010-08-25 04:30:16 11520 ----a-w- c:\windows\system32\dllcache\twotrack.sys
2010-08-25 04:30:15 14336 ----a-w- c:\windows\system32\dllcache\tsprof.exe
2010-08-25 04:30:09 166784 ----a-w- c:\windows\system32\dllcache\tridxpm.sys
2010-08-25 04:30:04 525568 ----a-w- c:\windows\system32\dllcache\tridxp.dll
2010-08-25 04:28:59 138528 ----a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2010-08-25 04:27:57 28384 ----a-w- c:\windows\system32\dllcache\sym_hi.sys
2010-08-25 04:26:57 99328 ----a-w- c:\windows\system32\dllcache\srusd.dll
2010-08-25 04:25:58 58368 ----a-w- c:\windows\system32\dllcache\smiminib.sys
2010-08-25 04:24:58 157696 ----a-w- c:\windows\system32\dllcache\sisv256.dll
2010-08-25 04:23:56 6784 ----a-w- c:\windows\system32\dllcache\serscan.sys
2010-08-25 04:22:56 61504 ----a-w- c:\windows\system32\dllcache\s3sav3dm.sys
2010-08-25 04:21:54 3840 ----a-w- c:\windows\system32\dllcache\rpfun.sys
2010-08-25 04:20:56 40320 ----a-w- c:\windows\system32\dllcache\ql1080.sys
2010-08-25 04:19:59 19840 ----a-w- c:\windows\system32\dllcache\philtune.sys
2010-08-25 04:18:58 36927 ----a-w- c:\windows\system32\dllcache\padrs411.dll
2010-08-25 04:17:57 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys
2010-08-25 04:17:45 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys
2010-08-25 04:17:41 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll
2010-08-25 04:17:24 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
2010-08-25 04:17:24 38912 ----a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2010-08-25 04:17:18 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys
2010-08-25 04:17:14 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys
2010-08-25 04:17:13 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys
2010-08-25 04:17:04 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys
2010-08-25 04:17:00 126080 ----a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
2010-08-25 04:15:58 35392 ----a-w- c:\windows\system32\dllcache\n9i128.dll
2010-08-25 04:15:54 128000 ----a-w- c:\windows\system32\dllcache\n100325.sys
2010-08-25 04:15:49 52255 ----a-w- c:\windows\system32\dllcache\n1000nt5.sys
2010-08-25 04:15:45 75520 ----a-w- c:\windows\system32\dllcache\mxport.sys
2010-08-25 04:15:39 7168 ----a-w- c:\windows\system32\dllcache\mxport.dll
2010-08-25 04:15:34 19968 ----a-w- c:\windows\system32\dllcache\mxnic.sys
2010-08-25 04:15:30 19968 ----a-w- c:\windows\system32\dllcache\mxicfg.dll
2010-08-25 04:15:26 229439 ----a-w- c:\windows\system32\dllcache\multibox.dll
2010-08-25 04:15:26 21888 ----a-w- c:\windows\system32\dllcache\mxcard.sys
2010-08-25 04:15:22 103296 ----a-w- c:\windows\system32\dllcache\mtxvideo.sys
2010-08-25 04:14:59 5504 ----a-w- c:\windows\system32\dllcache\mstee.sys
2010-08-25 04:14:56 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys
2010-08-25 04:14:45 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys
2010-08-25 04:14:31 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys
2010-08-25 04:14:29 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys
2010-08-25 04:14:29 1875968 ----a-w- c:\windows\system32\dllcache\msir3jp.lex
2010-08-25 04:14:28 98304 ----a-w- c:\windows\system32\dllcache\msir3jp.dll
2010-08-25 04:14:06 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys
2010-08-25 04:14:01 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys
2010-08-25 04:14:00 56832 ----a-w- c:\windows\system32\dllcache\msdvbnp.ax
2010-08-25 04:12:56 7424 ----a-w- c:\windows\system32\dllcache\mammoth.sys
2010-08-25 04:11:59 20573 ----a-w- c:\windows\system32\dllcache\lne100.sys
2010-08-25 04:10:59 26624 ----a-w- c:\windows\system32\dllcache\irstusb.sys
2010-08-25 04:09:59 154496 ----a-w- c:\windows\system32\dllcache\icam4usb.sys
2010-08-25 04:02:18 78848 ----a-w- c:\windows\system32\dllcache\dayi.ime
2010-08-25 03:54:24 73279 ----a-w- c:\windows\system32\dllcache\hsf_spkp.sys
2010-08-25 03:54:21 44863 ----a-w- c:\windows\system32\dllcache\hsf_soar.sys
2010-08-25 03:54:18 57471 ----a-w- c:\windows\system32\dllcache\hsf_samp.sys
2010-08-25 03:54:14 542879 ----a-w- c:\windows\system32\dllcache\hsf_msft.sys
2010-08-25 03:54:11 391199 ----a-w- c:\windows\system32\dllcache\hsf_k56k.sys
2010-08-25 03:54:08 9759 ----a-w- c:\windows\system32\dllcache\hsf_inst.dll
2010-08-25 03:54:04 115807 ----a-w- c:\windows\system32\dllcache\hsf_fsks.sys
2010-08-25 03:54:01 199711 ----a-w- c:\windows\system32\dllcache\hsf_faxx.sys
2010-08-25 03:52:59 123392 ----a-w- c:\windows\system32\dllcache\hpgt21tk.dll
2010-08-25 03:51:57 470144 ----a-w- c:\windows\system32\dllcache\g200d.dll
2010-08-25 03:51:52 454912 ----a-w- c:\windows\system32\dllcache\fxusbase.sys
2010-08-25 03:51:30 11264 ----a-w- c:\windows\system32\dllcache\fxssend.exe
2010-08-25 03:51:28 31744 ----a-w- c:\windows\system32\dllcache\fxsroute.dll
2010-08-25 03:51:22 132608 ----a-w- c:\windows\system32\dllcache\fxsclntr.dll
2010-08-25 03:51:21 111104 ----a-w- c:\windows\system32\dllcache\fxscfgwz.dll
2010-08-25 03:51:16 92160 ----a-w- c:\windows\system32\dllcache\fuusd.dll
2010-08-25 03:51:10 455296 ----a-w- c:\windows\system32\dllcache\fusbbase.sys
2010-08-25 03:51:05 455680 ----a-w- c:\windows\system32\dllcache\fus2base.sys
2010-08-25 03:49:59 63360 ----a-w- c:\windows\system32\dllcache\ess.sys
2010-08-25 03:48:58 153631 ----a-w- c:\windows\system32\dllcache\el90xnd5.sys
2010-08-25 03:47:59 952007 ----a-w- c:\windows\system32\dllcache\diwan.sys
2010-08-25 03:46:59 14720 ----a-w- c:\windows\system32\dllcache\dac960nt.sys
2010-08-25 03:45:59 170880 ----a-w- c:\windows\system32\dllcache\cl546x.dll
2010-08-25 03:44:59 66082 ----a-w- c:\windows\system32\dllcache\c_20285.nls
2010-08-25 03:43:59 87552 ----a-w- c:\windows\system32\dllcache\avmcoxp.dll
2010-08-25 03:42:59 61440 ----a-w- c:\windows\system32\dllcache\acerscad.dll
2010-08-25 03:41:55 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-08-24 23:05:25 0 d-----w- c:\docume~1\owner\applic~1\IObit
2010-08-24 23:05:24 0 d-----w- c:\program files\IObit
2010-08-24 01:25:48 84 ---ha-w- C:\aaw7boot.cmd
2010-08-23 13:14:29 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-08-23 13:14:17 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-08-23 12:49:11 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{ECC164E0-3133-4C70-A831-F08DB2940F70}
2010-08-23 12:47:36 0 d-----w- c:\program files\Lavasoft
2010-08-23 02:57:53 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-08-23 02:57:53 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-08-18 23:49:09 0 d-----w- C:\Autoruns
2010-08-17 21:53:57 0 d-----w- c:\docume~1\owner\applic~1\Malwarebytes
2010-08-17 21:53:37 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-17 21:53:36 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-08-17 21:53:35 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-17 21:53:35 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-16 03:32:57 0 d-----w- c:\program files\AVG
2010-08-15 20:38:33 0 d-----w- c:\windows\system32\scripting
2010-08-15 20:38:32 0 d-----w- c:\windows\l2schemas
2010-08-15 20:38:30 0 d-----w- c:\windows\system32\en
2010-08-15 20:38:30 0 d-----w- c:\windows\system32\bits
2010-08-15 20:29:17 0 d-sh--w- c:\documents and settings\owner\IECompatCache
2010-08-15 20:28:17 0 d-----w- c:\windows\network diagnostic
2010-08-15 20:25:44 0 d-sh--w- c:\documents and settings\owner\PrivacIE
2010-08-15 20:19:23 0 d-----w- c:\windows\EHome
2010-08-15 20:01:15 0 d-sh--w- c:\documents and settings\owner\IETldCache
2010-08-15 19:51:01 0 dc-h--w- c:\windows\ie8
2010-08-05 15:57:27 0 d-----w- c:\docume~1\alluse~1\applic~1\Update
2010-08-05 15:57:14 20480 ----a-w- c:\windows\system32\drivers\ndisrd.sys
2010-08-05 15:57:11 5 ----a-w- C:\zrpt.xml

==================== Find3M ====================

2010-08-24 16:34:01 448 -c--a-w- c:\docume~1\owner\applic~1\wklnhst.dat
2010-07-29 23:56:45 112 ----a-w- c:\docume~1\alluse~1\applic~1\u8fixs751.dat
2006-03-18 14:35:59 392647 -csh--w- c:\windows\system32\yyadd.bak1
2006-03-21 19:24:07 394208 -csh--w- c:\windows\system32\yyadd.bak2

============= FINISH: 14:21:45.51 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:11:09 AM

Posted 08 September 2010 - 03:48 PM

Hello techgirl888, My name is Syler and I will be helping you to solve your malware issues. Sorry for the delay
in replying, we are very busy at the moment.

Please note because we are very busy, if I don't hear from you within 5 days the topic will be closed, If you
have since resolved your issues I would appreciate if you would let me no so I can close this topic.



Scan With RKUnHooker
  • Please Download Rootkit Unhooker Save it to your desktop.
  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check all of the boxes. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • Save the report somewhere where you can find it. Click Close.
Copy the entire contents of the report and paste it in a reply here.

Note** you may get this warning it is ok, just ignore

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"




We need to create an OTL Report
  1. Please download OTL from one of the following mirrors:
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Click the "Scan All Users" checkbox.
    Under the Custom Scans/Fixes box at the bottom, paste in the following bold text.
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\*. /mp /s
    %SYSTEMDRIVE%\*.exe
    netsvcs
    msconfig
    drivers32
    CREATERESTOREPOINT

  5. Push the button.
  6. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized


Then please post back here with the following logs:
  • RKUnHooker report
  • OTL.txt
  • Extra.txt

Thanks

unite.jpg


#3 techgirl888

techgirl888
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Chicago, IL USA
  • Local time:05:09 AM

Posted 08 September 2010 - 07:13 PM

Hi Syler, thank you for helping me. I understand you are busy and I appreciate any time and help you can put into my problem. Due to the length of the reports I am posting them individually.

Here is the RKUnHooker log you requested:

RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #1
==============================================
>SSDT State
==============================================
ntkrnlpa.exe-->NtCreateKey, Type: Address change 0x8061A344-->F869587E [Lbd.sys]
ntkrnlpa.exe-->NtSetValueKey, Type: Address change 0x806188B6-->F8695BFE [Lbd.sys]
==============================================
>Shadow
==============================================
==============================================
>Processes
==============================================
0x82DCA490 [4] System
0x825E0708 [236] C:\Documents and Settings\Owner\Desktop\RKUnhookerLE.EXE (UG North, RKULE, SR2 Normandy)
0x825AE848 [252] C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation, NVIDIA Driver Helper Service, Version 47.16)
0x826374C0 [284] C:\WINDOWS\system32\hpzipm12.exe (HP, PML Driver)
0x82340DA0 [380] C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc., SoundMAX service agent component)
0x823886A0 [400] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x825D0638 [712] C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation, Spooler SubSystem App)
0x8260AA88 [736] C:\WINDOWS\system32\rundll32.exe (Microsoft Corporation, Run a DLL as an App)
0x8233D020 [912] C:\WINDOWS\system32\wdfmgr.exe (Microsoft Corporation, Windows User Mode Driver Manager)
0x82C1F938 [992] C:\WINDOWS\system32\smss.exe (Microsoft Corporation, Windows NT Session Manager)
0x82AE7800 [1064] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x82A58798 [1096] C:\WINDOWS\system32\csrss.exe (Microsoft Corporation, Client Server Runtime Process)
0x82718DA0 [1120] C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation, Windows NT Logon Application)
0x82A2B798 [1168] C:\WINDOWS\system32\services.exe (Microsoft Corporation, Services and Controller app)
0x82726BE0 [1180] C:\WINDOWS\system32\lsass.exe (Microsoft Corporation, LSA Shell (Export Version))
0x826EFB98 [1332] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x82AF74A0 [1392] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x826C5BE8 [1436] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x826A19E0 [1616] C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o., AVG Cache Server)
0x826C98B0 [1624] C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o., AVG Resident Shield Service)
0x82684AA8 [1664] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x82AB8DA0 [1784] C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o., AVG Scanning Core Module - Server Part)
0x82AD8BC8 [1996] C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o., AVG Watchdog Service)
0x825F8620 [2008] C:\WINDOWS\explorer.exe (Microsoft Corporation, Windows Explorer)
0x8235DDA0 [2196] C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o., AVG E-Mail Scanner)
0x82433588 [2240] C:\Program Files\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o., AVG Network scanner Service)
0x82330DA0 [2420] C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o., AVG Scanning Core Module - Server Part)
0x823DDDA0 [2608] C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard, hpwuSchd Application)
0x8242FDA0 [2624] C:\WINDOWS\AGRSMMSG.exe (Agere Systems, SoftModem Messaging Applet)
0x822928B0 [2672] C:\PROGRA~1\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o., AVG Tray Monitor)
0x823DDA80 [2708] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation, CTF Loader)
0x8242F768 [2864] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd., System settings protector)
0x8242DC10 [3036] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit, Advanced SystemCare 3)
0x822EBC88 [3568] C:\WINDOWS\system32\alg.exe (Microsoft Corporation, Application Layer Gateway Service)
0x8263B3E8 [3928] C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation, Firefox)
==============================================
>Drivers
==============================================
0xBF012000 C:\WINDOWS\System32\nv4_disp.dll 3407872 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Display driver, Version 47.16 )
0x804D7000 C:\WINDOWS\system32\ntkrnlpa.exe 2066816 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2066816 bytes
0x804D7000 RAW 2066816 bytes
0x804D7000 WMIxWDM 2066816 bytes
0xBF800000 Win32k 1851392 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1851392 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xF78E3000 C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 1314816 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Miniport Driver, Version 47.16 )
0xF7A78000 C:\WINDOWS\system32\DRIVERS\AGRSM.sys 1269760 bytes (Agere Systems, SoftModem Device Driver)
0xF7C0D000 C:\WINDOWS\system32\drivers\smwdm.sys 614400 bytes (Analog Devices, Inc., SoundMAX Integrated Digital Audio )
0xF83BA000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xF1D2C000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xF6BF8000 C:\WINDOWS\system32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xF2BFD000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xB7ED8000 C:\WINDOWS\system32\DRIVERS\srv.sys 356352 bytes (Microsoft Corporation, Server driver)
0xF7A24000 C:\WINDOWS\system32\DRIVERS\bcmwl5.sys 344064 bytes (Broadcom Corporation, BCM 802.11g Network Adapter wireless driver)
0xB7A5F000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xF2BC3000 C:\WINDOWS\System32\Drivers\avgtdix.sys 237568 bytes (AVG Technologies CZ, s.r.o., AVG Network connection watcher)
0xEC587000 C:\WINDOWS\System32\Drivers\avgldx86.sys 212992 bytes (AVG Technologies CZ, s.r.o., AVG AVI Loader Driver)
0xF84F6000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xB7FA7000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xF838D000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xF1D9C000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xF1DE9000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xF2B9D000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xF7BE9000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xF7CA3000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xF7BC6000 C:\WINDOWS\system32\drivers\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xF1DC7000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x806D0000 ACPI_HAL 131840 bytes
0x806D0000 C:\WINDOWS\system32\hal.dll 131840 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xF8470000 fltmgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xF84A8000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xF84C7000 pcmcia.sys 122880 bytes (Microsoft Corporation, PCMCIA Bus Driver)
0xF8373000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xF7BAE000 C:\WINDOWS\system32\drivers\aeaudio.sys 98304 bytes (Andrea Electronics Corporation, Andrea Audio Noise Cancellation Driver)
0xF8490000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xF7CDB000 C:\WINDOWS\system32\DRIVERS\Apfiltr.sys 94208 bytes (Alps Electric Co., Ltd., Alps Touch Pad Driver)
0xF8447000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xF78B8000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xB811A000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xF7CC7000 C:\WINDOWS\system32\DRIVERS\parport.sys 81920 bytes (Microsoft Corporation, Parallel Port Driver)
0xF78CF000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xF2C56000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xF845E000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xF84E5000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xF78A7000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xEC7D3000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xF86E5000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xF8635000 ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0xF86A5000 serial.sys 65536 bytes (Microsoft Corporation, Serial Device Driver)
0xF86C5000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xF8695000 Lbd.sys 61440 bytes (Lavasoft AB, Boot Driver)
0xF86F5000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xF1EE8000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xF8815000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xF8645000 C:\WINDOWS\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0xF8885000 C:\WINDOWS\system32\DRIVERS\AmdK8.sys 57344 bytes (Advanced Micro Devices, AMD Processor Driver)
0xF8685000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xF8895000 C:\WINDOWS\system32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, i8042 Port Driver)
0xF8705000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xF8665000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xF7D82000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xF3287000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xF86D5000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xF8655000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xF8715000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xF8625000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xF8745000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xF8735000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xF8675000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xF4E46000 C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS 36864 bytes (Microsoft Corporation, Hid Class Library)
0xF7D72000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xF8725000 C:\WINDOWS\system32\DRIVERS\ndisrd.sys 36864 bytes (NT Kernel Resources, NDISRD helper driver)
0xF32A7000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xB71FD000 C:\WINDOWS\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0xF8855000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xF88E5000 C:\WINDOWS\System32\Drivers\Modem.SYS 32768 bytes (Microsoft Corporation, Modem Device Driver)
0xF89E5000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xF88DD000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xF8A25000 C:\WINDOWS\system32\DRIVERS\fdc.sys 28672 bytes (Microsoft Corporation, Floppy Disk Controller Driver)
0xF88ED000 C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys 28672 bytes (GEAR Software Inc., CDRom Class Filter Driver)
0xF59F1000 C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0xF88A5000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xEE20C000 C:\WINDOWS\System32\Drivers\avgmfx86.sys 24576 bytes (AVG Technologies CZ, s.r.o., AVG Resident Shield Minifilter Driver)
0xF8A15000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xF8A1D000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xF88BD000 nv_agp.sys 24576 bytes (NVIDIA Corporation, NVIDIA nForce AGP Filter)
0xF88F5000 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS 24576 bytes (Realtek Semiconductor Corporation, Realtek RTL8139 NDIS 5.0 Driver)
0xF88FD000 C:\WINDOWS\system32\drivers\tiumfwl.sys 24576 bytes (Texas Instruments Inc., tiumfwl.sys)
0xF89D5000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xF89DD000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xF88AD000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xF8955000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xF88B5000 PxHelp20.sys 20480 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xF895D000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel® mini-port/call-manager driver)
0xF8905000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xF8A2D000 C:\WINDOWS\system32\DRIVERS\usbohci.sys 20480 bytes (Microsoft Corporation, OHCI USB Miniport Driver)
0xED187000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xF8A3D000 C:\WINDOWS\system32\DRIVERS\BATTC.SYS 16384 bytes (Microsoft Corporation, Battery Class Driver)
0xF833F000 C:\WINDOWS\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0xF81F0000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xEE1A8000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xF8A41000 ACPIEC.sys 12288 bytes (Microsoft Corporation, ACPI Embedded Controller Driver)
0xF8A35000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xF8A39000 compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0xF8B09000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xF75BD000 C:\WINDOWS\system32\DRIVERS\hidusb.sys 12288 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0xF81FC000 C:\WINDOWS\system32\DRIVERS\mouhid.sys 12288 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xF832B000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xF834B000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xF8A45000 tiumflt.sys 12288 bytes (Texas Instruments Inc., tiumflt.sys)
0xF8343000 C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 12288 bytes (Microsoft Corporation, Windows Management Interface for ACPI)
0xF8B2D000 aliide.sys 8192 bytes (Acer Laboratories Inc., ALi mini IDE Driver)
0xF8BB3000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xF8B8D000 C:\WINDOWS\system32\drivers\EABFiltr.sys 8192 bytes (Hewlett-Packard Company, QLB PS/2 Keyboard filter driver)
0xF8BB1000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xF8B29000 intelide.sys 8192 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0xF8B25000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xF8BB5000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xF8BB7000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xF8B6B000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xF8B95000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xF8B2B000 viaide.sys 8192 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0xF8B27000 C:\WINDOWS\system32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xF8C81000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xF8D72000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xF8D55000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xF8BEE000 C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS 4096 bytes (Microsoft Corporation, ACPI Operation Registration Driver)
0xF8BED000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
!!!!!!!!!!!Hidden driver: 0x82CC2AEA ?_empty_? 1302 bytes
!!!!!!!!!!!Hidden driver: 0x82D44B78 ?_empty_? 0 bytes
==============================================
>Stealth
==============================================
0xF8490000 WARNING: suspicious driver modification [atapi.sys::0x82CC2AEA]
0xF88BD000 WARNING: Virus alike driver modification [nv_agp.sys], 24576 bytes
==============================================
>Files
==============================================
!-->[Hidden] C:\Documents and Settings\NetworkService\Cookies\system@ads.lycos[2].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Cookies\system@bidsystem[2].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Cookies\system@bs.serving-sys[3].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Cookies\system@content.yieldmanager[3].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Cookies\system@d1.openx[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Cookies\system@games-fe9.gamesville[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Cookies\system@gamesville[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Cookies\system@network.realmedia[4].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Cookies\system@serving-sys[2].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\1031955308@Top1[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\13667b7e55cb707f66a74e56213452919b506283[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\1528[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\1690[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\2496[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\24973-2[11].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\24974-15[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\274999[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\2f82e491a9ef577f6a57fc17b6ee6217a9f2b674[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\300x250_I5483_milestones[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\3ecd190fffa22395293747e5e1da67600a185a3a[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\56c4492e8fe91891f7098b36672688cc[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\728x90_062810_CLICK_AND_SAVE[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\;dcopt=ist;page=teensweeps;cat=sweeps;subcat=;tile=1;sz=728x90;ord=[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\a9221fbe1702e376770edc5ba26e25ff7d8bcd60[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\adopt[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\adopt[2].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\adServer[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\adServer[2].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\adStreamJSController[1].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\ajs[2].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\ajs[3].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\are3[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\AS3AdPlayer[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\a[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\bf4cd5c2029d2c326f21d341083d320b7dc75aff[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\bg-navBack[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\cas[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\cas[2].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\cas[3].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\cas[4].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\cas[5].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\cas_blank[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\cs[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\detection[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\ed27b72f70920517561ce34dbb301939fe7bb2b4[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\ewtrack_9[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\ff2[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\fpt[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\fw-nonplayer-banner[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\fw-nonplayer-banner[2].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\gamesville[1].css
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\getbid[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\getPersona[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\getPersona[2].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\getPersona[3].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\getPersona[4].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\getPersona[5].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\getPersona[6].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\get[2].media
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\glamadapt_jsrvCA1HPD30.act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\glamadapt_jsrvCA341UBJ.act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\glamadapt_jsrvCAFOLFFB.act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\glamadapt_jsrvCAT4YN0N.act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\glamadapt_jsrv[10].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\glamadapt_jsrv[11].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\glamadapt_jsrv[8].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\glamadapt_jsrv[9].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\green-sign_in[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\gv2_emercial_back2[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\gv_fishbowl[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\gv_nav[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\gv_style_screen2[1].css
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\gv_tab_downloads_on[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\gv_tab_free_off[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\gv_tab_free_on[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\help-prizesIcon[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\ie6-fixes[1].css
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\imp[8]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\indexCABHZ5OE.gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\indexCAHP1YZL.gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\index[1].css
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\jquery.cycle.all-2.75.min[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\jquery.gamesville[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\json[2]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\js[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\jump2[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\j[4].ad
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\logController[1].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\login_status[1].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\log[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\log[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\log[2]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\log[3]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\l[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\mentoday-us-e[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\MevioWM[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\nat[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\nifty[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\player-icons[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\QuickDrawPoker-v1003041135[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\Rambler_728x90_72110[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\roomFull[1].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\spc[2].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\swfobject2.2[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\s[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\text_group[8].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\text_group[9].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\tpl_music[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\uat_4171[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\v[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\WidgetVideoPlayer3[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\xd_receiver[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2QARGS9U\zmpfc[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\69XU6OIX\82878571,11ad54752f83b81,entertainment,;;dc=d;loc=af;dcopt=ist;tile=1;lan=en;ord1=529658;if=0;sz=728x90;exp=left;contx=entertainment;btg=;ord=2680318947[1]=
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\69XU6OIX\JMq5O2NzZdyEiapc3sec5bmJfVdD9N-TXzn-xoCMTTR0J9HNgGAHO77nEKqhM8kKWVozmI41tIlH8ZpiLKH_w-6yrrAfgrGGYx_RATMeAwlnJi3teKnykkm1vJJ1wcZ2L1PW_ovMof8C5n6EAw!![1].swf=
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\69XU6OIX\playlistsafe=true;rand=63841;sessionstart=landingpage;safefilter=off;playlistpos=1;page=category;playlisteverythree=true;playtimes=0;pid=10;kw;~cs=e[1].gif=
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\71LDK45N\dref=http%253A%252F%252Fmoviereviews.mevio[1].com%252F%253Futm_campaign%253Ddf250c_214849_113320_156500%2526utm_source%253Ddf250c%2526utm_medium%253Ddf250co
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\01[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\1%2fSZ%3d728X90A%2fV%3d2.3S%2f%2fST%3d0Axf0gMW0ylK19KX16hGm92_3S033A%2fREDIRURL%3d&_salt=1950734855&B=10&u=http%3A%2F%2Fwww.auctionmicro.com%2F728x90[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\10429dd86f591d556933cb8011bd148c30060a60[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\1373859974@Top1[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\15151[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\1[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\1[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\2191[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\220132[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\2491[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\24973-2[8].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\24974-2[10].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\24974-2[11].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\24974-2[9].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\261456[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\26437433fd9914196e63195326d7fca49208ccec[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\278622[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\2914_0681cf11-68ad-4864-9bcd-7fd11519470c[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\2cc67362354b4aadd4c307fa2bd1087d[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\2[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\32855[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\357[2].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\365[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\494090729@Bottom3[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\5190fa35609544322a0b1412ea45288dfe2b7d76[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\56cac9059f19bcea6345080ae56f40d657ef08b9[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\57.1[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\68[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\86.1[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\8b8c18aec0536df47c9d68f6230e9b5419c4df03[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\93f67efa20a084549d61ad789386d089363df86d[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\9bd74c977194b2c806202f067664f0c9e14d3855[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\;dcopt=ist;page=teencraft-club;cat=;subcat=;tile=1;sz=728x90;ord=[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\;dcopt=ist;page=teensweeps;cat=sweeps;subcat=;tile=1;sz=728x90;ord=[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\AS2SOHandler[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\beacon[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\beacon[2].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\beacon[2].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\bg-mygvhead[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\bg-retro[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\bootstrap[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\b[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\b[2].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\c285696f518c715c62359c7c03a9c767[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\c285696f518c715c62359c7c03a9c767[2].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\c37e7f7295c0972102c0ef37fc9de921cbc745e2[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\c7fe932bb0328561b4a4102c7cac32e71314014c[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\cas[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\cas[2].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\cas[3].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\cas[4].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\cas_blank[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\cms-2-frame[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\config[1].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\config[2].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\crossdomain[6].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\crossdomain[7].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\crossdomain[8].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\crossdomain[9].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\DD_roundies_0.0.2a-min[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\detection[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\detection[2].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\display_iab_ads[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\display_iab_ads[2].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\dk[8].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\dl_0[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\dref=http%253A%252F%252Fd1.openx.org%252Fafr[1].php%253Fzoneid%253D157803
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\ErrorPageTemplate[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\ewtrack[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\ewtrack_wesupport[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\fb-become_a_fan[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\fb94b76def6926712db4582a10278be6cfb8454d[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\FeatureLoader.js[1].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\games300[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\ga[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\GetAdDirector_BannerCreative[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\getPersona[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\getPersona[2].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\getPersona[3].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\getPersona[4].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\getPersona[5].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\get[4].media
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\glamadapt_jsrv[10].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\glamadapt_jsrv[11].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\glamadapt_jsrv[4].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\glamadapt_jsrv[5].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\glamadapt_jsrv[6].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\glamadapt_jsrv[7].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\glamadapt_jsrv[8].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\glamadapt_jsrv[9].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\gv-on-facebook[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\gv-utils[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\gv2_emercial_back2[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\gv_fishbowl[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\gv_nav[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\iconAssetsFlat[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\iframe2[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\imp
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\indexCA04T81R.gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\indexCAUP4PEA.gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\index[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\JS[5].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\jump1[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\JWV2ZCA7RE7QMCA134ZMLCASUR5A3CAJS1UZQCAY70ANRCAXAQI2ACA2WO0GKCA6IH2SUCAQZ3UIDCAWK0FF2CAC22KA1CAQEPT4RCADGTZPDCAHSXI6CCAD7ICFICA8NWP92CAME39RZCAHM2PPB.txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\j[2].ad
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\logController[1].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\logController[2].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\log[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\log[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\log[2]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\log[3]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\lycos[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\main[1].css
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\meld114[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\meviounderground-us-e[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\mmmss[8].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\mmmss[9].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\mmtnt[6].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\mmtnt[7].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\nateberkus[1].flv
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\NateBSonyPic3[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\nifty[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\now-playing-bg[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\nuplayer[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\nuplayer[2].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\pixel[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\p[9].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\QuickDrawPoker-v1003041135[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\QuickDrawPoker-v1003041135[2].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\rda[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\Reebok_Payton_300x250[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\Reebok_ZIG_Tech_MANNING_30s_400x300[1].flv
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\roomFull[1].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\ScanScout[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\showInteraction[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\spc[2].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\spc[3].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\spc[4].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\ssInplayerCampaign[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\start_screen-b06c6ccdf28b8f07d7a80a728003878a1a082866e16266ac76de5d9b74e1d237[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\step-numbers[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\st[5]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\swfobject2.2[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\text_group[10].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\text_group[9].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\threadbanger-us-e[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\tpl_connect[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\tpl_player[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\two[8].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\u[2].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\VastVideo[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\visitor[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\vptrack[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\wrapper[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\xg.js[1].jsp
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\zw06_720x300_1109.swf[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJC1B2Y\zw06_728x90_1109[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\.b[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\01[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\09.5[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\10297[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\10f30b05ed8712d72195dcf9047b96ebc4993992[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\1456069727@x15[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\1650367067@Top1[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\170x140_aastewy[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\1[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\1[2].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\1[3].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\1[4].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\24973-2[8].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\24973-2[9].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\24974-2[8].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\2510[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\275086[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\278613[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\278614[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\2809_9b33d795-2905-4c18-9212-77f0c245b382[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\2c7898ce-9bbb-4304-80cc-b95720cd0cad[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\33x33_bejeweled[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\4811[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\495568326@Bottom3[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\4dd3fc1203ecf3d63be1849751d5ae14e4145ee5[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\4fe255f0dc1815d75a456c58ba4383232b2185b8[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\511758[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\5169288835406d53e216cc756e2bd134997af3d9[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\5f462c6d8271f044b85edcd9d2f4650a5c579e42[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\71.2[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\7611[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\912e49f54dddc0e8fbcf62707667d95fd24d3081[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\965512261@Bottom3[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\9661b8a58f1ffa2ddfde9bf490b81920c915e806[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\;ord=1125275746[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\adopt[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\adServer[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\adServer[2].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\adwrapper[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\ad[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\ad_call[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\afr[1].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\afr[2].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\afr[3].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\ai_realmedia_com[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\ajs[3].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\ajs[4].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\analytics-544ad11f0bbbbc34541f56ac428724b21511866357bac5a21cca248bd11f5a2d[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\araStyleReset[1].css
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\beacon.js[3].jsp
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\bg-navBackSolid[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\c729bxo3[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\cas_blank[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\clk[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\connect[1].css
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\control[1].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\crossdomain[7].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\crossdomain[8].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\crossdomain[9].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\custom[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\decide[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\detection[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\dh[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\distribconfig_mwm_pcw_default[4].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\dk[8].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\dot[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\dref=http%253A%252F%252Fd1.openx.org%252Fafr[1].php%253Fzoneid%253D157803
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\dref=http%253A%252F%252Fwww.mevio[1].com%252Fmusic%252F
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\dropdown-arrows[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\e1a193d0e033772c8e8b8d0cf812deac4e060e98[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\errorPageStrings[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\ewtrack_8[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\fcfc93d2eb41c979fd7f5255bfd2ed930dd2c9d4[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\fpt[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\getbid[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\getPersona[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\getPersona[2].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\getPersona[3].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\getPersona[4].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\get[1].media
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\get_flash_player[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\ggce353[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\glamadapt_jsrvCAN9KACY.act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\glamadapt_jsrv[10].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\glamadapt_jsrv[11].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\glamadapt_jsrv[3].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\glamadapt_jsrv[4].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\glamadapt_jsrv[5].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\glamadapt_jsrv[6].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\glamadapt_jsrv[7].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\glamadapt_jsrv[8].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\glamadapt_jsrv[9].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\gold-AvatarIcon2[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\gv2_emercial_back2[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\gv2_emercial_back2[2].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\gvLoadingProgress[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\gv_fishbowl[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\gv_nav[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\gv_nav[2].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\gv_style2[1].css
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\gv_tab_casino_off[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\gv_tab_casino_off[2].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\gv_tab_casino_on[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\gv_tab_casino_on[2].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\gv_tab_free_off[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\gv_tab_video_off[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\gv_tab_video_on[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\gv_tab_video_on[2].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\ICPlaces-firstlook[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\Impression[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\indexCA05NJOQ.gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\indexCA73QKBA.gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\indexCACS8ARK.gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\indexCAW2OVUT.gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\indexCAZ3VE2E.gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\index[1].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\init[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\i[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\jcarousel_mevio[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\jquery-1.3.2.min[2].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\jquery-1.4.1.min[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\jqueryTimer[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\json[2]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\js[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\logController[1].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\logo-lycos[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\log[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\log[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\log[2]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\log[2].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\log[3]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\log[3].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\log[4]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\meviomusicvideos-us-e[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\mmmss[8].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\mmtnt[8].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\MR3[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\m[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\NateBSonyPicInteractive[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\nat[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\nifty[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\photowalkthrough-us-e[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\pixel[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\pixel[2]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\playback-611cc0e95cd6fdd6879fb87dd1bb6a797c3df8e05fd5100f54f3bec7994d3926[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\player_v2[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\QuickDrawPoker-v1003041135[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\q[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\ros[3]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\rsiads[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\script44[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\search[1].css
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\search[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\showicons[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\shows[1].css
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\ssAdUtils[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\start-f253239139[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\s[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\tags[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\TARGET_AWARDWINNERS_300x250_p2_RM_082510[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\telephone[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\tpl_htdocs[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\tpl_shows[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\twoCACQK0KE.php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\twoCATHM9E0.php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\two[11].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\utopiawednesday[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\v1[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\vindicosuite.xumo.js[1].asp
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\visible_measures-4871da23b7291db776d19ad56fb1e1fb34b7f35121bd6160e642e55d2475c494[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\M17IW6R7\v[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\0b9f90d998ffd83215a093ad89e550d38b4a5b57[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\1563815876@Top1[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\1677[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\1979610904@Top1[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\1stlook-us-e[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\1stlook[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\2457[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\24974-2[9].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\275014[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\278618[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\278626[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\2828_11ece055-1dfa-4dd6-be7f-d9a1df34b0c8[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\2fdc9cb12f38be80d4f58689d938ef50379c5782[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\39836[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\4275[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\43.4[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\74a589e29571175fa241f43148b885f5fb28212f[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\752269539@Bottom3[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\960[1].css
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\;dcopt=ist;page=teenhome;cat=home;subcat=;tile=1;sz=728x90;ord=[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\adopt[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\adopt[2].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\afe9dd85d171dddd1791c1c1c538879e876c210b[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\afr[1].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\ajs[10].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\ajs[3].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\ajs[4].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\ajs[5].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\ajs[6].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\ajs[7].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\ajs[8].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\ajs[9].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\B4762172[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\backcookie[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\beacon.js[1].jsp
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\beacon[3].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\beacon[4].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\beacon[5].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\bg-btn-glare[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\box-heading[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\bullet[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\c285696f518c715c62359c7c03a9c767[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\cas[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\cas[2].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\cas[3].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\cas[4].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\cas_blank[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\cas_blank[2].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\click[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\connect-css[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\controls-cc57c36f5fb62d6b8dde378b60fd71314c40cb186181ad023c0ba5ac14cf754e[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\convpixel[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\crossdomainCAK0606T.xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\crossdomain[10].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\crossdomain[11].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\csjs[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\detection[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\displayAd[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\distribconfig_mwm_pcw_default[3].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\distribconfig_mwm_pcw_default[4].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\dk[10].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\dk[8].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\dk[9].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\DocumentDotWrite[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\ewtrack_9_0_28_0[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\exp_Proxy[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\ExternalHTMLAdRenderer[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\fpt[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\getbid[1].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\getPersona[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\getPersona[2].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\getPersona[3].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\getPersona[4].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\getPersona[5].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\glamadapt_jsrv[3].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\glamadapt_jsrv[4].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\glamadapt_jsrv[5].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\glamadapt_jsrv[6].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\glamadapt_jsrv[7].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\glamadapt_jsrv[8].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\glamadapt_jsrv[9].act
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\gv_fishbowl[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\gv_fishbowl[2].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\gv_style2[1].css
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\gv_style2[2].css
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\gv_style2[3].css
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\gv_tab_casino_off[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\gv_tab_casino_off[2].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\gv_tab_casino_on[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\gv_tab_downloads_off[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\gv_tab_free_off[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\gv_tab_free_off[2].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\gv_tab_free_on[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\gv_tab_free_on[2].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\gv_tab_video_off[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\gv_tab_video_off[2].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\gv_tab_video_on[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\hdr-blueclouds[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\header-bg[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\help-javaIcon[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\help[1].css
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\httpErrorPagesScripts[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\Impression[2].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\Impression[3].htm
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\indexCA3YVR6Q.gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\indexCACP7X7O.gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\indexCAKSHJIG.gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\indexCAMQFWC8.gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\indexCAN5KPC2.gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\indexCAQFBO13.gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\index[1].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\jquery-1.4.2.min[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\jquery.gamesville[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\jqueryEffects[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\jquery[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\logController[1].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\logo[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\log[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\log[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\log[2]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\log[2].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\log[3]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\log[4]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\log[5]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\mmmss[5].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\mmtnt[10].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\mmtnt[11].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\m[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\nifty[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\nifty[2].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\play-trans[2].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\player_v2[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\quant[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\R9h3a3wTes9kt5iH5hMDoxOjBhO2YWar[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\roomFull[1].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\roomFull[2].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\ros[1]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\sa1070[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\segments[1].xml
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\shelf62703903[1].jpg
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\signin-welcome[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\small-icons[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\smp_300x250[1].gif
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\spc[1].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\spc[2].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\srad-6a[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\ss_ads3[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\st[6]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\st[7]
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\swfobject2.2[1].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\swfobject2.2[2].js
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\text_group[10].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\text_group[11].php
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\theme728x90A03H0F1L1P0000V1_1[1].css
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\tpas1[1].aspx
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\tpas1[2].aspx
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\ui-26a2678b0002579f7998178500a3e714ee669bbd53ce9f56f31d524ed6bb316d[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\upload-icons[1].png
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\upload[1].css
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\upload[1].txt
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\Vap[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\vmcutility[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\VPAIDAdRenderer[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\Xumo[1].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NE3O1M5A\Xumo[2].swf
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\RDD97XFA\%3DD%3Bkvd%3D1001%3Bkviroll%3Dtrue%3Bkvvchoice%3Dtrue;loc=100;noperf=1;target=_blank;cc=2;sub1=367137;sub2=367138;sub3=367141;sub4=367140;misc=507142020[1]n
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\RDD97XFA\;rand=81686;sessionstart=landingpage;safefilter=off;playlistpos=0;page=category;playlisteverythree=false;playtimes=0;pid=10;kw=blinkx;fc_utarg;~cs=n[1].gifn
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\RDD97XFA\Blogs%20and%20News&referer=http%3A%2F%2Fwww.nexplore.com%2Fsearch[1].html%3Fpid%3Daon-pop1%26source%3D113615%23query%3Dron&screen=1280x800&localtime=22%3A8n
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\RDD97XFA\playlistsafe=true;rand=71997;sessionstart=landingpage;safefilter=off;playlistpos=2;page=category;playlisteverythree=false;playtimes=0;pid=10;k;~cs=n[1].gifn
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\RDD97XFA\Ui7X67msUSsSF7lzi7msnBiVnFVpUToKgv-bfxSpTKKgPx1fDRm1qe25NgsV7E8zLQpTDa8nCvaYG9JVSKmAo-_PnDdR2xo15l2XcKw8BAGHzU4zWch5gUIuLhpA6Gxalnfs_Qb_S38Btkp17g!![1].swfn
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\X3ZKO334\ue;playlistsafe=true;rand=964;sessionstart=landingpage;safefilter=off;playlistpos=1;page=category;playlisteverythree=true;playtimes=0;pid=10;k;~cs=u[1].gifo
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\ZQPHDZ4Q\%3DD%3Bkvd%3D1001%3Bkviroll%3Dtrue%3Bkvvchoice%3Dtrue;loc=100;noperf=1;target=_blank;cc=2;sub1=367137;sub2=367138;sub3=367141;sub4=367140;misc=634885325[1]m
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\ZQPHDZ4Q\%3DD%3Bkvd%3D1001%3Bkviroll%3Dtrue%3Bkvvchoice%3Dtrue;loc=100;noperf=1;target=_blank;cc=2;sub1=367137;sub2=367138;sub3=367141;sub4=367140;misc=883992144[1]m
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\ZQPHDZ4Q\3A%252F%252Forigin.candystand.com%252Fbanners%252Frotate[1].do%253Furi%253D%25252Fplay-random-game%25252Fcalculation-solitaire%2526region%253Dsquare_zone18m
!-->[Hidden] C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\ZQPHDZ4Q\Blogs%20and%20News&referer=http%3A%2F%2Fwww.nexplore.com%2Fsearch[1].html%3Fpid%3Daon-pop1%26source%3D113615%23query%3Dron&screen=1280x800&localtime=22%3A8m
==============================================
>Hooks
==============================================
ntkrnlpa.exe+0x0002AC48, Type: Inline - RelativeJump 0x80501C48-->80501CA6 [ntkrnlpa.exe]
ntkrnlpa.exe+0x0006AA8A, Type: Inline - RelativeJump 0x80541A8A-->80541A91 [ntkrnlpa.exe]
[1436]svchost.exe-->mswsock.dll+0x00004057, Type: Inline - RelativeJump 0x71A54057-->00000000 [unknown_code_page]
[1436]svchost.exe-->mswsock.dll+0x0000433A, Type: Inline - RelativeJump 0x71A5433A-->00000000 [unknown_code_page]
[1436]svchost.exe-->mswsock.dll+0x00005847, Type: Inline - RelativeJump 0x71A55847-->00000000 [unknown_code_page]
[1436]svchost.exe-->ntdll.dll-->KiUserExceptionDispatcher, Type: Inline - RelativeJump 0x7C90E47C-->00000000 [unknown_code_page]
[1436]svchost.exe-->ntdll.dll-->NtProtectVirtualMemory, Type: Inline - RelativeJump 0x7C90D6EE-->00000000 [unknown_code_page]
[1436]svchost.exe-->ntdll.dll-->NtWriteVirtualMemory, Type: Inline - RelativeJump 0x7C90DFAE-->00000000 [unknown_code_page]
[1436]svchost.exe-->user32.dll-->GetCursorPos, Type: Inline - RelativeJump 0x7E42974E-->00000000 [unknown_code_page]
[2008]explorer.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77DD1218-->00000000 [shimeng.dll]
[2008]explorer.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77F110B4-->00000000 [shimeng.dll]
[2008]explorer.exe-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x01001268-->00000000 [shimeng.dll]
[2008]explorer.exe-->mswsock.dll+0x00004057, Type: Inline - RelativeJump 0x71A54057-->00000000 [unknown_code_page]
[2008]explorer.exe-->mswsock.dll+0x0000433A, Type: Inline - RelativeJump 0x71A5433A-->00000000 [unknown_code_page]
[2008]explorer.exe-->mswsock.dll+0x00005847, Type: Inline - RelativeJump 0x71A55847-->00000000 [unknown_code_page]
[2008]explorer.exe-->ntdll.dll-->KiUserExceptionDispatcher, Type: Inline - RelativeJump 0x7C90E47C-->00000000 [unknown_code_page]
[2008]explorer.exe-->ntdll.dll-->NtProtectVirtualMemory, Type: Inline - RelativeJump 0x7C90D6EE-->00000000 [unknown_code_page]
[2008]explorer.exe-->ntdll.dll-->NtWriteVirtualMemory, Type: Inline - RelativeJump 0x7C90DFAE-->00000000 [unknown_code_page]
[2008]explorer.exe-->shell32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x7C9C15A4-->00000000 [shimeng.dll]
[2008]explorer.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x7E41133C-->00000000 [shimeng.dll]
[3928]firefox.exe-->mswsock.dll+0x00004057, Type: Inline - RelativeJump 0x71A54057-->00000000 [unknown_code_page]
[3928]firefox.exe-->mswsock.dll+0x0000433A, Type: Inline - RelativeJump 0x71A5433A-->00000000 [unknown_code_page]
[3928]firefox.exe-->mswsock.dll+0x00005847, Type: Inline - RelativeJump 0x71A55847-->00000000 [unknown_code_page]
[3928]firefox.exe-->ntdll.dll-->KiUserExceptionDispatcher, Type: Inline - RelativeJump 0x7C90E47C-->00000000 [unknown_code_page]
[3928]firefox.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump 0x7C9163C3-->00000000 [firefox.exe]
[3928]firefox.exe-->ntdll.dll-->NtProtectVirtualMemory, Type: Inline - RelativeJump 0x7C90D6EE-->00000000 [unknown_code_page]
[3928]firefox.exe-->ntdll.dll-->NtWriteVirtualMemory, Type: Inline - RelativeJump 0x7C90DFAE-->00000000 [unknown_code_page]


!!POSSIBLE ROOTKIT ACTIVITY DETECTED!! =)



Thanks again,
Techgirl888

#4 techgirl888

techgirl888
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Chicago, IL USA
  • Local time:05:09 AM

Posted 08 September 2010 - 07:14 PM

Syler reports you requested (cont.)

Here is the OTL report requested:

OTL logfile created on: 9/8/2010 6:34:12 PM - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 35.00 Mb Available Physical Memory | 7.00% Memory free
1.00 Gb Paging File | 0.00 Gb Available in Paging File | 29.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.88 Gb Total Space | 43.81 Gb Free Space | 78.39% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-4105E587B6
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/09/08 17:43:40 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2010/08/26 13:42:47 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/08/26 13:42:47 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/08/26 13:42:45 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/08/26 13:42:42 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/08/26 13:42:25 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/08/26 13:42:01 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/08/26 13:41:54 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/08/10 15:10:58 | 002,349,776 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2010/07/22 21:06:53 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/09 02:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\hpzipm12.exe
PRC - [2002/09/20 18:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


========== Modules (SafeList) ==========

MOD - [2010/09/08 17:43:40 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2008/04/13 19:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\Iasv32.dll -- (Ias)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\System32\6to4v32.dll -- (6to4)
SRV - [2010/08/26 13:42:01 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/08/26 13:41:54 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/08/12 07:15:19 | 001,355,416 | ---- | M] (Lavasoft) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2007/08/09 02:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)
SRV - [2002/09/20 18:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - [2010/08/26 13:44:19 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/08/26 13:44:03 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/08/26 13:44:01 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/08/21 13:15:41 | 000,020,480 | ---- | M] (NT Kernel Resources) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndisrd.sys -- (ndisrd)
DRV - [2010/08/12 07:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/08/12 07:15:19 | 000,015,008 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2004/09/03 07:52:00 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/08/04 13:05:20 | 000,341,760 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004/08/04 01:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/05/08 13:21:44 | 000,035,840 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/04/14 11:36:50 | 000,007,432 | ---- | M] (Hewlett-Packard Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2004/04/07 14:22:00 | 001,382,634 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003/12/02 09:27:00 | 000,021,120 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2003/10/07 22:40:00 | 000,094,601 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2003/08/08 19:00:00 | 000,008,448 | ---- | M] (Texas Instruments Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tiumflt.sys -- (DevUpper)
DRV - [2003/06/06 15:46:16 | 000,005,220 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2003/02/18 19:00:00 | 000,042,092 | ---- | M] (Texas Instruments Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tiumfwl.sys -- (tiumfwl)
DRV - [2001/08/17 15:10:28 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2001/08/17 10:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp
IE - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.845
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/08/26 13:41:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/24 17:20:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/24 17:48:25 | 000,000,000 | ---D | M]

[2010/08/24 17:21:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/08/26 11:27:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yls50t8j.default\extensions
[2010/08/24 16:42:56 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/08/26 18:26:06 | 000,416,826 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14388 more lines...
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
O4 - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftu...b?1282690133203 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl...indows-i586.cab (Java Plug-in 1.4.2_05)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\WINDOWS\Amber Flow.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Amber Flow.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/18 18:49:10 | 000,000,000 | ---D | M] - C:\Autoruns -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: Cleavert - (C:\WINDOWS\system32\DSndedos.dll) - C:\WINDOWS\System32\DSndedos.dll File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - C:\WINDOWS\System32\6to4v32.dll File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - C:\WINDOWS\System32\Iasv32.dll File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

Drivers32: MIDI1 - C:\WINDOWS\System32\Syncor11.dll (SoundMAX)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (69819404975603712)

========== Files/Folders - Created Within 30 Days ==========

[2010/09/08 17:43:37 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/08/26 14:47:15 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/08/26 13:44:19 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/08/26 13:44:14 | 000,243,024 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/08/26 13:44:02 | 000,216,400 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/08/26 13:43:59 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/08/26 13:43:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2010/08/26 13:39:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/08/24 23:35:16 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2010/08/24 23:35:10 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2010/08/24 23:34:53 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2010/08/24 23:34:44 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2010/08/24 23:34:23 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2010/08/24 23:34:19 | 000,019,455 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys
[2010/08/24 23:34:15 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2010/08/24 23:34:13 | 000,012,063 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys
[2010/08/24 23:33:43 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2010/08/24 23:33:38 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2010/08/24 23:33:27 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2010/08/24 23:33:21 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2010/08/24 23:33:16 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2010/08/24 23:33:15 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010/08/24 23:33:15 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010/08/24 23:33:09 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys
[2010/08/24 23:33:08 | 000,023,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys
[2010/08/24 23:33:06 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys
[2010/08/24 23:33:02 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2010/08/24 23:32:59 | 000,033,599 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys
[2010/08/24 23:32:58 | 000,019,551 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys
[2010/08/24 23:32:57 | 000,029,311 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys
[2010/08/24 23:32:54 | 000,011,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys
[2010/08/24 23:32:52 | 000,012,127 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys
[2010/08/24 23:32:49 | 000,012,415 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys
[2010/08/24 23:32:43 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2010/08/24 23:32:39 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2010/08/24 23:32:34 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2010/08/24 23:32:33 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010/08/24 23:32:28 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2010/08/24 23:32:23 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2010/08/24 23:32:18 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2010/08/24 23:32:13 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2010/08/24 23:32:08 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys
[2010/08/24 23:32:06 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2010/08/24 23:32:00 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2010/08/24 23:31:55 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2010/08/24 23:31:50 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2010/08/24 23:31:45 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2010/08/24 23:31:40 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2010/08/24 23:31:35 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2010/08/24 23:31:30 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2010/08/24 23:31:26 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2010/08/24 23:31:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2010/08/24 23:31:22 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2010/08/24 23:31:20 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2010/08/24 23:31:13 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll
[2010/08/24 23:31:08 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2010/08/24 23:31:04 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2010/08/24 23:30:56 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll
[2010/08/24 23:30:51 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2010/08/24 23:30:46 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2010/08/24 23:30:42 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2010/08/24 23:30:37 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2010/08/24 23:30:32 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2010/08/24 23:30:27 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2010/08/24 23:30:22 | 000,036,736 | ---- | C] (Promise Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ultra.sys
[2010/08/24 23:30:16 | 000,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys
[2010/08/24 23:30:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010/08/24 23:30:09 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2010/08/24 23:30:04 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2010/08/24 23:29:59 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2010/08/24 23:29:55 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2010/08/24 23:29:50 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2010/08/24 23:29:46 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2010/08/24 23:29:41 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys
[2010/08/24 23:29:36 | 000,042,496 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll
[2010/08/24 23:29:35 | 000,082,944 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4mon.exe
[2010/08/24 23:29:30 | 000,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll
[2010/08/24 23:29:25 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\toside.sys
[2010/08/24 23:29:21 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys
[2010/08/24 23:29:16 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys
[2010/08/24 23:29:11 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys
[2010/08/24 23:29:05 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2010/08/24 23:28:59 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2010/08/24 23:28:55 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2010/08/24 23:28:53 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2010/08/24 23:28:52 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010/08/24 23:28:44 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2010/08/24 23:28:38 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2010/08/24 23:28:38 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010/08/24 23:28:36 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010/08/24 23:28:29 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys
[2010/08/24 23:28:24 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2010/08/24 23:28:20 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2010/08/24 23:28:15 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2010/08/24 23:28:09 | 000,032,640 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\symc8xx.sys
[2010/08/24 23:28:05 | 000,016,256 | ---- | C] (Symbios Logic Inc.) -- C:\WINDOWS\System32\dllcache\symc810.sys
[2010/08/24 23:28:01 | 000,030,688 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_u3.sys
[2010/08/24 23:27:57 | 000,028,384 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_hi.sys
[2010/08/24 23:27:53 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2010/08/24 23:27:48 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2010/08/24 23:27:44 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2010/08/24 23:27:40 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2010/08/24 23:27:35 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2010/08/24 23:27:31 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2010/08/24 23:27:27 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2010/08/24 23:27:25 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2010/08/24 23:27:21 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2010/08/24 23:27:16 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2010/08/24 23:27:12 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2010/08/24 23:27:07 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2010/08/24 23:27:01 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2010/08/24 23:26:57 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010/08/24 23:26:57 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2010/08/24 23:26:51 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2010/08/24 23:26:45 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2010/08/24 23:26:41 | 000,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2010/08/24 23:26:34 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2010/08/24 23:26:29 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2010/08/24 23:26:25 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys
[2010/08/24 23:26:21 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll
[2010/08/24 23:26:17 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys
[2010/08/24 23:26:12 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2010/08/24 23:26:11 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010/08/24 23:26:11 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys
[2010/08/24 23:26:06 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010/08/24 23:26:06 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2010/08/24 23:26:05 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010/08/24 23:26:03 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010/08/24 23:26:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010/08/24 23:25:58 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2010/08/24 23:25:57 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010/08/24 23:25:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010/08/24 23:25:53 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2010/08/24 23:25:48 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2010/08/24 23:25:43 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2010/08/24 23:25:39 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys
[2010/08/24 23:25:38 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys
[2010/08/24 23:25:36 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010/08/24 23:25:36 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys
[2010/08/24 23:25:32 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll
[2010/08/24 23:25:28 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll
[2010/08/24 23:25:27 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010/08/24 23:25:23 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010/08/24 23:25:23 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll
[2010/08/24 23:25:22 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010/08/24 23:25:22 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010/08/24 23:25:18 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll
[2010/08/24 23:25:18 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010/08/24 23:25:17 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010/08/24 23:25:17 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010/08/24 23:25:16 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010/08/24 23:25:16 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010/08/24 23:25:16 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010/08/24 23:25:15 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010/08/24 23:25:15 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010/08/24 23:25:13 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2010/08/24 23:25:12 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2010/08/24 23:25:07 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2010/08/24 23:25:02 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2010/08/24 23:24:58 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll
[2010/08/24 23:24:54 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys
[2010/08/24 23:24:53 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2010/08/24 23:24:49 | 000,238,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrv.dll
[2010/08/24 23:24:45 | 000,104,064 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrp.sys
[2010/08/24 23:24:40 | 000,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll
[2010/08/24 23:24:36 | 000,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys
[2010/08/24 23:24:32 | 000,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll
[2010/08/24 23:24:28 | 000,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys
[2010/08/24 23:24:27 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010/08/24 23:24:19 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2010/08/24 23:24:15 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2010/08/24 23:24:11 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2010/08/24 23:24:07 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2010/08/24 23:24:02 | 000,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys
[2010/08/24 23:23:56 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2010/08/24 23:23:52 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys
[2010/08/24 23:23:51 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2010/08/24 23:23:47 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys
[2010/08/24 23:23:45 | 000,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys
[2010/08/24 23:23:41 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010/08/24 23:23:41 | 000,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys
[2010/08/24 23:23:36 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2010/08/24 23:23:32 | 000,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys
[2010/08/24 23:23:28 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2010/08/24 23:23:24 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2010/08/24 23:23:22 | 000,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys
[2010/08/24 23:23:18 | 000,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll
[2010/08/24 23:23:13 | 000,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys
[2010/08/24 23:23:09 | 000,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll
[2010/08/24 23:23:05 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2010/08/24 23:23:00 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2010/08/24 23:22:56 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2010/08/24 23:22:52 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2010/08/24 23:22:48 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2010/08/24 23:22:44 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2010/08/24 23:22:40 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2010/08/24 23:22:36 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2010/08/24 23:22:32 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2010/08/24 23:22:28 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2010/08/24 23:22:24 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2010/08/24 23:22:19 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2010/08/24 23:22:19 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/08/24 23:22:19 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/08/24 23:22:17 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2010/08/24 23:22:16 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2010/08/24 23:22:11 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2010/08/24 23:22:07 | 000,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys
[2010/08/24 23:22:02 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2010/08/24 23:21:54 | 000,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys
[2010/08/24 23:21:52 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2010/08/24 23:21:47 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2010/08/24 23:21:42 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2010/08/24 23:21:41 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010/08/24 23:21:41 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010/08/24 23:21:32 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2010/08/24 23:21:28 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2010/08/24 23:21:24 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2010/08/24 23:21:20 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[2010/08/24 23:21:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010/08/24 23:21:18 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010/08/24 23:21:12 | 000,049,024 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1280.sys
[2010/08/24 23:21:08 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql1240.sys
[2010/08/24 23:21:04 | 000,045,312 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql12160.sys
[2010/08/24 23:21:00 | 000,033,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql10wnt.sys
[2010/08/24 23:20:56 | 000,040,320 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1080.sys
[2010/08/24 23:20:55 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys
[2010/08/24 23:20:50 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2010/08/24 23:20:46 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2010/08/24 23:20:42 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2010/08/24 23:20:41 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll
[2010/08/24 23:20:37 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll
[2010/08/24 23:20:31 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll
[2010/08/24 23:20:25 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2010/08/24 23:20:22 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys
[2010/08/24 23:20:17 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys
[2010/08/24 23:20:16 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys
[2010/08/24 23:20:12 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys
[2010/08/24 23:20:11 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010/08/24 23:20:11 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010/08/24 23:20:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010/08/24 23:20:03 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll
[2010/08/24 23:19:59 | 000,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys
[2010/08/24 23:19:55 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys
[2010/08/24 23:19:51 | 000,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys
[2010/08/24 23:19:47 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys
[2010/08/24 23:19:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll
[2010/08/24 23:19:39 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax
[2010/08/24 23:19:38 | 000,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll
[2010/08/24 23:19:37 | 000,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys
[2010/08/24 23:19:36 | 000,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll
[2010/08/24 23:19:35 | 000,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys
[2010/08/24 23:19:30 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2hib.sys
[2010/08/24 23:19:27 | 000,027,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2.sys
[2010/08/24 23:19:25 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2010/08/24 23:19:21 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2010/08/24 23:19:17 | 000,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys
[2010/08/24 23:19:13 | 000,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys
[2010/08/24 23:19:09 | 000,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[2010/08/24 23:19:05 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2010/08/24 23:19:04 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2010/08/24 23:19:00 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2010/08/24 23:18:58 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010/08/24 23:18:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010/08/24 23:18:53 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll
[2010/08/24 23:18:49 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll
[2010/08/24 23:18:45 | 000,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys
[2010/08/24 23:18:41 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe
[2010/08/24 23:18:37 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll
[2010/08/24 23:18:33 | 000,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys
[2010/08/24 23:18:29 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll
[2010/08/24 23:18:25 | 000,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys
[2010/08/24 23:18:21 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys
[2010/08/24 23:18:17 | 000,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys
[2010/08/24 23:18:14 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys
[2010/08/24 23:18:10 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2010/08/24 23:18:06 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2010/08/24 23:18:02 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2010/08/24 23:17:57 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2010/08/24 23:17:45 | 000,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys
[2010/08/24 23:17:41 | 000,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll
[2010/08/24 23:17:24 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2010/08/24 23:17:24 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010/08/24 23:17:18 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys
[2010/08/24 23:17:14 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys
[2010/08/24 23:17:13 | 000,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys
[2010/08/24 23:17:04 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2010/08/24 23:17:00 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2010/08/24 23:16:54 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2010/08/24 23:16:53 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2010/08/24 23:16:46 | 000,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys
[2010/08/24 23:16:40 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2010/08/24 23:16:36 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2010/08/24 23:16:32 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys
[2010/08/24 23:16:28 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2010/08/24 23:16:22 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2010/08/24 23:16:18 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2010/08/24 23:16:13 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2010/08/24 23:16:09 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2010/08/24 23:16:06 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2010/08/24 23:16:01 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2010/08/24 23:15:58 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2010/08/24 23:15:54 | 000,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys
[2010/08/24 23:15:49 | 000,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys
[2010/08/24 23:15:45 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2010/08/24 23:15:39 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2010/08/24 23:15:34 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2010/08/24 23:15:30 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2010/08/24 23:15:26 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010/08/24 23:15:26 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2010/08/24 23:15:22 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2010/08/24 23:14:59 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2010/08/24 23:14:56 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2010/08/24 23:14:45 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys
[2010/08/24 23:14:31 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmpu401.sys
[2010/08/24 23:14:29 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010/08/24 23:14:29 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys
[2010/08/24 23:14:28 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010/08/24 23:14:06 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys
[2010/08/24 23:14:01 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys
[2010/08/24 23:13:59 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2010/08/24 23:13:51 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2010/08/24 23:13:48 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2010/08/24 23:13:41 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys
[2010/08/24 23:13:32 | 000,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys
[2010/08/24 23:13:29 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migisol.exe
[2010/08/24 23:13:24 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys
[2010/08/24 23:13:20 | 000,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll
[2010/08/24 23:13:20 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010/08/24 23:13:19 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010/08/24 23:13:18 | 000,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys
[2010/08/24 23:13:11 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll
[2010/08/24 23:13:06 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys
[2010/08/24 23:13:02 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2010/08/24 23:12:56 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys
[2010/08/24 23:12:55 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010/08/24 23:12:50 | 000,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys
[2010/08/24 23:12:46 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll
[2010/08/24 23:12:41 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll
[2010/08/24 23:12:37 | 000,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys
[2010/08/24 23:12:37 | 000,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys
[2010/08/24 23:12:31 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2010/08/24 23:12:27 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2010/08/24 23:12:27 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys
[2010/08/24 23:12:26 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2010/08/24 23:12:23 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2010/08/24 23:12:22 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2010/08/24 23:12:18 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2010/08/24 23:12:10 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys
[2010/08/24 23:12:03 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2010/08/24 23:11:59 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2010/08/24 23:11:55 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2010/08/24 23:11:52 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2010/08/24 23:11:50 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2010/08/24 23:11:47 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2010/08/24 23:11:43 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2010/08/24 23:11:43 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2010/08/24 23:11:42 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2010/08/24 23:11:41 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2010/08/24 23:11:36 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2010/08/24 23:11:35 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010/08/24 23:11:33 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll
[2010/08/24 23:11:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll
[2010/08/24 23:11:30 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010/08/24 23:11:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010/08/24 23:11:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010/08/24 23:11:24 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2010/08/24 23:11:20 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2010/08/24 23:11:18 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2010/08/24 23:11:14 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2010/08/24 23:11:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2010/08/24 23:11:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2010/08/24 23:11:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2010/08/24 23:11:04 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010/08/24 23:11:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010/08/24 23:10:59 | 000,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys
[2010/08/24 23:10:56 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2010/08/24 23:10:53 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2010/08/24 23:10:51 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2010/08/24 23:10:46 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2010/08/24 23:10:43 | 000,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll
[2010/08/24 23:10:39 | 000,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys
[2010/08/24 23:10:36 | 000,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys
[2010/08/24 23:10:32 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ini910u.sys
[2010/08/24 23:10:30 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010/08/24 23:10:28 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010/08/24 23:10:27 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010/08/24 23:10:25 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010/08/24 23:10:23 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010/08/24 23:10:23 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010/08/24 23:10:22 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010/08/24 23:10:12 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2010/08/24 23:10:09 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys
[2010/08/24 23:10:05 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll
[2010/08/24 23:10:02 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll
[2010/08/24 23:09:59 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2010/08/24 23:09:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2010/08/24 23:09:52 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2010/08/24 23:09:49 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2010/08/24 23:09:46 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2010/08/24 23:09:42 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2010/08/24 23:09:39 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys
[2010/08/24 23:09:36 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys
[2010/08/24 23:09:33 | 000,009,216 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[2010/08/24 23:09:29 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys
[2010/08/24 23:09:28 | 000,161,020 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys
[2010/08/24 23:09:27 | 000,702,845 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll
[2010/08/24 23:09:24 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys
[2010/08/24 23:09:21 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll
[2010/08/24 23:09:20 | 000,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omp.sys
[2010/08/24 23:09:19 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2010/08/24 23:09:17 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010/08/24 23:09:13 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010/08/24 23:09:07 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys
[2010/08/24 23:09:04 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys
[2010/08/24 23:02:18 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2010/08/24 22:54:24 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys
[2010/08/24 22:54:21 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys
[2010/08/24 22:54:18 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys
[2010/08/24 22:54:14 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys
[2010/08/24 22:54:11 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys
[2010/08/24 22:54:08 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll
[2010/08/24 22:54:04 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys
[2010/08/24 22:54:01 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys
[2010/08/24 22:53:58 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys
[2010/08/24 22:53:55 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys
[2010/08/24 22:53:51 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys
[2010/08/24 22:53:46 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2010/08/24 22:53:43 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2010/08/24 22:53:40 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2010/08/24 22:53:37 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2010/08/24 22:53:33 | 000,025,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpn.sys
[2010/08/24 22:53:30 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2010/08/24 22:53:27 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2010/08/24 22:53:19 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2010/08/24 22:53:12 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2010/08/24 22:53:05 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2010/08/24 22:52:59 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2010/08/24 22:52:49 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2010/08/24 22:52:43 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2010/08/24 22:52:42 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2010/08/24 22:52:39 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2010/08/24 22:52:38 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2010/08/24 22:52:31 | 000,907,456 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys
[2010/08/24 22:52:31 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2010/08/24 22:52:30 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010/08/24 22:52:27 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2010/08/24 22:52:24 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2010/08/24 22:52:19 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2010/08/24 22:52:13 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys
[2010/08/24 22:52:09 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2010/08/24 22:52:06 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys
[2010/08/24 22:52:03 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll
[2010/08/24 22:52:01 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys
[2010/08/24 22:51:57 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll
[2010/08/24 22:51:52 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2010/08/24 22:51:30 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010/08/24 22:51:28 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010/08/24 22:51:22 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010/08/24 22:51:21 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010/08/24 22:51:16 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2010/08/24 22:51:10 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2010/08/24 22:51:05 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2010/08/24 22:50:58 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2010/08/24 22:50:55 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2010/08/24 22:50:52 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2010/08/24 22:50:50 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2010/08/24 22:50:47 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2010/08/24 22:50:46 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010/08/24 22:50:42 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2010/08/24 22:50:35 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010/08/24 22:50:35 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys
[2010/08/24 22:50:31 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2010/08/24 22:50:29 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys
[2010/08/24 22:50:26 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2010/08/24 22:50:23 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2010/08/24 22:50:20 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2010/08/24 22:50:18 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys
[2010/08/24 22:50:16 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/08/24 22:50:16 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010/08/24 22:50:13 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2010/08/24 22:50:11 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/08/24 22:50:11 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2010/08/24 22:50:08 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2010/08/24 22:50:08 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/08/24 22:50:05 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2010/08/24 22:50:04 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys
[2010/08/24 22:49:59 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2010/08/24 22:49:55 | 000,347,550 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2010/08/24 22:49:53 | 000,594,238 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys
[2010/08/24 22:49:50 | 000,595,647 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2010/08/24 22:49:48 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2010/08/24 22:49:46 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2010/08/24 22:49:43 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2010/08/24 22:49:39 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2010/08/24 22:49:35 | 000,061,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2010/08/24 22:49:33 | 000,051,200 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2010/08/24 22:49:30 | 000,053,248 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2010/08/24 22:49:28 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2010/08/24 22:49:25 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2010/08/24 22:49:19 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2010/08/24 22:49:18 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2010/08/24 22:49:15 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys
[2010/08/24 22:49:09 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2010/08/24 22:49:07 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2010/08/24 22:49:06 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2010/08/24 22:49:04 | 000,171,520 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2010/08/24 22:49:02 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2010/08/24 22:49:00 | 000,455,199 | ---- | C] (3Com Corporation.) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2010/08/24 22:48:58 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2010/08/24 22:48:56 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2010/08/24 22:48:55 | 000,241,206 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2010/08/24 22:48:53 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2010/08/24 22:48:51 | 000,634,134 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2010/08/24 22:48:50 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2010/08/24 22:48:48 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2010/08/24 22:48:46 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2010/08/24 22:48:45 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2010/08/24 22:48:43 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2010/08/24 22:48:41 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2010/08/24 22:48:41 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2010/08/24 22:48:37 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2010/08/24 22:48:35 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100b325.sys
[2010/08/24 22:48:34 | 000,050,719 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2010/08/24 22:48:27 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2010/08/24 22:48:25 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2010/08/24 22:48:21 | 000,020,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpti2o.sys
[2010/08/24 22:48:18 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2010/08/24 22:48:17 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2010/08/24 22:48:15 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2010/08/24 22:48:11 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2010/08/24 22:48:10 | 000,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys
[2010/08/24 22:48:03 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2010/08/24 22:48:03 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2010/08/24 22:48:01 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2010/08/24 22:47:59 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2010/08/24 22:47:53 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2010/08/24 22:47:52 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2010/08/24 22:47:50 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2010/08/24 22:47:49 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2010/08/24 22:47:46 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2010/08/24 22:47:45 | 000,614,429 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2010/08/24 22:47:43 | 000,042,432 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2010/08/24 22:47:42 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2010/08/24 22:47:40 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2010/08/24 22:47:39 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2010/08/24 22:47:37 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2010/08/24 22:47:35 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2010/08/24 22:47:34 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2010/08/24 22:47:32 | 000,090,525 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2010/08/24 22:47:31 | 000,103,044 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2010/08/24 22:47:29 | 000,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2010/08/24 22:47:27 | 000,037,735 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2010/08/24 22:47:26 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2010/08/24 22:47:23 | 000,419,357 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2010/08/24 22:47:22 | 000,029,531 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2010/08/24 22:47:20 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2010/08/24 22:47:18 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2010/08/24 22:47:17 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe
[2010/08/24 22:47:15 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll
[2010/08/24 22:47:13 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2010/08/24 22:47:11 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2010/08/24 22:47:09 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2010/08/24 22:47:08 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2010/08/24 22:47:06 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2010/08/24 22:47:05 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2010/08/24 22:47:03 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2010/08/24 22:46:59 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dac960nt.sys
[2010/08/24 22:46:58 | 000,179,584 | ---- | C] (Mylex Corporation) -- C:\WINDOWS\System32\dllcache\dac2w2k.sys
[2010/08/24 22:46:54 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2010/08/24 22:46:53 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2010/08/24 22:46:51 | 000,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2010/08/24 22:46:50 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2010/08/24 22:46:48 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2010/08/24 22:46:47 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2010/08/24 22:46:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2010/08/24 22:46:44 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2010/08/24 22:46:42 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2010/08/24 22:46:42 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2010/08/24 22:46:40 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2010/08/24 22:46:39 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2010/08/24 22:46:37 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2010/08/24 22:46:36 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2010/08/24 22:46:35 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2010/08/24 22:46:33 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2010/08/24 22:46:31 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll
[2010/08/24 22:46:30 | 000,249,856 | ---- | C] (ComtrolŪ Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2010/08/24 22:46:29 | 000,096,256 | ---- | C] (Copyright © Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2010/08/24 22:46:27 | 000,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2010/08/24 22:46:26 | 000,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys
[2010/08/24 22:46:23 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll
[2010/08/24 22:46:22 | 000,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2010/08/24 22:46:20 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2010/08/24 22:46:20 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2010/08/24 22:46:18 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2010/08/24 22:46:17 | 000,021,533 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2010/08/24 22:46:16 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cpqarray.sys
[2010/08/24 22:46:09 | 000,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2010/08/24 22:46:06 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2010/08/24 22:46:04 | 000,006,656 | ---- | C] (CMD Technology, Inc.) -- C:\WINDOWS\System32\dllcache\cmdide.sys
[2010/08/24 22:46:02 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2010/08/24 22:46:00 | 000,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2010/08/24 22:45:59 | 000,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2010/08/24 22:45:59 | 000,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2010/08/24 22:45:57 | 000,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2010/08/24 22:45:56 | 000,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2010/08/24 22:45:54 | 000,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2010/08/24 22:45:52 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2010/08/24 22:45:50 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010/08/24 22:45:50 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010/08/24 22:45:48 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010/08/24 22:45:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010/08/24 22:45:47 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010/08/24 22:45:47 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2010/08/24 22:45:46 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010/08/24 22:45:43 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2010/08/24 22:45:42 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2010/08/24 22:45:42 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2010/08/24 22:45:41 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2010/08/24 22:45:40 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2010/08/24 22:45:37 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2010/08/24 22:45:37 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cd20xrnt.sys
[2010/08/24 22:45:36 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2010/08/24 22:45:35 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2010/08/24 22:45:34 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2010/08/24 22:45:33 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2010/08/24 22:45:29 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2010/08/24 22:45:26 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2010/08/24 22:45:25 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/08/24 22:45:24 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2010/08/24 22:45:23 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2010/08/24 22:45:23 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2010/08/24 22:45:22 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2010/08/24 22:45:21 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2010/08/24 22:45:20 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2010/08/24 22:45:19 | 000,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2010/08/24 22:45:18 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2010/08/24 22:45:17 | 000,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2010/08/24 22:45:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010/08/24 22:44:38 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2010/08/24 22:44:34 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2010/08/24 22:44:34 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2010/08/24 22:44:33 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2010/08/24 22:44:32 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2010/08/24 22:44:31 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2010/08/24 22:44:30 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2010/08/24 22:44:29 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2010/08/24 22:44:28 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2010/08/24 22:44:26 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2010/08/24 22:44:25 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2010/08/24 22:44:24 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2010/08/24 22:44:24 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2010/08/24 22:44:23 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2010/08/24 22:44:22 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2010/08/24 22:44:21 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2010/08/24 22:44:20 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2010/08/24 22:44:19 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2010/08/24 22:44:18 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2010/08/24 22:44:17 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2010/08/24 22:44:15 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2010/08/24 22:44:13 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2010/08/24 22:44:13 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2010/08/24 22:44:12 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2010/08/24 22:44:11 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2010/08/24 22:44:10 | 000,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys
[2010/08/24 22:44:09 | 000,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys
[2010/08/24 22:44:07 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2010/08/24 22:44:07 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2010/08/24 22:44:06 | 000,096,640 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys
[2010/08/24 22:44:05 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2010/08/24 22:44:04 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2010/08/24 22:44:01 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2010/08/24 22:44:00 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2010/08/24 22:43:59 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2010/08/24 22:43:57 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2010/08/24 22:43:56 | 000,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2010/08/24 22:43:55 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2010/08/24 22:43:44 | 000,070,528 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys
[2010/08/24 22:43:43 | 000,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll
[2010/08/24 22:43:40 | 000,281,600 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys
[2010/08/24 22:43:39 | 000,075,136 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys
[2010/08/24 22:43:38 | 000,289,664 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys
[2010/08/24 22:43:38 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2010/08/24 22:43:37 | 000,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll
[2010/08/24 22:43:36 | 000,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll
[2010/08/24 22:43:36 | 000,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll
[2010/08/24 22:43:31 | 000,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2010/08/24 22:43:31 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2010/08/24 22:43:29 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2010/08/24 22:43:28 | 000,014,848 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc3550.sys
[2010/08/24 22:43:27 | 000,022,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asc3350p.sys
[2010/08/24 22:43:26 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2010/08/24 22:43:26 | 000,026,496 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc.sys
[2010/08/24 22:43:24 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2010/08/24 22:43:24 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2010/08/24 22:43:23 | 000,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\amsint.sys
[2010/08/24 22:43:22 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2010/08/24 22:43:21 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys
[2010/08/24 22:43:20 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys
[2010/08/24 22:43:19 | 000,056,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78xx.sys
[2010/08/24 22:43:19 | 000,055,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78u2.sys
[2010/08/24 22:43:18 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aha154x.sys
[2010/08/24 22:43:11 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2010/08/24 22:43:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010/08/24 22:43:06 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adpu160m.sys
[2010/08/24 22:43:06 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2010/08/24 22:43:05 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2010/08/24 22:43:04 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2010/08/24 22:43:03 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2010/08/24 22:43:03 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2010/08/24 22:43:02 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2010/08/24 22:43:01 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2010/08/24 22:42:59 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2010/08/24 22:42:58 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2010/08/24 22:42:58 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2010/08/24 22:42:57 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2010/08/24 22:42:57 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2010/08/24 22:42:56 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\abp480n5.sys
[2010/08/24 22:42:55 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2010/08/24 22:42:53 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2010/08/24 22:42:52 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2010/08/24 22:42:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2010/08/24 22:42:51 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2010/08/24 22:42:51 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2010/08/24 22:42:50 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2010/08/24 22:42:50 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2010/08/24 22:41:55 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2010/08/24 18:05:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\IObit
[2010/08/24 18:05:24 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010/08/24 17:35:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/08/24 17:31:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Downloads
[2010/08/24 17:20:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla
[2010/08/24 17:20:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Mozilla
[2010/08/24 16:42:44 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/08/23 23:11:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\backups
[2010/08/23 08:14:29 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/08/23 08:14:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/08/23 08:14:17 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/08/23 07:52:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Sunbelt Software
[2010/08/23 07:49:11 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{ECC164E0-3133-4C70-A831-F08DB2940F70}
[2010/08/23 07:47:36 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/08/23 07:47:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010/08/22 21:57:53 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/08/22 21:57:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/08/22 18:35:18 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2010/08/18 18:49:09 | 000,000,000 | ---D | C] -- C:\Autoruns
[2010/08/17 16:53:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2010/08/17 16:53:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/08/17 16:53:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/08/17 16:53:35 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/08/17 16:53:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/17 16:51:18 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Owner\Desktop\HijackThis.exe
[2010/08/15 22:32:57 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/08/15 16:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/08/15 15:38:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/08/15 15:38:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/08/15 15:38:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/08/15 15:38:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/08/15 15:29:17 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IECompatCache
[2010/08/15 15:28:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010/08/15 15:25:44 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\PrivacIE
[2010/08/15 15:19:32 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/08/15 15:19:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2010/08/15 15:01:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IETldCache
[2010/08/15 14:54:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/08/15 14:51:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/08/15 14:51:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/09/08 18:29:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2010/09/08 18:00:05 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At91.job
[2010/09/08 18:00:05 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At67.job
[2010/09/08 18:00:05 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At43.job
[2010/09/08 18:00:05 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At139.job
[2010/09/08 18:00:04 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At115.job
[2010/09/08 17:43:40 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/09/08 17:42:08 | 007,077,888 | ---- | M] () -- C:\Documents and Settings\Owner\ntuser.dat
[2010/09/08 17:29:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2010/09/08 17:19:34 | 064,443,496 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/09/08 17:00:02 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At90.job
[2010/09/08 17:00:02 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At66.job
[2010/09/08 17:00:02 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At42.job
[2010/09/08 17:00:02 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At138.job
[2010/09/08 17:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At114.job
[2010/09/08 16:59:37 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RKUnhookerLE.EXE
[2010/09/08 16:29:03 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2010/09/08 16:10:30 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/08 16:09:28 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/08 16:09:27 | 000,000,314 | -HS- | M] () -- C:\WINDOWS\tasks\Cxqhfhkyt.job
[2010/09/08 16:09:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/08 16:09:19 | 535,875,584 | -HS- | M] () -- C:\hiberfil.sys
[2010/08/31 19:23:23 | 006,969,870 | -H-- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db
[2010/08/31 19:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At92.job
[2010/08/31 19:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At68.job
[2010/08/31 19:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At44.job
[2010/08/31 19:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At140.job
[2010/08/31 19:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At116.job
[2010/08/30 16:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At89.job
[2010/08/30 16:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At65.job
[2010/08/30 16:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At41.job
[2010/08/30 16:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At137.job
[2010/08/30 16:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At113.job
[2010/08/30 15:29:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2010/08/30 15:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At88.job
[2010/08/30 15:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At64.job
[2010/08/30 15:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At40.job
[2010/08/30 15:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At136.job
[2010/08/30 15:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At112.job
[2010/08/30 14:29:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2010/08/30 14:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At87.job
[2010/08/30 14:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At63.job
[2010/08/30 14:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At39.job
[2010/08/30 14:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At135.job
[2010/08/30 14:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At111.job
[2010/08/30 13:29:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2010/08/30 13:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At86.job
[2010/08/30 13:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At62.job
[2010/08/30 13:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At38.job
[2010/08/30 13:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At134.job
[2010/08/30 13:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At110.job
[2010/08/30 12:29:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2010/08/30 12:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At85.job
[2010/08/30 12:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At61.job
[2010/08/30 12:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At37.job
[2010/08/30 12:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At133.job
[2010/08/30 12:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At109.job
[2010/08/30 11:29:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2010/08/30 11:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At84.job
[2010/08/30 11:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At60.job
[2010/08/30 11:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At36.job
[2010/08/30 11:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At132.job
[2010/08/30 11:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At108.job
[2010/08/30 10:29:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2010/08/30 10:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At83.job
[2010/08/30 10:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At59.job
[2010/08/30 10:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At35.job
[2010/08/30 10:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At131.job
[2010/08/30 10:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At107.job
[2010/08/30 09:29:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2010/08/30 09:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At82.job
[2010/08/30 09:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At58.job
[2010/08/30 09:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At34.job
[2010/08/30 09:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At130.job
[2010/08/30 09:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At106.job
[2010/08/30 08:29:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2010/08/30 08:14:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/08/30 08:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At81.job
[2010/08/30 08:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At57.job
[2010/08/30 08:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At33.job
[2010/08/30 08:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At129.job
[2010/08/30 08:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At105.job
[2010/08/30 07:29:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2010/08/30 07:19:59 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\defogger_reenable
[2010/08/30 06:45:40 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Defogger.exe
[2010/08/29 02:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At99.job
[2010/08/29 02:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At75.job
[2010/08/29 02:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At51.job
[2010/08/29 02:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At27.job
[2010/08/29 02:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At123.job
[2010/08/29 01:29:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010/08/29 01:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At98.job
[2010/08/29 01:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At74.job
[2010/08/29 01:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At50.job
[2010/08/29 01:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At26.job
[2010/08/29 01:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At122.job
[2010/08/29 00:58:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At121.job
[2010/08/29 00:54:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At73.job
[2010/08/29 00:38:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At25.job
[2010/08/29 00:29:01 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/08/29 00:12:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At49.job
[2010/08/29 00:07:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At97.job
[2010/08/28 23:29:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2010/08/28 23:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At96.job
[2010/08/28 23:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At72.job
[2010/08/28 23:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At48.job
[2010/08/28 23:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At144.job
[2010/08/28 23:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At120.job
[2010/08/28 22:29:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2010/08/28 22:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At95.job
[2010/08/28 22:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At71.job
[2010/08/28 22:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At47.job
[2010/08/28 22:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At143.job
[2010/08/28 22:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At119.job
[2010/08/28 21:29:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2010/08/28 21:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At94.job
[2010/08/28 21:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At70.job
[2010/08/28 21:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At46.job
[2010/08/28 21:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At142.job
[2010/08/28 21:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At118.job
[2010/08/28 20:29:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2010/08/28 20:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At93.job
[2010/08/28 20:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At69.job
[2010/08/28 20:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At45.job
[2010/08/28 20:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At141.job
[2010/08/28 20:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At117.job
[2010/08/28 19:29:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2010/08/28 10:28:49 | 000,000,981 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/08/28 10:28:48 | 000,000,963 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Spybot - Search & Destroy.lnk
[2010/08/26 23:35:00 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010/08/26 18:26:06 | 000,416,826 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/08/26 13:44:22 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/08/26 13:44:22 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2010/08/26 13:44:19 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/08/26 13:44:03 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/08/26 13:44:01 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/08/26 13:43:59 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/08/24 18:05:49 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk
[2010/08/24 18:05:49 | 000,000,874 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare.lnk
[2010/08/24 17:59:30 | 000,050,752 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/08/24 17:20:39 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/08/24 16:43:40 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/24 16:43:40 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/08/24 12:52:47 | 000,220,840 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/24 12:45:07 | 000,000,516 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/08/24 11:34:01 | 000,000,448 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\wklnhst.dat
[2010/08/23 20:25:48 | 000,000,084 | -H-- | M] () -- C:\aaw7boot.cmd
[2010/08/23 08:14:17 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/08/23 07:49:07 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/08/23 07:49:06 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/08/23 07:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At80.job
[2010/08/23 07:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At56.job
[2010/08/23 07:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At32.job
[2010/08/23 07:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At128.job
[2010/08/23 07:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At104.job
[2010/08/23 06:29:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010/08/22 22:28:13 | 000,416,826 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100826-182606.backup
[2010/08/22 20:00:46 | 000,001,968 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\cc_20100822_195720.reg
[2010/08/21 13:15:41 | 000,020,480 | ---- | M] (NT Kernel Resources) -- C:\WINDOWS\System32\drivers\ndisrd.sys
[2010/08/18 18:59:44 | 000,000,227 | ---- | M] () -- C:\WINDOWS\SYSTEM.INI
[2010/08/18 18:59:44 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/08/17 16:53:42 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/17 16:41:38 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\opufjku6.exe
[2010/08/17 16:40:56 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Owner\Desktop\HijackThis.exe
[2010/08/17 16:40:18 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\dds.scr
[2010/08/17 15:55:44 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/08/16 22:22:21 | 000,001,514 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Disk Cleanup.lnk
[2010/08/16 06:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At79.job
[2010/08/16 06:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At55.job
[2010/08/16 06:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At31.job
[2010/08/16 06:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At127.job
[2010/08/16 06:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At103.job
[2010/08/16 05:29:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010/08/16 05:00:01 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At78.job
[2010/08/16 05:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At54.job
[2010/08/16 05:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At30.job
[2010/08/16 05:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At126.job
[2010/08/16 05:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At102.job
[2010/08/16 04:29:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2010/08/16 04:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At77.job
[2010/08/16 04:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At53.job
[2010/08/16 04:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At29.job
[2010/08/16 04:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At125.job
[2010/08/16 04:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At101.job
[2010/08/16 03:29:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010/08/16 03:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At76.job
[2010/08/16 03:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At52.job
[2010/08/16 03:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At28.job
[2010/08/16 03:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At124.job
[2010/08/16 03:00:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At100.job
[2010/08/16 02:29:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2010/08/15 16:28:42 | 000,443,380 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/15 16:28:42 | 000,383,822 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/15 16:28:42 | 000,054,010 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/15 16:25:14 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/08/15 15:27:42 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/08/12 07:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/09/08 16:59:37 | 000,133,632 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RKUnhookerLE.EXE
[2010/08/30 07:19:59 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\defogger_reenable
[2010/08/30 07:19:06 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Defogger.exe
[2010/08/26 13:44:22 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2010/08/26 13:43:59 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/08/26 13:43:33 | 064,443,496 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/08/24 23:35:08 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2010/08/24 23:34:59 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2010/08/24 23:34:44 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/08/24 23:20:35 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2010/08/24 23:20:29 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2010/08/24 23:20:23 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/08/24 23:20:23 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/08/24 23:14:00 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2010/08/24 23:11:41 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/08/24 23:11:36 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/08/24 23:10:21 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/08/24 22:53:24 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2010/08/24 22:53:15 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2010/08/24 22:53:09 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2010/08/24 22:53:02 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2010/08/24 22:52:56 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2010/08/24 22:52:30 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/08/24 22:47:58 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2010/08/24 22:47:56 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2010/08/24 22:47:55 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2010/08/24 22:45:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/08/24 22:45:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/08/24 22:45:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/08/24 22:45:06 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/08/24 22:45:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/08/24 22:45:05 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/08/24 22:45:05 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/08/24 22:45:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/08/24 22:45:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/08/24 22:45:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/08/24 22:45:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/08/24 22:45:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/08/24 22:45:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/08/24 22:45:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/08/24 22:45:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/08/24 22:45:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/08/24 22:45:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/08/24 22:44:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/08/24 22:44:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/08/24 22:44:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/08/24 22:44:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/08/24 22:44:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/08/24 22:44:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/08/24 22:44:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/08/24 22:44:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/08/24 22:44:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/08/24 22:44:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/08/24 22:44:54 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/08/24 22:44:54 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/08/24 22:44:54 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/08/24 22:44:53 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/08/24 22:44:53 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/08/24 22:44:52 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/08/24 22:44:52 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/08/24 22:44:51 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/08/24 22:44:49 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/08/24 22:44:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/08/24 22:44:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/08/24 22:44:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/08/24 22:44:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/08/24 22:44:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/08/24 22:44:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/08/24 22:44:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/08/24 22:44:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/08/24 22:44:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/08/24 22:44:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/08/24 22:44:42 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/08/24 22:44:40 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/08/24 22:44:40 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/08/24 22:44:39 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/08/24 22:44:17 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/08/24 22:44:14 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/08/24 22:43:50 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2010/08/24 22:43:50 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2010/08/24 22:43:49 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2010/08/24 22:43:48 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2010/08/24 22:43:47 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2010/08/24 22:43:46 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2010/08/24 22:43:46 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2010/08/24 22:43:45 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2010/08/24 22:43:41 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2010/08/24 22:43:35 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2010/08/24 18:05:49 | 000,000,892 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk
[2010/08/24 18:05:49 | 000,000,874 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare.lnk
[2010/08/24 17:20:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/08/24 16:43:40 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/24 16:43:40 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/08/23 20:25:48 | 000,000,084 | -H-- | C] () -- C:\aaw7boot.cmd
[2010/08/23 08:16:36 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/08/23 07:49:07 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/08/23 07:49:06 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/08/22 21:58:03 | 000,000,981 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/08/22 21:58:03 | 000,000,963 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Spybot - Search & Destroy.lnk
[2010/08/22 20:00:41 | 000,001,968 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\cc_20100822_195720.reg
[2010/08/18 19:32:37 | 535,875,584 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/17 16:53:42 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/17 16:51:20 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\opufjku6.exe
[2010/08/17 16:51:13 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\dds.scr
[2010/07/17 06:56:41 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\u8fixs751.dat
[2008/08/22 21:31:39 | 000,000,632 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2006/11/21 20:22:02 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/04/24 16:54:06 | 000,005,665 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\GdiplusUpgrade_MSIApproach_Wrapper.log
[2006/04/24 16:54:06 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/04/20 19:49:19 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/07/13 14:43:50 | 000,000,448 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\wklnhst.dat
[2005/04/19 16:46:32 | 000,000,857 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\AdobeDLM.log
[2005/04/19 16:46:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\dm.ini
[2005/03/27 20:49:39 | 000,008,704 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/02/20 17:07:02 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2005/02/20 16:26:55 | 000,000,774 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2004/11/21 21:09:59 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/11/21 20:59:50 | 000,015,669 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/11/21 20:49:10 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2004/08/16 07:42:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/07 08:16:44 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/07 08:10:08 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/02/26 01:18:04 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll

========== Custom Scans ==========


< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >
[2010/09/08 16:09:27 | 000,000,314 | -HS- | M] () Unable to obtain MD5 -- C:\WINDOWS\Tasks\Cxqhfhkyt.job

< %systemroot%\System32\config\*.sav >
[2004/08/07 00:45:26 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/08/07 00:45:26 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/07 00:45:26 | 000,892,928 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\*. /mp /s >

< %SYSTEMDRIVE%\*.exe >

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\drivers\ndisrd.sys:SummaryInformation
< End of report >


Here is the Extras.txt report requested:

OTL Extras logfile created on: 9/8/2010 6:34:12 PM - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 35.00 Mb Available Physical Memory | 7.00% Memory free
1.00 Gb Paging File | 0.00 Gb Available in Paging File | 29.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.88 Gb Total Space | 43.81 Gb Free Space | 78.39% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-4105E587B6
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-2816157793-3718749894-2637816746-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Disabled:HP Software Update Client -- (Hewlett-Packard)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Disabled:iTunes -- (Apple Computer, Inc.)
"C:\Program Files\AVG\AVG9\avgemc.exe" = C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00FC6799-866E-44A1-A60C-DCF394CF56FD}" = iTunes
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{18E0918E-1060-48f3-925C-56C82E88551B}" = HP PSC & OfficeJet 3.5
"{1F7473D9-6C0B-4F5A-8FA4-AB8AD78CBE54}" = DocProc
"{22988B2A-374A-4A7B-B795-A1AFF2046BE9}" = PhotoGallery
"{257EC58E-03FD-472B-A9B6-93F23A3C4CB0}" = Scan
"{29B50D30-EAFC-4cea-9F76-3A0E3729E9B0}" = SkinsHP1
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{37E31FCE-A048-4D8C-B167-31891BCF6585}" = muvee autoProducer 3.5 - SE
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{415B8A4E-0EA2-4C69-975C-EEE07B837FD7}" = Unload
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{47C25360-AEBC-4B21-B233-87CE653B3369}" = AIOMinimal
"{48242276-DB89-42e8-9678-BD4280D7B99A}" = Copy
"{5421155F-B033-49DB-9B33-8F80F233D4D5}" = GdiplusUpgrade
"{55DCBED7-5710-4939-A928-4CBD9AB09EBB}" = 1310_Help
"{5786D2C8-A4C4-4DDB-B671-8ED2A53310EC}" = 1310Tour
"{57C7C46A-D35D-492d-A328-4F8C9B5B4B52}" = PrintScreen
"{66C018BD-6F16-4B32-B4CD-1DC1B21FBDFF}" = Zone Deluxe Games
"{6864A62D-3EF3-415F-9922-240EED34B4C0}" = Fax
"{7148F0A8-6813-11D6-A77B-00B0D0142050}" = Java 2 Runtime Environment, SE v1.4.2_05
"{723C033E-63EA-4227-BAB2-0AA8693C16EB}" = Director
"{745A92AF-53B4-41A7-91C3-9B026B1D5897}" = InstantShare
"{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}" = overland
"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"{81DD5688-695A-4c1d-AE7D-368BF857725A}" = TrayApp
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{97355297-21C8-40CD-96D3-48E58037A9B8}" = TI1620/1520
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD
"{99D48FBB-2DEF-49A9-BCC9-C5AF63DD2643}" = AiOSoftware
"{9B03C535-3AEA-4ef2-B326-0A01A2207034}" = CreativeProjects
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3
"{AEC20FEC-47D8-4DEA-85D7-0B7E5D905D11}" = AiO_Scan
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BC339BFD-F550-471a-8D26-4D08126C62F7}" = SkinsHP2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBE3E0AF-73BB-4c21-8B96-B09E003EDE7F}" = QuickProjects
"{CEB326EC-8F40-47B2-BA22-BB092565D66F}" = Quick Launch Buttons 5.00 C1
"{D186329B-1B4D-408D-ABEC-EA5CE1F182C9}" = Overland
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E443F067-3345-482C-BD7A-12675A53D292}" = Readme
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F730A60D-F6DA-4653-9C6E-548F7A3A5EE0}" = 1310Trb
"{F9B0968A-810E-484C-B81D-7F19DC2CBBF5}" = 1310
"{FBBF532A-47AC-457d-AC06-0D3163D8911E}" = WebReg
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AdobeESD" = Adobe Download Manager 2.0 (Remove Only)
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"AVG9Uninstall" = AVG Free 9.0
"HP Photo & Imaging" = HP Image Zone 3.5
"ie8" = Windows Internet Explorer 8
"InstallShield_{00FC6799-866E-44A1-A60C-DCF394CF56FD}" = iTunes
"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"InstallShield_{97355297-21C8-40CD-96D3-48E58037A9B8}" = PCI 1620 Cardbus Controller and Software
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Money2005b" = Microsoft Money 2005
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"NVIDIA GART Driver" = NVIDIA GART Driver
"QuickTime" = QuickTime
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Talking Typing Teacher" = Talking Typing Teacher
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/28/2010 3:28:35 PM | Computer Name = YOUR-4105E587B6 | Source = Application Error | ID = 1000
Description = Faulting application opufjku6.exe, version 1.0.15.15281, faulting
module opufjku6.exe, version 1.0.15.15281, fault address 0x0005c887.

Error - 8/28/2010 9:27:19 PM | Computer Name = YOUR-4105E587B6 | Source = Application Error | ID = 1000
Description = Faulting application opufjku6.exe, version 1.0.15.15281, faulting
module opufjku6.exe, version 1.0.15.15281, fault address 0x0005c887.

Error - 8/29/2010 1:40:36 AM | Computer Name = YOUR-4105E587B6 | Source = EventSystem | ID = 4609
Description = The COM+ Event System detected a bad return code during its internal
processing. HRESULT was 800706BB from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Please contact Microsoft Product Support Services to report this erro

Error - 8/31/2010 5:24:42 PM | Computer Name = YOUR-4105E587B6 | Source = Application Error | ID = 1000
Description = Faulting application opufjku6.exe, version 1.0.15.15281, faulting
module opufjku6.exe, version 1.0.15.15281, fault address 0x0005c887.

Error - 8/31/2010 5:31:56 PM | Computer Name = YOUR-4105E587B6 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The connection with the server was terminated abnormally

Error - 8/31/2010 5:31:57 PM | Computer Name = YOUR-4105E587B6 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 9/8/2010 5:23:16 PM | Computer Name = YOUR-4105E587B6 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The connection with the server was terminated abnormally

Error - 9/8/2010 5:23:20 PM | Computer Name = YOUR-4105E587B6 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

Error - 9/8/2010 7:34:12 PM | Computer Name = YOUR-4105E587B6 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The connection with the server was terminated abnormally

Error - 9/8/2010 7:34:13 PM | Computer Name = YOUR-4105E587B6 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

[ System Events ]
Error - 9/8/2010 6:00:02 PM | Computer Name = YOUR-4105E587B6 | Source = Schedule | ID = 7901
Description = The At42.job command failed to start due to the following error: %%2147942402

Error - 9/8/2010 6:00:02 PM | Computer Name = YOUR-4105E587B6 | Source = Schedule | ID = 7901
Description = The At66.job command failed to start due to the following error: %%2147942402

Error - 9/8/2010 6:00:02 PM | Computer Name = YOUR-4105E587B6 | Source = Schedule | ID = 7901
Description = The At90.job command failed to start due to the following error: %%2147942402

Error - 9/8/2010 6:29:00 PM | Computer Name = YOUR-4105E587B6 | Source = Schedule | ID = 7901
Description = The At18.job command failed to start due to the following error: %%2147942402

Error - 9/8/2010 7:00:05 PM | Computer Name = YOUR-4105E587B6 | Source = Schedule | ID = 7901
Description = The At115.job command failed to start due to the following error:
%%2147942402

Error - 9/8/2010 7:00:05 PM | Computer Name = YOUR-4105E587B6 | Source = Schedule | ID = 7901
Description = The At139.job command failed to start due to the following error:
%%2147942402

Error - 9/8/2010 7:00:05 PM | Computer Name = YOUR-4105E587B6 | Source = Schedule | ID = 7901
Description = The At43.job command failed to start due to the following error: %%2147942402

Error - 9/8/2010 7:00:05 PM | Computer Name = YOUR-4105E587B6 | Source = Schedule | ID = 7901
Description = The At67.job command failed to start due to the following error: %%2147942402

Error - 9/8/2010 7:00:05 PM | Computer Name = YOUR-4105E587B6 | Source = Schedule | ID = 7901
Description = The At91.job command failed to start due to the following error: %%2147942402

Error - 9/8/2010 7:29:00 PM | Computer Name = YOUR-4105E587B6 | Source = Schedule | ID = 7901
Description = The At19.job command failed to start due to the following error: %%2147942402


< End of report >

Thanks again,
Techgirl888

#5 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:11:09 AM

Posted 09 September 2010 - 06:07 AM

Hi techgirl888,

One or more of the identified infections is a backdoor trojan/Rootkit.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.

If you decide you want to proceed with trying to clean your machine please follow these next steps.



Before you do any of the next step you need to temporarily disable the TeaTimer protection in spybot, as it may
stop the tools we use from doing their job. Please keep it disabled whilst I am helping you then you can enable it again
when your clean.

To disable Teatimer, open Spybot and click on the Mode tab and select Advanced mode.
It will ask you if your sure you want to go into advanced mode, select yes.
Now go to tools and click on the resident tab.
Uncheck the box that says "Resident "TeaTimer" (Protection of over-all system settings) active".
Then close Spybot and reboot your computer.



Please download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed, click on Yes, to continue scanning for malware.

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.

This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper


If you need help, see this link:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

unite.jpg


#6 techgirl888

techgirl888
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Chicago, IL USA
  • Local time:05:09 AM

Posted 09 September 2010 - 12:05 PM

Syler,

Thank you for your reply. It was a lot of information. So I understand there will always be a risk on the computer (that sucks). I do not have the original disk the computer came with, I looked for it prior to my original post. I'm assuming without that CD reinstall is not an option. The link you included discussed different levels of risk, can you tell what level I'm at? The main computer user is my father. He checks his email occasionally and sends email maybe once a year. He surfs many financial information and news sites. He does not bank on this computer. The only website he uses a password for (other than email) is a financial site, so I am concerned.

I continued with the steps you provide to clean the computer thinking that he can still use the computer to read websites he doesn't log into????

Here's the log from Combofix you requested:

ComboFix 10-09-08.03 - Owner 09/09/2010 11:14:04.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.191 [GMT -5:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\Thumbs.db
c:\windows\system32\yyadd.bak1
c:\windows\system32\yyadd.bak2

Infected copy of c:\windows\system32\drivers\nv_agp.SYS was found and disinfected
Restored copy from - Kitty had a snack tongue.gif
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_6TO4
-------\Legacy_IAS
-------\Service_6to4
-------\Service_Ias
-------\Service_ndisrd


((((((((((((((((((((((((( Files Created from 2010-08-09 to 2010-09-09 )))))))))))))))))))))))))))))))
.

2010-08-26 19:47 . 2010-08-26 19:47 -------- d-----w- C:\$AVG
2010-08-26 18:44 . 2010-08-26 18:44 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-08-26 18:44 . 2010-08-26 18:44 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-08-26 18:44 . 2010-08-26 18:44 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-08-26 18:43 . 2010-08-26 18:44 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-08-26 18:43 . 2010-09-09 15:08 -------- d-----w- c:\windows\system32\drivers\Avg
2010-08-26 18:39 . 2010-08-26 18:40 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-08-25 04:35 . 2008-04-14 00:12 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-08-25 04:35 . 2001-08-18 03:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-08-25 04:35 . 2008-04-14 00:12 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-08-25 04:34 . 2001-08-18 03:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-08-25 04:34 . 2001-08-18 03:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-08-25 04:34 . 2001-08-18 03:37 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
2010-08-25 04:34 . 2001-08-17 17:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-08-25 04:34 . 2004-08-04 03:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys
2010-08-25 04:34 . 2008-04-13 18:46 19200 ----a-w- c:\windows\system32\dllcache\wstcodec.sys
2010-08-25 04:34 . 2004-08-04 03:29 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys
2010-08-25 04:33 . 2004-08-04 03:31 154624 ----a-w- c:\windows\system32\dllcache\wlluc48.sys
2010-08-25 04:33 . 2001-08-17 17:12 34890 ----a-w- c:\windows\system32\dllcache\wlandrv2.sys
2010-08-25 04:33 . 2001-08-17 18:28 771581 ----a-w- c:\windows\system32\dllcache\winacisa.sys
2010-08-25 04:33 . 2001-08-18 03:36 53760 ----a-w- c:\windows\system32\dllcache\wiamsmud.dll
2010-08-25 04:33 . 2001-08-18 03:36 87040 ----a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2010-08-25 04:33 . 2004-08-04 13:00 41600 ----a-w- c:\windows\system32\dllcache\weitekp9.dll
2010-08-25 04:33 . 2004-08-04 13:00 31232 ----a-w- c:\windows\system32\dllcache\weitekp9.sys
2010-08-25 04:33 . 2001-08-17 18:28 701386 ----a-w- c:\windows\system32\dllcache\wdhaalba.sys
2010-08-25 04:33 . 2004-08-04 03:29 23615 ----a-w- c:\windows\system32\dllcache\wch7xxnt.sys
2010-08-25 04:33 . 2008-04-13 18:45 31744 ----a-w- c:\windows\system32\dllcache\wceusbsh.sys
2010-08-25 04:33 . 2001-08-17 17:10 35871 ----a-w- c:\windows\system32\dllcache\wbfirdma.sys
2010-08-25 04:31 . 2001-08-17 18:28 765884 ----a-w- c:\windows\system32\dllcache\usrti.sys
2010-08-25 04:31 . 2001-08-17 18:28 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys
2010-08-25 04:31 . 2001-08-17 18:28 7556 ----a-w- c:\windows\system32\dllcache\usroslba.sys
2010-08-25 04:31 . 2001-08-17 18:28 224802 ----a-w- c:\windows\system32\dllcache\usr1807a.sys
2010-08-25 04:31 . 2001-08-17 18:28 794399 ----a-w- c:\windows\system32\dllcache\usr1806v.sys
2010-08-25 04:31 . 2001-08-17 18:28 793598 ----a-w- c:\windows\system32\dllcache\usr1806.sys
2010-08-25 04:31 . 2001-08-17 18:28 794654 ----a-w- c:\windows\system32\dllcache\usr1801.sys
2010-08-25 04:31 . 2008-04-13 18:45 26112 ----a-w- c:\windows\system32\dllcache\usbser.sys
2010-08-25 04:31 . 2008-04-13 18:45 60032 ----a-w- c:\windows\system32\dllcache\usbaudio.sys
2010-08-25 04:31 . 2004-08-04 03:31 32384 ----a-w- c:\windows\system32\dllcache\usb101et.sys
2010-08-25 04:31 . 2001-08-18 03:36 94720 ----a-w- c:\windows\system32\dllcache\umaxud32.dll
2010-08-25 04:31 . 2001-08-18 03:36 28160 ----a-w- c:\windows\system32\dllcache\umaxu40.dll
2010-08-25 04:31 . 2001-08-18 03:36 26624 ----a-w- c:\windows\system32\dllcache\umaxu22.dll
2010-08-25 04:30 . 2001-08-18 03:36 69632 ----a-w- c:\windows\system32\dllcache\umaxu12.dll
2010-08-25 04:30 . 2001-08-18 03:36 50688 ----a-w- c:\windows\system32\dllcache\umaxscan.dll
2010-08-25 04:30 . 2001-08-17 18:58 22912 ----a-w- c:\windows\system32\dllcache\umaxpcls.sys
2010-08-25 04:30 . 2001-08-18 03:36 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll
2010-08-25 04:30 . 2001-08-18 03:36 47616 ----a-w- c:\windows\system32\dllcache\umaxcam.dll
2010-08-25 04:30 . 2001-08-18 03:36 211968 ----a-w- c:\windows\system32\dllcache\um54scan.dll
2010-08-25 04:30 . 2001-08-18 03:36 216064 ----a-w- c:\windows\system32\dllcache\um34scan.dll
2010-08-25 04:30 . 2001-08-17 18:52 36736 ----a-w- c:\windows\system32\dllcache\ultra.sys
2010-08-25 04:30 . 2001-08-17 18:48 11520 ----a-w- c:\windows\system32\dllcache\twotrack.sys
2010-08-25 04:30 . 2004-08-04 13:00 14336 ----a-w- c:\windows\system32\dllcache\tsprof.exe
2010-08-25 04:30 . 2001-08-17 17:51 166784 ----a-w- c:\windows\system32\dllcache\tridxpm.sys
2010-08-25 04:30 . 2001-08-18 03:36 525568 ----a-w- c:\windows\system32\dllcache\tridxp.dll
2010-08-25 04:28 . 2001-08-17 17:51 138528 ----a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2010-08-25 04:27 . 2001-08-17 19:07 28384 ----a-w- c:\windows\system32\dllcache\sym_hi.sys
2010-08-25 04:26 . 2004-08-04 13:00 101376 ----a-w- c:\windows\system32\dllcache\srusbusd.dll
2010-08-25 04:25 . 2001-08-17 17:51 58368 ----a-w- c:\windows\system32\dllcache\smiminib.sys
2010-08-25 04:24 . 2001-08-17 19:56 157696 ----a-w- c:\windows\system32\dllcache\sisv256.dll
2010-08-25 04:23 . 2001-08-17 18:53 6784 ----a-w- c:\windows\system32\dllcache\serscan.sys
2010-08-25 04:22 . 2001-08-17 17:50 61504 ----a-w- c:\windows\system32\dllcache\s3sav3dm.sys
2010-08-25 04:21 . 2001-08-17 17:19 3840 ----a-w- c:\windows\system32\dllcache\rpfun.sys
2010-08-25 04:20 . 2001-08-17 18:52 40320 ----a-w- c:\windows\system32\dllcache\ql1080.sys
2010-08-25 04:19 . 2001-08-17 19:07 19840 ----a-w- c:\windows\system32\dllcache\philtune.sys
2010-08-25 04:18 . 2004-08-04 13:00 36927 ----a-w- c:\windows\system32\dllcache\padrs411.dll
2010-08-25 04:17 . 2001-08-17 17:20 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys
2010-08-25 04:17 . 2001-08-17 17:50 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys
2010-08-25 04:17 . 2001-08-18 03:36 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll
2010-08-25 04:17 . 2001-08-18 03:36 38912 ----a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2010-08-25 04:17 . 2001-08-17 17:49 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
2010-08-25 04:17 . 2001-08-17 18:47 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys
2010-08-25 04:17 . 2001-08-17 18:53 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys
2010-08-25 04:17 . 2008-04-13 18:54 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys
2010-08-25 04:17 . 2001-08-17 17:20 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys
2010-08-25 04:17 . 2001-08-17 17:20 126080 ----a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
2010-08-25 04:15 . 2001-08-17 19:56 35392 ----a-w- c:\windows\system32\dllcache\n9i128.dll
2010-08-25 04:15 . 2001-08-17 17:11 128000 ----a-w- c:\windows\system32\dllcache\n100325.sys
2010-08-25 04:15 . 2001-08-17 17:11 52255 ----a-w- c:\windows\system32\dllcache\n1000nt5.sys
2010-08-25 04:15 . 2001-08-17 18:50 75520 ----a-w- c:\windows\system32\dllcache\mxport.sys
2010-08-25 04:15 . 2001-08-18 03:36 7168 ----a-w- c:\windows\system32\dllcache\mxport.dll
2010-08-25 04:15 . 2001-08-17 18:49 19968 ----a-w- c:\windows\system32\dllcache\mxnic.sys
2010-08-25 04:15 . 2001-08-18 03:36 19968 ----a-w- c:\windows\system32\dllcache\mxicfg.dll
2010-08-25 04:15 . 2004-08-04 13:00 229439 ----a-w- c:\windows\system32\dllcache\multibox.dll
2010-08-25 04:15 . 2001-08-17 18:50 21888 ----a-w- c:\windows\system32\dllcache\mxcard.sys
2010-08-25 04:15 . 2001-08-17 17:50 103296 ----a-w- c:\windows\system32\dllcache\mtxvideo.sys
2010-08-25 04:14 . 2008-04-13 18:39 5504 ----a-w- c:\windows\system32\dllcache\mstee.sys
2010-08-25 04:14 . 2008-04-13 18:46 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys
2010-08-25 04:14 . 2001-08-17 18:48 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys
2010-08-25 04:14 . 2001-08-17 19:00 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys
2010-08-25 04:14 . 2008-04-13 18:54 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys
2010-08-25 04:14 . 2004-08-04 13:00 98304 ----a-w- c:\windows\system32\dllcache\msir3jp.dll
2010-08-25 04:14 . 2001-08-17 19:02 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys
2010-08-25 04:14 . 2001-08-17 18:48 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys
2010-08-25 04:12 . 2001-08-17 18:52 7424 ----a-w- c:\windows\system32\dllcache\mammoth.sys
2010-08-25 04:11 . 2001-08-17 17:12 20573 ----a-w- c:\windows\system32\dllcache\lne100.sys
2010-08-25 04:10 . 2001-08-17 18:49 26624 ----a-w- c:\windows\system32\dllcache\irstusb.sys
2010-08-25 04:09 . 2001-08-17 19:06 154496 ----a-w- c:\windows\system32\dllcache\icam4usb.sys
2010-08-25 03:54 . 2001-08-17 18:28 73279 ----a-w- c:\windows\system32\dllcache\hsf_spkp.sys
2010-08-25 03:54 . 2001-08-17 18:28 44863 ----a-w- c:\windows\system32\dllcache\hsf_soar.sys
2010-08-25 03:54 . 2001-08-17 18:28 57471 ----a-w- c:\windows\system32\dllcache\hsf_samp.sys
2010-08-25 03:54 . 2001-08-17 18:28 542879 ----a-w- c:\windows\system32\dllcache\hsf_msft.sys
2010-08-25 03:54 . 2001-08-17 18:28 391199 ----a-w- c:\windows\system32\dllcache\hsf_k56k.sys
2010-08-25 03:54 . 2001-08-18 03:36 9759 ----a-w- c:\windows\system32\dllcache\hsf_inst.dll
2010-08-25 03:54 . 2001-08-17 18:28 115807 ----a-w- c:\windows\system32\dllcache\hsf_fsks.sys
2010-08-25 03:54 . 2001-08-17 18:28 199711 ----a-w- c:\windows\system32\dllcache\hsf_faxx.sys
2010-08-25 03:52 . 2001-08-18 03:36 123392 ----a-w- c:\windows\system32\dllcache\hpgt21tk.dll
2010-08-25 03:51 . 2001-08-17 19:56 470144 ----a-w- c:\windows\system32\dllcache\g200d.dll
2010-08-25 03:51 . 2001-08-17 17:15 454912 ----a-w- c:\windows\system32\dllcache\fxusbase.sys
2010-08-25 03:51 . 2004-08-04 13:00 11264 ----a-w- c:\windows\system32\dllcache\fxssend.exe
2010-08-25 03:51 . 2004-08-04 13:00 31744 ----a-w- c:\windows\system32\dllcache\fxsroute.dll
2010-08-25 03:51 . 2004-08-04 13:00 132608 ----a-w- c:\windows\system32\dllcache\fxsclntr.dll
2010-08-25 03:51 . 2004-08-04 13:00 111104 ----a-w- c:\windows\system32\dllcache\fxscfgwz.dll
2010-08-25 03:51 . 2001-08-18 03:36 92160 ----a-w- c:\windows\system32\dllcache\fuusd.dll
2010-08-25 03:51 . 2001-08-17 17:15 455296 ----a-w- c:\windows\system32\dllcache\fusbbase.sys
2010-08-25 03:51 . 2001-08-17 17:15 455680 ----a-w- c:\windows\system32\dllcache\fus2base.sys
2010-08-25 03:49 . 2001-08-17 17:19 63360 ----a-w- c:\windows\system32\dllcache\ess.sys
2010-08-25 03:48 . 2001-08-17 17:11 153631 ----a-w- c:\windows\system32\dllcache\el90xnd5.sys
2010-08-25 03:47 . 2001-08-17 17:14 952007 ----a-w- c:\windows\system32\dllcache\diwan.sys
2010-08-25 03:46 . 2001-08-17 18:52 14720 ----a-w- c:\windows\system32\dllcache\dac960nt.sys
2010-08-25 03:45 . 2001-08-17 19:56 170880 ----a-w- c:\windows\system32\dllcache\cl546x.dll
2010-08-25 03:44 . 2001-08-17 18:51 13824 ----a-w- c:\windows\system32\dllcache\bulltlp3.sys
2010-08-25 03:43 . 2001-08-18 03:36 87552 ----a-w- c:\windows\system32\dllcache\avmcoxp.dll
2010-08-25 03:42 . 2001-08-18 03:36 61440 ----a-w- c:\windows\system32\dllcache\acerscad.dll
2010-08-25 03:41 . 2001-08-17 19:56 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-08-24 23:05 . 2010-08-24 23:05 -------- d-----w- c:\documents and settings\Owner\Application Data\IObit
2010-08-24 23:05 . 2010-08-24 23:05 -------- d-----w- c:\program files\IObit

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-26 17:08 . 2009-05-06 18:22 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2010-08-24 22:59 . 2005-02-20 22:07 50752 -c--a-w- c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-08-24 22:47 . 2005-02-14 12:31 -------- d-----w- c:\program files\Common Files\Adobe
2010-08-24 21:44 . 2004-11-22 02:00 -------- d-----w- c:\program files\Microsoft Money 2005
2010-08-24 19:06 . 2005-02-13 21:33 -------- d-----w- c:\program files\Viewpoint
2010-08-24 18:48 . 2004-11-22 02:22 -------- d-----w- c:\program files\Symantec
2010-08-24 18:40 . 2005-02-14 10:25 -------- d-----w- c:\program files\Yahoo!
2010-08-24 18:28 . 2006-04-21 00:49 -------- d-----w- c:\program files\Common Files\Scanner
2010-08-24 18:27 . 2004-11-22 02:22 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-08-24 16:34 . 2005-07-13 19:43 448 -c--a-w- c:\documents and settings\Owner\Application Data\wklnhst.dat
2010-08-21 18:15 . 2010-08-05 15:57 20480 ----a-w- c:\windows\system32\drivers\ndisrd.sys
2010-08-13 14:33 . 2004-11-22 02:21 -------- d-----w- c:\program files\QuickTime
2010-08-08 00:53 . 2010-08-05 15:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Update
2010-07-30 02:30 . 2004-11-22 01:42 -------- d-----w- c:\program files\Apoint2K
2010-07-29 23:56 . 2010-07-17 11:56 112 ----a-w- c:\documents and settings\All Users\Application Data\u8fixs751.dat
2010-07-28 12:52 . 2010-07-28 12:52 -------- d-----w- c:\documents and settings\NetworkService\Application Data\AdobeUM
2010-07-25 12:47 . 2004-11-22 02:21 -------- d-----w- c:\program files\iTunes
2010-07-20 15:08 . 2009-12-16 22:36 -------- d-----w- c:\documents and settings\Owner\Application Data\HpUpdate
.
CODE
<pre>
c:\program files\Apoint2K\Apoint .exe
c:\program files\Common Files\Sonic\Update Manager\sgtray .exe
c:\program files\HP\HP Software Update\HPWuSchd2 .exe
c:\program files\HP\hpcoretech\hpcmpmgr .exe
c:\program files\HPQ\Default Settings\cpqset .exe
c:\program files\iTunes\iTunesHelper .exe
c:\program files\Java\jre1.5.0_06\bin\jusched .exe
c:\program files\QuickTime\qttask   .exe
</pre>


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-08-10 2349776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2004-04-07 323584]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-04-07 4730880]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]
"AGRSMMSG"="AGRSMMSG.exe" [2004-09-03 88363]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-08-26 2065760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-08-26 18:44 12536 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [8/23/2010 8:14 AM 64288]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [8/26/2010 1:44 PM 216400]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [8/26/2010 1:44 PM 243024]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [8/26/2010 1:42 PM 921952]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [8/26/2010 1:41 PM 308136]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [8/12/2010 7:15 AM 1355416]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [8/12/2010 7:15 AM 15008]
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.msn.com
mStart Page = hxxp://www.msn.com
uInternet Connection Wizard,ShellNext = iexplore
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\yls50t8j.default\
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJPI150_06.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-mcmscsvc
SafeBoot-MCODS



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-09 11:26
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3820)
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\system32\wdfmgr.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
c:\windows\AGRSMMSG.exe
.
**************************************************************************
.
Completion time: 2010-09-09 11:31:12 - machine was rebooted
ComboFix-quarantined-files.txt 2010-09-09 16:31

Pre-Run: 46,913,900,544 bytes free
Post-Run: 47,286,038,528 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - F226584FAB57970C785D2047AF208C0D


Thanks Syler,
Techgirl888

#7 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:11:09 AM

Posted 09 September 2010 - 05:57 PM

QUOTE
The link you included discussed different levels of risk, can you tell what level I'm at?


Well, the rookit will allow unrestricted access to your machine, so I think that is as bad as it gets and as well, you don't
just have a rootkit, you have a few different infections there.

QUOTE
The only website he uses a password for (other than email) is a financial site, so I am concerned.


If he has logged into this site recently, or even not so recently, I would definetly get him to change the password from a
clean machine, as their is no telling how long he has been infected.

On the bright side, it looks like we got the rootkit, now to clean up the other infections.



1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

CODE
Collect::
c:\documents and settings\All Users\Application Data\u8fixs751.dat
C:\WINDOWS\tasks\Cxqhfhkyt.job
AtJob::
RenV::
c:\program files\Apoint2K\Apoint .exe
c:\program files\Common Files\Sonic\Update Manager\sgtray .exe
c:\program files\HP\HP Software Update\HPWuSchd2 .exe
c:\program files\HP\hpcoretech\hpcmpmgr .exe
c:\program files\HPQ\Default Settings\cpqset .exe
c:\program files\iTunes\iTunesHelper .exe
c:\program files\Java\jre1.5.0_06\bin\jusched .exe
c:\program files\QuickTime\qttask   .exe


Save this as CFScript.txt, in the same location as ComboFix.exe




Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

unite.jpg


#8 techgirl888

techgirl888
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Chicago, IL USA
  • Local time:05:09 AM

Posted 10 September 2010 - 07:27 AM

Good Morning Syler,

I'm glad there's a bright side.

After combofix log was created a message stated that malware files needed to be submitted for further analysis, but I was not connected to the internet so a file was created C:\CF-Submit.htm with a request to submit manually. I am now unable to connect to the internet with that computer. The status of the wireless adapter is Not Connected Firewalled and no wireless networks are being shown as available. At this time I'm unable to look into that but will later. Can I submit the file from another computer?

Here's the next log:


ComboFix 10-09-08.03 - Owner 09/10/2010 6:53.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.146 [GMT -5:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
* Created a new restore point

file zipped: c:\documents and settings\All Users\Application Data\u8fixs751.dat
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\u8fixs751.dat

.
((((((((((((((((((((((((( Files Created from 2010-08-10 to 2010-09-10 )))))))))))))))))))))))))))))))
.

2010-08-26 19:47 . 2010-08-26 19:47 -------- d-----w- C:\$AVG
2010-08-26 18:44 . 2010-08-26 18:44 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-08-26 18:44 . 2010-08-26 18:44 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-08-26 18:44 . 2010-08-26 18:44 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-08-26 18:43 . 2010-08-26 18:44 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-08-26 18:43 . 2010-09-09 15:08 -------- d-----w- c:\windows\system32\drivers\Avg
2010-08-26 18:39 . 2010-08-26 18:40 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-08-25 04:35 . 2008-04-14 00:12 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-08-25 04:35 . 2001-08-18 03:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-08-25 04:35 . 2008-04-14 00:12 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-08-25 04:34 . 2001-08-18 03:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-08-25 04:34 . 2001-08-18 03:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-08-25 04:34 . 2001-08-18 03:37 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
2010-08-25 04:34 . 2001-08-17 17:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-08-25 04:34 . 2004-08-04 03:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys
2010-08-25 04:34 . 2008-04-13 18:46 19200 ----a-w- c:\windows\system32\dllcache\wstcodec.sys
2010-08-25 04:34 . 2004-08-04 03:29 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys
2010-08-25 04:33 . 2004-08-04 03:31 154624 ----a-w- c:\windows\system32\dllcache\wlluc48.sys
2010-08-25 04:33 . 2001-08-17 17:12 34890 ----a-w- c:\windows\system32\dllcache\wlandrv2.sys
2010-08-25 04:33 . 2001-08-17 18:28 771581 ----a-w- c:\windows\system32\dllcache\winacisa.sys
2010-08-25 04:33 . 2001-08-18 03:36 53760 ----a-w- c:\windows\system32\dllcache\wiamsmud.dll
2010-08-25 04:33 . 2001-08-18 03:36 87040 ----a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2010-08-25 04:33 . 2004-08-04 13:00 41600 ----a-w- c:\windows\system32\dllcache\weitekp9.dll
2010-08-25 04:33 . 2004-08-04 13:00 31232 ----a-w- c:\windows\system32\dllcache\weitekp9.sys
2010-08-25 04:33 . 2001-08-17 18:28 701386 ----a-w- c:\windows\system32\dllcache\wdhaalba.sys
2010-08-25 04:33 . 2004-08-04 03:29 23615 ----a-w- c:\windows\system32\dllcache\wch7xxnt.sys
2010-08-25 04:33 . 2008-04-13 18:45 31744 ----a-w- c:\windows\system32\dllcache\wceusbsh.sys
2010-08-25 04:33 . 2001-08-17 17:10 35871 ----a-w- c:\windows\system32\dllcache\wbfirdma.sys
2010-08-25 04:31 . 2001-08-17 18:28 765884 ----a-w- c:\windows\system32\dllcache\usrti.sys
2010-08-25 04:31 . 2001-08-17 18:28 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys
2010-08-25 04:31 . 2001-08-17 18:28 7556 ----a-w- c:\windows\system32\dllcache\usroslba.sys
2010-08-25 04:31 . 2001-08-17 18:28 224802 ----a-w- c:\windows\system32\dllcache\usr1807a.sys
2010-08-25 04:31 . 2001-08-17 18:28 794399 ----a-w- c:\windows\system32\dllcache\usr1806v.sys
2010-08-25 04:31 . 2001-08-17 18:28 793598 ----a-w- c:\windows\system32\dllcache\usr1806.sys
2010-08-25 04:31 . 2001-08-17 18:28 794654 ----a-w- c:\windows\system32\dllcache\usr1801.sys
2010-08-25 04:31 . 2008-04-13 18:45 26112 ----a-w- c:\windows\system32\dllcache\usbser.sys
2010-08-25 04:31 . 2008-04-13 18:45 60032 ----a-w- c:\windows\system32\dllcache\usbaudio.sys
2010-08-25 04:31 . 2004-08-04 03:31 32384 ----a-w- c:\windows\system32\dllcache\usb101et.sys
2010-08-25 04:31 . 2001-08-18 03:36 94720 ----a-w- c:\windows\system32\dllcache\umaxud32.dll
2010-08-25 04:31 . 2001-08-18 03:36 28160 ----a-w- c:\windows\system32\dllcache\umaxu40.dll
2010-08-25 04:31 . 2001-08-18 03:36 26624 ----a-w- c:\windows\system32\dllcache\umaxu22.dll
2010-08-25 04:30 . 2001-08-18 03:36 69632 ----a-w- c:\windows\system32\dllcache\umaxu12.dll
2010-08-25 04:30 . 2001-08-18 03:36 50688 ----a-w- c:\windows\system32\dllcache\umaxscan.dll
2010-08-25 04:30 . 2001-08-17 18:58 22912 ----a-w- c:\windows\system32\dllcache\umaxpcls.sys
2010-08-25 04:30 . 2001-08-18 03:36 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll
2010-08-25 04:30 . 2001-08-18 03:36 47616 ----a-w- c:\windows\system32\dllcache\umaxcam.dll
2010-08-25 04:30 . 2001-08-18 03:36 211968 ----a-w- c:\windows\system32\dllcache\um54scan.dll
2010-08-25 04:30 . 2001-08-18 03:36 216064 ----a-w- c:\windows\system32\dllcache\um34scan.dll
2010-08-25 04:30 . 2001-08-17 18:52 36736 ----a-w- c:\windows\system32\dllcache\ultra.sys
2010-08-25 04:30 . 2001-08-17 18:48 11520 ----a-w- c:\windows\system32\dllcache\twotrack.sys
2010-08-25 04:30 . 2004-08-04 13:00 14336 ----a-w- c:\windows\system32\dllcache\tsprof.exe
2010-08-25 04:30 . 2001-08-17 17:51 166784 ----a-w- c:\windows\system32\dllcache\tridxpm.sys
2010-08-25 04:30 . 2001-08-18 03:36 525568 ----a-w- c:\windows\system32\dllcache\tridxp.dll
2010-08-25 04:28 . 2001-08-17 17:51 138528 ----a-w- c:\windows\system32\dllcache\tgiulnt5.sys
2010-08-25 04:27 . 2001-08-17 19:07 28384 ----a-w- c:\windows\system32\dllcache\sym_hi.sys
2010-08-25 04:26 . 2004-08-04 13:00 101376 ----a-w- c:\windows\system32\dllcache\srusbusd.dll
2010-08-25 04:25 . 2001-08-17 17:51 58368 ----a-w- c:\windows\system32\dllcache\smiminib.sys
2010-08-25 04:24 . 2001-08-17 19:56 157696 ----a-w- c:\windows\system32\dllcache\sisv256.dll
2010-08-25 04:23 . 2001-08-17 18:53 6784 ----a-w- c:\windows\system32\dllcache\serscan.sys
2010-08-25 04:22 . 2001-08-17 17:50 61504 ----a-w- c:\windows\system32\dllcache\s3sav3dm.sys
2010-08-25 04:21 . 2001-08-17 17:19 3840 ----a-w- c:\windows\system32\dllcache\rpfun.sys
2010-08-25 04:20 . 2001-08-17 18:52 40320 ----a-w- c:\windows\system32\dllcache\ql1080.sys
2010-08-25 04:19 . 2001-08-17 19:07 19840 ----a-w- c:\windows\system32\dllcache\philtune.sys
2010-08-25 04:18 . 2004-08-04 13:00 36927 ----a-w- c:\windows\system32\dllcache\padrs411.dll
2010-08-25 04:17 . 2001-08-17 17:20 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys
2010-08-25 04:17 . 2001-08-17 17:50 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys
2010-08-25 04:17 . 2001-08-18 03:36 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll
2010-08-25 04:17 . 2001-08-18 03:36 38912 ----a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2010-08-25 04:17 . 2001-08-17 17:49 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
2010-08-25 04:17 . 2001-08-17 18:47 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys
2010-08-25 04:17 . 2001-08-17 18:53 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys
2010-08-25 04:17 . 2008-04-13 18:54 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys
2010-08-25 04:17 . 2001-08-17 17:20 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys
2010-08-25 04:17 . 2001-08-17 17:20 126080 ----a-w- c:\windows\system32\dllcache\nm5a2wdm.sys
2010-08-25 04:15 . 2001-08-17 19:56 35392 ----a-w- c:\windows\system32\dllcache\n9i128.dll
2010-08-25 04:15 . 2001-08-17 17:11 128000 ----a-w- c:\windows\system32\dllcache\n100325.sys
2010-08-25 04:15 . 2001-08-17 17:11 52255 ----a-w- c:\windows\system32\dllcache\n1000nt5.sys
2010-08-25 04:15 . 2001-08-17 18:50 75520 ----a-w- c:\windows\system32\dllcache\mxport.sys
2010-08-25 04:15 . 2001-08-18 03:36 7168 ----a-w- c:\windows\system32\dllcache\mxport.dll
2010-08-25 04:15 . 2001-08-17 18:49 19968 ----a-w- c:\windows\system32\dllcache\mxnic.sys
2010-08-25 04:15 . 2001-08-18 03:36 19968 ----a-w- c:\windows\system32\dllcache\mxicfg.dll
2010-08-25 04:15 . 2004-08-04 13:00 229439 ----a-w- c:\windows\system32\dllcache\multibox.dll
2010-08-25 04:15 . 2001-08-17 18:50 21888 ----a-w- c:\windows\system32\dllcache\mxcard.sys
2010-08-25 04:15 . 2001-08-17 17:50 103296 ----a-w- c:\windows\system32\dllcache\mtxvideo.sys
2010-08-25 04:14 . 2008-04-13 18:39 5504 ----a-w- c:\windows\system32\dllcache\mstee.sys
2010-08-25 04:14 . 2008-04-13 18:46 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys
2010-08-25 04:14 . 2001-08-17 18:48 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys
2010-08-25 04:14 . 2001-08-17 19:00 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys
2010-08-25 04:14 . 2008-04-13 18:54 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys
2010-08-25 04:14 . 2004-08-04 13:00 98304 ----a-w- c:\windows\system32\dllcache\msir3jp.dll
2010-08-25 04:14 . 2001-08-17 19:02 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys
2010-08-25 04:14 . 2001-08-17 18:48 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys
2010-08-25 04:12 . 2001-08-17 18:52 7424 ----a-w- c:\windows\system32\dllcache\mammoth.sys
2010-08-25 04:11 . 2001-08-17 17:12 20573 ----a-w- c:\windows\system32\dllcache\lne100.sys
2010-08-25 04:10 . 2001-08-17 18:49 26624 ----a-w- c:\windows\system32\dllcache\irstusb.sys
2010-08-25 04:09 . 2001-08-17 19:06 154496 ----a-w- c:\windows\system32\dllcache\icam4usb.sys
2010-08-25 03:54 . 2001-08-17 18:28 73279 ----a-w- c:\windows\system32\dllcache\hsf_spkp.sys
2010-08-25 03:54 . 2001-08-17 18:28 44863 ----a-w- c:\windows\system32\dllcache\hsf_soar.sys
2010-08-25 03:54 . 2001-08-17 18:28 57471 ----a-w- c:\windows\system32\dllcache\hsf_samp.sys
2010-08-25 03:54 . 2001-08-17 18:28 542879 ----a-w- c:\windows\system32\dllcache\hsf_msft.sys
2010-08-25 03:54 . 2001-08-17 18:28 391199 ----a-w- c:\windows\system32\dllcache\hsf_k56k.sys
2010-08-25 03:54 . 2001-08-18 03:36 9759 ----a-w- c:\windows\system32\dllcache\hsf_inst.dll
2010-08-25 03:54 . 2001-08-17 18:28 115807 ----a-w- c:\windows\system32\dllcache\hsf_fsks.sys
2010-08-25 03:54 . 2001-08-17 18:28 199711 ----a-w- c:\windows\system32\dllcache\hsf_faxx.sys
2010-08-25 03:52 . 2001-08-18 03:36 123392 ----a-w- c:\windows\system32\dllcache\hpgt21tk.dll
2010-08-25 03:51 . 2001-08-17 19:56 470144 ----a-w- c:\windows\system32\dllcache\g200d.dll
2010-08-25 03:51 . 2001-08-17 17:15 454912 ----a-w- c:\windows\system32\dllcache\fxusbase.sys
2010-08-25 03:51 . 2004-08-04 13:00 11264 ----a-w- c:\windows\system32\dllcache\fxssend.exe
2010-08-25 03:51 . 2004-08-04 13:00 31744 ----a-w- c:\windows\system32\dllcache\fxsroute.dll
2010-08-25 03:51 . 2004-08-04 13:00 132608 ----a-w- c:\windows\system32\dllcache\fxsclntr.dll
2010-08-25 03:51 . 2004-08-04 13:00 111104 ----a-w- c:\windows\system32\dllcache\fxscfgwz.dll
2010-08-25 03:51 . 2001-08-18 03:36 92160 ----a-w- c:\windows\system32\dllcache\fuusd.dll
2010-08-25 03:51 . 2001-08-17 17:15 455296 ----a-w- c:\windows\system32\dllcache\fusbbase.sys
2010-08-25 03:51 . 2001-08-17 17:15 455680 ----a-w- c:\windows\system32\dllcache\fus2base.sys
2010-08-25 03:49 . 2001-08-17 17:19 63360 ----a-w- c:\windows\system32\dllcache\ess.sys
2010-08-25 03:48 . 2001-08-17 17:11 153631 ----a-w- c:\windows\system32\dllcache\el90xnd5.sys
2010-08-25 03:47 . 2001-08-17 17:14 952007 ----a-w- c:\windows\system32\dllcache\diwan.sys
2010-08-25 03:46 . 2001-08-17 18:52 14720 ----a-w- c:\windows\system32\dllcache\dac960nt.sys
2010-08-25 03:45 . 2001-08-17 19:56 170880 ----a-w- c:\windows\system32\dllcache\cl546x.dll
2010-08-25 03:44 . 2001-08-17 18:51 13824 ----a-w- c:\windows\system32\dllcache\bulltlp3.sys
2010-08-25 03:43 . 2001-08-18 03:36 87552 ----a-w- c:\windows\system32\dllcache\avmcoxp.dll
2010-08-25 03:42 . 2001-08-18 03:36 61440 ----a-w- c:\windows\system32\dllcache\acerscad.dll
2010-08-25 03:41 . 2001-08-17 19:56 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-08-24 23:05 . 2010-08-24 23:05 -------- d-----w- c:\documents and settings\Owner\Application Data\IObit
2010-08-24 23:05 . 2010-08-24 23:05 -------- d-----w- c:\program files\IObit

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-10 11:53 . 2004-11-22 02:21 -------- d-----w- c:\program files\QuickTime
2010-09-10 11:53 . 2004-11-22 02:21 -------- d-----w- c:\program files\iTunes
2010-09-10 11:53 . 2004-11-22 01:42 -------- d-----w- c:\program files\Apoint2K
2010-08-26 17:08 . 2009-05-06 18:22 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2010-08-24 22:59 . 2005-02-20 22:07 50752 -c--a-w- c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-08-24 22:47 . 2005-02-14 12:31 -------- d-----w- c:\program files\Common Files\Adobe
2010-08-24 21:44 . 2004-11-22 02:00 -------- d-----w- c:\program files\Microsoft Money 2005
2010-08-24 19:06 . 2005-02-13 21:33 -------- d-----w- c:\program files\Viewpoint
2010-08-24 18:48 . 2004-11-22 02:22 -------- d-----w- c:\program files\Symantec
2010-08-24 18:40 . 2005-02-14 10:25 -------- d-----w- c:\program files\Yahoo!
2010-08-24 18:28 . 2006-04-21 00:49 -------- d-----w- c:\program files\Common Files\Scanner
2010-08-24 18:27 . 2004-11-22 02:22 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-08-24 16:34 . 2005-07-13 19:43 448 -c--a-w- c:\documents and settings\Owner\Application Data\wklnhst.dat
2010-08-21 18:15 . 2010-08-05 15:57 20480 ----a-w- c:\windows\system32\drivers\ndisrd.sys
2010-08-08 00:53 . 2010-08-05 15:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Update
2010-07-28 12:52 . 2010-07-28 12:52 -------- d-----w- c:\documents and settings\NetworkService\Application Data\AdobeUM
2010-07-20 15:08 . 2009-12-16 22:36 -------- d-----w- c:\documents and settings\Owner\Application Data\HpUpdate
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-08-10 2349776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2004-04-07 323584]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-04-07 4730880]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
"AGRSMMSG"="AGRSMMSG.exe" [2004-09-03 88363]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-08-26 18:44 12536 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG9_TRAY]
2010-08-26 18:42 2065760 ----a-w- c:\progra~1\AVG\AVG9\avgtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [8/23/2010 8:14 AM 64288]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [8/26/2010 1:44 PM 216400]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [8/26/2010 1:44 PM 243024]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [8/26/2010 1:42 PM 921952]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [8/26/2010 1:41 PM 308136]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [8/12/2010 7:15 AM 1355416]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [8/12/2010 7:15 AM 15008]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.msn.com
mStart Page = hxxp://www.msn.com
uInternet Connection Wizard,ShellNext = iexplore
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\yls50t8j.default\
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJPI150_06.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-10 07:01
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2010-09-10 07:05:16
ComboFix-quarantined-files.txt 2010-09-10 12:05
ComboFix2.txt 2010-09-09 16:31

Pre-Run: 47,264,980,992 bytes free
Post-Run: 47,252,840,448 bytes free

- - End Of File - - 29645E00659E85B3B6917AA8F85A418A

Thanks,
Techgirl888

#9 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:11:09 AM

Posted 10 September 2010 - 12:28 PM

Hi techgirl888,

We can wait till you have internet access to submit them files. Are you able to try a wired connection, if you can please do
that and let me know if it's working. Can you post a new OTL log please.

Edited by syler, 10 September 2010 - 12:29 PM.

unite.jpg


#10 techgirl888

techgirl888
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Chicago, IL USA
  • Local time:05:09 AM

Posted 10 September 2010 - 06:27 PM

Hey Syler,

My wired internet connection does not work. In Device Manager, Network adapters I have new entries. Normally I have 2, one for each adapter. Now I have 3 new entries.

Broadcom 802.11b/g WLAN - WinpkFilter Miniport
Realtek RTL8139 Family PCI Fast Ethernet NIC - WinpkFilter Miniport
WAN Miniport (IP) - WinpkFilter Miniport

The status for all three reads:
Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)

The last time I was connected was when Combofix installed Microsoft Windows Recovery Console.

I ran OTL the same as previously requested but this time the Extra.txt did not open. Here's the new OTL log requested:

OTL logfile created on: 9/10/2010 6:10:16 PM - Run 2
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

511.00 Mb Total Physical Memory | 135.00 Mb Available Physical Memory | 26.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.88 Gb Total Space | 44.03 Gb Free Space | 78.79% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-4105E587B6
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/09/08 17:43:40 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2010/08/26 13:42:47 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010/08/26 13:42:47 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010/08/26 13:42:45 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010/08/26 13:42:42 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010/08/26 13:42:25 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010/08/26 13:42:01 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010/08/26 13:41:54 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010/08/10 15:10:58 | 002,349,776 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/09 02:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\hpzipm12.exe
PRC - [2002/09/20 18:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


========== Modules (SafeList) ==========

MOD - [2010/09/08 17:43:40 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2008/04/13 19:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/08/26 13:42:01 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010/08/26 13:41:54 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010/08/12 07:15:19 | 001,355,416 | ---- | M] (Lavasoft) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2007/08/09 02:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)
SRV - [2002/09/20 18:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Owner\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/08/26 13:44:19 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010/08/26 13:44:03 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010/08/26 13:44:01 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010/08/12 07:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/08/12 07:15:19 | 000,015,008 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2004/09/03 07:52:00 | 001,268,204 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/08/04 13:05:20 | 000,341,760 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004/08/04 01:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/05/08 13:21:44 | 000,035,840 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/04/14 11:36:50 | 000,007,432 | ---- | M] (Hewlett-Packard Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2004/04/07 14:22:00 | 001,382,634 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003/12/02 09:27:00 | 000,021,120 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2003/10/07 22:40:00 | 000,094,601 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2003/08/08 19:00:00 | 000,008,448 | ---- | M] (Texas Instruments Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tiumflt.sys -- (DevUpper)
DRV - [2003/06/06 15:46:16 | 000,005,220 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2003/02/18 19:00:00 | 000,042,092 | ---- | M] (Texas Instruments Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tiumfwl.sys -- (tiumfwl)
DRV - [2001/08/17 15:10:28 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2001/08/17 10:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp
IE - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.845
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/08/26 13:41:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/08/24 17:20:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/24 17:48:25 | 000,000,000 | ---D | M]

[2010/08/24 17:21:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/08/26 11:27:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\yls50t8j.default\extensions
[2010/08/24 16:42:56 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/09/10 07:01:34 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2816157793-3718749894-2637816746-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftu...b?1282690133203 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl...indows-i586.cab (Java Plug-in 1.4.2_05)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_06)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop WallPaper: C:\WINDOWS\Amber Flow.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Amber Flow.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/18 18:49:10 | 000,000,000 | ---D | M] - C:\Autoruns -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

Drivers32: MIDI1 - C:\WINDOWS\System32\Syncor11.dll (SoundMAX)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17183584330711040)

========== Files/Folders - Created Within 30 Days ==========

[2010/09/10 07:06:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/09/09 11:05:40 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/09/09 10:58:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/09/09 10:58:34 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/09/09 10:58:34 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/09/09 10:58:34 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/09/09 10:58:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/09/09 10:57:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/09/08 17:43:37 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/08/26 14:47:15 | 000,000,000 | ---D | C] -- C:\$AVG
[2010/08/26 13:44:19 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/08/26 13:44:14 | 000,243,024 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/08/26 13:44:02 | 000,216,400 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/08/26 13:43:59 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/08/26 13:43:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2010/08/26 13:39:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/08/24 23:35:16 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2010/08/24 23:35:10 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2010/08/24 23:34:53 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2010/08/24 23:34:44 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2010/08/24 23:34:23 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2010/08/24 23:34:19 | 000,019,455 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys
[2010/08/24 23:34:15 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2010/08/24 23:34:13 | 000,012,063 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys
[2010/08/24 23:33:43 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2010/08/24 23:33:38 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2010/08/24 23:33:27 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2010/08/24 23:33:21 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2010/08/24 23:33:16 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2010/08/24 23:33:15 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2010/08/24 23:33:15 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2010/08/24 23:33:09 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys
[2010/08/24 23:33:08 | 000,023,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys
[2010/08/24 23:33:06 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys
[2010/08/24 23:33:02 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2010/08/24 23:32:59 | 000,033,599 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys
[2010/08/24 23:32:58 | 000,019,551 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys
[2010/08/24 23:32:57 | 000,029,311 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys
[2010/08/24 23:32:54 | 000,011,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys
[2010/08/24 23:32:52 | 000,012,127 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys
[2010/08/24 23:32:49 | 000,012,415 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys
[2010/08/24 23:32:43 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2010/08/24 23:32:39 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2010/08/24 23:32:34 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2010/08/24 23:32:33 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2010/08/24 23:32:28 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2010/08/24 23:32:23 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2010/08/24 23:32:18 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2010/08/24 23:32:13 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2010/08/24 23:32:08 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys
[2010/08/24 23:32:06 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2010/08/24 23:32:00 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2010/08/24 23:31:55 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2010/08/24 23:31:50 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2010/08/24 23:31:45 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2010/08/24 23:31:40 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2010/08/24 23:31:35 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2010/08/24 23:31:30 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2010/08/24 23:31:26 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2010/08/24 23:31:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2010/08/24 23:31:22 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2010/08/24 23:31:20 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2010/08/24 23:31:13 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll
[2010/08/24 23:31:08 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2010/08/24 23:31:04 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2010/08/24 23:30:56 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll
[2010/08/24 23:30:51 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2010/08/24 23:30:46 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2010/08/24 23:30:42 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2010/08/24 23:30:37 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2010/08/24 23:30:32 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2010/08/24 23:30:27 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2010/08/24 23:30:22 | 000,036,736 | ---- | C] (Promise Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ultra.sys
[2010/08/24 23:30:16 | 000,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys
[2010/08/24 23:30:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2010/08/24 23:30:09 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2010/08/24 23:30:04 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2010/08/24 23:29:59 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2010/08/24 23:29:55 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2010/08/24 23:29:50 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2010/08/24 23:29:46 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2010/08/24 23:29:41 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys
[2010/08/24 23:29:36 | 000,042,496 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll
[2010/08/24 23:29:35 | 000,082,944 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4mon.exe
[2010/08/24 23:29:30 | 000,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll
[2010/08/24 23:29:25 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\toside.sys
[2010/08/24 23:29:21 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys
[2010/08/24 23:29:16 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys
[2010/08/24 23:29:11 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys
[2010/08/24 23:29:05 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2010/08/24 23:28:59 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2010/08/24 23:28:55 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2010/08/24 23:28:53 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2010/08/24 23:28:52 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2010/08/24 23:28:44 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2010/08/24 23:28:38 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2010/08/24 23:28:38 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2010/08/24 23:28:36 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2010/08/24 23:28:29 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys
[2010/08/24 23:28:24 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2010/08/24 23:28:20 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2010/08/24 23:28:15 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2010/08/24 23:28:09 | 000,032,640 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\symc8xx.sys
[2010/08/24 23:28:05 | 000,016,256 | ---- | C] (Symbios Logic Inc.) -- C:\WINDOWS\System32\dllcache\symc810.sys
[2010/08/24 23:28:01 | 000,030,688 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_u3.sys
[2010/08/24 23:27:57 | 000,028,384 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_hi.sys
[2010/08/24 23:27:53 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2010/08/24 23:27:48 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2010/08/24 23:27:44 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2010/08/24 23:27:40 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2010/08/24 23:27:35 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2010/08/24 23:27:31 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2010/08/24 23:27:27 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2010/08/24 23:27:25 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2010/08/24 23:27:21 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2010/08/24 23:27:16 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2010/08/24 23:27:12 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2010/08/24 23:27:07 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2010/08/24 23:27:01 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2010/08/24 23:26:57 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2010/08/24 23:26:57 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2010/08/24 23:26:51 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2010/08/24 23:26:45 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2010/08/24 23:26:41 | 000,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2010/08/24 23:26:34 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2010/08/24 23:26:29 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2010/08/24 23:26:25 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys
[2010/08/24 23:26:21 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll
[2010/08/24 23:26:17 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys
[2010/08/24 23:26:12 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2010/08/24 23:26:11 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2010/08/24 23:26:11 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys
[2010/08/24 23:26:06 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2010/08/24 23:26:06 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2010/08/24 23:26:05 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2010/08/24 23:26:03 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2010/08/24 23:26:02 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2010/08/24 23:25:58 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2010/08/24 23:25:57 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2010/08/24 23:25:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2010/08/24 23:25:53 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2010/08/24 23:25:48 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2010/08/24 23:25:43 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2010/08/24 23:25:39 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys
[2010/08/24 23:25:38 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys
[2010/08/24 23:25:36 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2010/08/24 23:25:36 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys
[2010/08/24 23:25:32 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll
[2010/08/24 23:25:28 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll
[2010/08/24 23:25:27 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2010/08/24 23:25:23 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2010/08/24 23:25:23 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll
[2010/08/24 23:25:22 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2010/08/24 23:25:22 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2010/08/24 23:25:18 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll
[2010/08/24 23:25:18 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2010/08/24 23:25:17 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2010/08/24 23:25:17 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2010/08/24 23:25:16 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2010/08/24 23:25:16 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2010/08/24 23:25:16 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2010/08/24 23:25:15 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2010/08/24 23:25:15 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2010/08/24 23:25:13 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2010/08/24 23:25:12 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2010/08/24 23:25:07 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2010/08/24 23:25:02 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2010/08/24 23:24:58 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll
[2010/08/24 23:24:54 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys
[2010/08/24 23:24:53 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2010/08/24 23:24:49 | 000,238,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrv.dll
[2010/08/24 23:24:45 | 000,104,064 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrp.sys
[2010/08/24 23:24:40 | 000,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll
[2010/08/24 23:24:36 | 000,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys
[2010/08/24 23:24:32 | 000,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll
[2010/08/24 23:24:28 | 000,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys
[2010/08/24 23:24:27 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2010/08/24 23:24:19 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2010/08/24 23:24:15 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2010/08/24 23:24:11 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2010/08/24 23:24:07 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2010/08/24 23:24:02 | 000,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys
[2010/08/24 23:23:56 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2010/08/24 23:23:52 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys
[2010/08/24 23:23:51 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2010/08/24 23:23:47 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys
[2010/08/24 23:23:45 | 000,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys
[2010/08/24 23:23:41 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2010/08/24 23:23:41 | 000,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys
[2010/08/24 23:23:36 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2010/08/24 23:23:32 | 000,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys
[2010/08/24 23:23:28 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2010/08/24 23:23:24 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2010/08/24 23:23:22 | 000,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys
[2010/08/24 23:23:18 | 000,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll
[2010/08/24 23:23:13 | 000,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys
[2010/08/24 23:23:09 | 000,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll
[2010/08/24 23:23:05 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2010/08/24 23:23:00 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2010/08/24 23:22:56 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2010/08/24 23:22:52 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2010/08/24 23:22:48 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2010/08/24 23:22:44 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2010/08/24 23:22:40 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2010/08/24 23:22:36 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2010/08/24 23:22:32 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2010/08/24 23:22:28 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2010/08/24 23:22:24 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2010/08/24 23:22:19 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2010/08/24 23:22:19 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2010/08/24 23:22:19 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2010/08/24 23:22:17 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2010/08/24 23:22:16 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2010/08/24 23:22:11 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2010/08/24 23:22:07 | 000,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys
[2010/08/24 23:22:02 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2010/08/24 23:21:54 | 000,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys
[2010/08/24 23:21:52 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2010/08/24 23:21:47 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2010/08/24 23:21:42 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2010/08/24 23:21:41 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2010/08/24 23:21:41 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2010/08/24 23:21:32 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2010/08/24 23:21:28 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2010/08/24 23:21:24 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2010/08/24 23:21:20 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[2010/08/24 23:21:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2010/08/24 23:21:18 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2010/08/24 23:21:12 | 000,049,024 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1280.sys
[2010/08/24 23:21:08 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql1240.sys
[2010/08/24 23:21:04 | 000,045,312 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql12160.sys
[2010/08/24 23:21:00 | 000,033,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql10wnt.sys
[2010/08/24 23:20:56 | 000,040,320 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1080.sys
[2010/08/24 23:20:55 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys
[2010/08/24 23:20:50 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2010/08/24 23:20:46 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2010/08/24 23:20:42 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2010/08/24 23:20:41 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll
[2010/08/24 23:20:37 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll
[2010/08/24 23:20:31 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll
[2010/08/24 23:20:25 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2010/08/24 23:20:22 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys
[2010/08/24 23:20:17 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys
[2010/08/24 23:20:16 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys
[2010/08/24 23:20:12 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys
[2010/08/24 23:20:11 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2010/08/24 23:20:11 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2010/08/24 23:20:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2010/08/24 23:20:03 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll
[2010/08/24 23:19:59 | 000,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys
[2010/08/24 23:19:55 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys
[2010/08/24 23:19:51 | 000,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys
[2010/08/24 23:19:47 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys
[2010/08/24 23:19:43 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll
[2010/08/24 23:19:39 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax
[2010/08/24 23:19:38 | 000,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll
[2010/08/24 23:19:37 | 000,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys
[2010/08/24 23:19:36 | 000,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll
[2010/08/24 23:19:35 | 000,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys
[2010/08/24 23:19:30 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2hib.sys
[2010/08/24 23:19:27 | 000,027,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2.sys
[2010/08/24 23:19:25 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2010/08/24 23:19:21 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2010/08/24 23:19:17 | 000,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys
[2010/08/24 23:19:13 | 000,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys
[2010/08/24 23:19:09 | 000,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[2010/08/24 23:19:05 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2010/08/24 23:19:04 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2010/08/24 23:19:00 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2010/08/24 23:18:58 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2010/08/24 23:18:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010/08/24 23:18:53 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll
[2010/08/24 23:18:49 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll
[2010/08/24 23:18:45 | 000,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys
[2010/08/24 23:18:41 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe
[2010/08/24 23:18:37 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll
[2010/08/24 23:18:33 | 000,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys
[2010/08/24 23:18:29 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll
[2010/08/24 23:18:25 | 000,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys
[2010/08/24 23:18:21 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys
[2010/08/24 23:18:17 | 000,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys
[2010/08/24 23:18:14 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys
[2010/08/24 23:18:10 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2010/08/24 23:18:06 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2010/08/24 23:18:02 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2010/08/24 23:17:57 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2010/08/24 23:17:45 | 000,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys
[2010/08/24 23:17:41 | 000,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll
[2010/08/24 23:17:24 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2010/08/24 23:17:24 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2010/08/24 23:17:18 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys
[2010/08/24 23:17:14 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys
[2010/08/24 23:17:13 | 000,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys
[2010/08/24 23:17:04 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2010/08/24 23:17:00 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2010/08/24 23:16:54 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2010/08/24 23:16:53 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2010/08/24 23:16:46 | 000,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys
[2010/08/24 23:16:40 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2010/08/24 23:16:36 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2010/08/24 23:16:32 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys
[2010/08/24 23:16:28 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2010/08/24 23:16:22 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2010/08/24 23:16:18 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2010/08/24 23:16:13 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2010/08/24 23:16:09 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2010/08/24 23:16:06 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2010/08/24 23:16:01 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2010/08/24 23:15:58 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2010/08/24 23:15:54 | 000,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys
[2010/08/24 23:15:49 | 000,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys
[2010/08/24 23:15:45 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2010/08/24 23:15:39 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2010/08/24 23:15:34 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2010/08/24 23:15:30 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2010/08/24 23:15:26 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2010/08/24 23:15:26 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2010/08/24 23:15:22 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2010/08/24 23:14:59 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2010/08/24 23:14:56 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2010/08/24 23:14:45 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys
[2010/08/24 23:14:31 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmpu401.sys
[2010/08/24 23:14:29 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010/08/24 23:14:29 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys
[2010/08/24 23:14:28 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010/08/24 23:14:06 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys
[2010/08/24 23:14:01 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys
[2010/08/24 23:13:59 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2010/08/24 23:13:51 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2010/08/24 23:13:48 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2010/08/24 23:13:41 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys
[2010/08/24 23:13:32 | 000,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys
[2010/08/24 23:13:29 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migisol.exe
[2010/08/24 23:13:24 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys
[2010/08/24 23:13:20 | 000,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll
[2010/08/24 23:13:20 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2010/08/24 23:13:19 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2010/08/24 23:13:18 | 000,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys
[2010/08/24 23:13:11 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll
[2010/08/24 23:13:06 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys
[2010/08/24 23:13:02 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2010/08/24 23:12:56 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys
[2010/08/24 23:12:55 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2010/08/24 23:12:50 | 000,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys
[2010/08/24 23:12:46 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll
[2010/08/24 23:12:41 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll
[2010/08/24 23:12:37 | 000,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys
[2010/08/24 23:12:37 | 000,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys
[2010/08/24 23:12:31 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2010/08/24 23:12:27 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2010/08/24 23:12:27 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys
[2010/08/24 23:12:26 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2010/08/24 23:12:23 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2010/08/24 23:12:22 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2010/08/24 23:12:18 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2010/08/24 23:12:10 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys
[2010/08/24 23:12:03 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2010/08/24 23:11:59 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2010/08/24 23:11:55 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2010/08/24 23:11:52 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2010/08/24 23:11:50 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2010/08/24 23:11:47 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2010/08/24 23:11:43 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2010/08/24 23:11:43 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2010/08/24 23:11:42 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2010/08/24 23:11:41 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2010/08/24 23:11:36 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2010/08/24 23:11:35 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010/08/24 23:11:33 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll
[2010/08/24 23:11:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll
[2010/08/24 23:11:30 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2010/08/24 23:11:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2010/08/24 23:11:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2010/08/24 23:11:24 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2010/08/24 23:11:20 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2010/08/24 23:11:18 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2010/08/24 23:11:14 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2010/08/24 23:11:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2010/08/24 23:11:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2010/08/24 23:11:05 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2010/08/24 23:11:04 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2010/08/24 23:11:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2010/08/24 23:10:59 | 000,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys
[2010/08/24 23:10:56 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2010/08/24 23:10:53 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2010/08/24 23:10:51 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2010/08/24 23:10:46 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2010/08/24 23:10:43 | 000,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll
[2010/08/24 23:10:39 | 000,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys
[2010/08/24 23:10:36 | 000,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys
[2010/08/24 23:10:32 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ini910u.sys
[2010/08/24 23:10:30 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2010/08/24 23:10:28 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010/08/24 23:10:27 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2010/08/24 23:10:25 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2010/08/24 23:10:23 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2010/08/24 23:10:23 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2010/08/24 23:10:22 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010/08/24 23:10:12 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2010/08/24 23:10:09 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys
[2010/08/24 23:10:05 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll
[2010/08/24 23:10:02 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll
[2010/08/24 23:09:59 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2010/08/24 23:09:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2010/08/24 23:09:52 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2010/08/24 23:09:49 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2010/08/24 23:09:46 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2010/08/24 23:09:42 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2010/08/24 23:09:39 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys
[2010/08/24 23:09:36 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys
[2010/08/24 23:09:33 | 000,009,216 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[2010/08/24 23:09:29 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys
[2010/08/24 23:09:28 | 000,161,020 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys
[2010/08/24 23:09:27 | 000,702,845 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll
[2010/08/24 23:09:24 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys
[2010/08/24 23:09:21 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll
[2010/08/24 23:09:20 | 000,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omp.sys
[2010/08/24 23:09:19 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2010/08/24 23:09:17 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010/08/24 23:09:13 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010/08/24 23:09:07 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys
[2010/08/24 23:09:04 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys
[2010/08/24 23:02:18 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2010/08/24 22:54:24 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys
[2010/08/24 22:54:21 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys
[2010/08/24 22:54:18 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys
[2010/08/24 22:54:14 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys
[2010/08/24 22:54:11 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys
[2010/08/24 22:54:08 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll
[2010/08/24 22:54:04 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys
[2010/08/24 22:54:01 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys
[2010/08/24 22:53:58 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys
[2010/08/24 22:53:55 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys
[2010/08/24 22:53:51 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys
[2010/08/24 22:53:46 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2010/08/24 22:53:43 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2010/08/24 22:53:40 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2010/08/24 22:53:37 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2010/08/24 22:53:33 | 000,025,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpn.sys
[2010/08/24 22:53:30 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2010/08/24 22:53:27 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2010/08/24 22:53:19 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2010/08/24 22:53:12 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2010/08/24 22:53:05 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2010/08/24 22:52:59 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2010/08/24 22:52:49 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2010/08/24 22:52:43 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2010/08/24 22:52:42 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2010/08/24 22:52:39 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2010/08/24 22:52:38 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2010/08/24 22:52:31 | 000,907,456 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys
[2010/08/24 22:52:31 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2010/08/24 22:52:30 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010/08/24 22:52:27 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2010/08/24 22:52:24 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2010/08/24 22:52:19 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2010/08/24 22:52:13 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys
[2010/08/24 22:52:09 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2010/08/24 22:52:06 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys
[2010/08/24 22:52:03 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll
[2010/08/24 22:52:01 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys
[2010/08/24 22:51:57 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll
[2010/08/24 22:51:52 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2010/08/24 22:51:30 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2010/08/24 22:51:28 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2010/08/24 22:51:22 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2010/08/24 22:51:21 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2010/08/24 22:51:16 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2010/08/24 22:51:10 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2010/08/24 22:51:05 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2010/08/24 22:50:58 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2010/08/24 22:50:55 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2010/08/24 22:50:52 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2010/08/24 22:50:50 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2010/08/24 22:50:47 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2010/08/24 22:50:46 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2010/08/24 22:50:42 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2010/08/24 22:50:35 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2010/08/24 22:50:35 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys
[2010/08/24 22:50:31 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2010/08/24 22:50:29 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys
[2010/08/24 22:50:26 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2010/08/24 22:50:23 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2010/08/24 22:50:20 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2010/08/24 22:50:18 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys
[2010/08/24 22:50:16 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2010/08/24 22:50:16 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2010/08/24 22:50:13 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2010/08/24 22:50:11 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2010/08/24 22:50:11 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2010/08/24 22:50:08 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2010/08/24 22:50:08 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2010/08/24 22:50:05 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2010/08/24 22:50:04 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys
[2010/08/24 22:49:59 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2010/08/24 22:49:55 | 000,347,550 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2010/08/24 22:49:53 | 000,594,238 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys
[2010/08/24 22:49:50 | 000,595,647 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2010/08/24 22:49:48 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2010/08/24 22:49:46 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2010/08/24 22:49:43 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2010/08/24 22:49:39 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2010/08/24 22:49:35 | 000,061,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2010/08/24 22:49:33 | 000,051,200 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2010/08/24 22:49:30 | 000,053,248 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2010/08/24 22:49:28 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2010/08/24 22:49:25 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2010/08/24 22:49:19 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2010/08/24 22:49:18 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2010/08/24 22:49:15 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys
[2010/08/24 22:49:09 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2010/08/24 22:49:07 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2010/08/24 22:49:06 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2010/08/24 22:49:04 | 000,171,520 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2010/08/24 22:49:02 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2010/08/24 22:49:00 | 000,455,199 | ---- | C] (3Com Corporation.) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2010/08/24 22:48:58 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2010/08/24 22:48:56 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2010/08/24 22:48:55 | 000,241,206 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2010/08/24 22:48:53 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2010/08/24 22:48:51 | 000,634,134 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2010/08/24 22:48:50 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2010/08/24 22:48:48 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2010/08/24 22:48:46 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2010/08/24 22:48:45 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2010/08/24 22:48:43 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2010/08/24 22:48:41 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2010/08/24 22:48:41 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2010/08/24 22:48:37 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2010/08/24 22:48:35 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100b325.sys
[2010/08/24 22:48:34 | 000,050,719 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2010/08/24 22:48:27 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2010/08/24 22:48:25 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2010/08/24 22:48:21 | 000,020,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpti2o.sys
[2010/08/24 22:48:18 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2010/08/24 22:48:17 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2010/08/24 22:48:15 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2010/08/24 22:48:11 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2010/08/24 22:48:10 | 000,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys
[2010/08/24 22:48:03 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2010/08/24 22:48:03 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2010/08/24 22:48:01 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2010/08/24 22:47:59 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2010/08/24 22:47:53 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2010/08/24 22:47:52 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2010/08/24 22:47:50 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2010/08/24 22:47:49 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2010/08/24 22:47:46 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2010/08/24 22:47:45 | 000,614,429 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2010/08/24 22:47:43 | 000,042,432 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2010/08/24 22:47:42 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2010/08/24 22:47:40 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2010/08/24 22:47:39 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2010/08/24 22:47:37 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2010/08/24 22:47:35 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2010/08/24 22:47:34 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2010/08/24 22:47:32 | 000,090,525 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2010/08/24 22:47:31 | 000,103,044 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2010/08/24 22:47:29 | 000,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2010/08/24 22:47:27 | 000,037,735 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2010/08/24 22:47:26 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2010/08/24 22:47:23 | 000,419,357 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2010/08/24 22:47:22 | 000,029,531 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2010/08/24 22:47:20 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2010/08/24 22:47:18 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2010/08/24 22:47:17 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe
[2010/08/24 22:47:15 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll
[2010/08/24 22:47:13 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2010/08/24 22:47:11 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2010/08/24 22:47:09 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2010/08/24 22:47:08 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2010/08/24 22:47:06 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2010/08/24 22:47:05 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2010/08/24 22:47:03 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2010/08/24 22:46:59 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dac960nt.sys
[2010/08/24 22:46:58 | 000,179,584 | ---- | C] (Mylex Corporation) -- C:\WINDOWS\System32\dllcache\dac2w2k.sys
[2010/08/24 22:46:54 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2010/08/24 22:46:53 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2010/08/24 22:46:51 | 000,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2010/08/24 22:46:50 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2010/08/24 22:46:48 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2010/08/24 22:46:47 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2010/08/24 22:46:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2010/08/24 22:46:44 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2010/08/24 22:46:42 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2010/08/24 22:46:42 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2010/08/24 22:46:40 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2010/08/24 22:46:39 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2010/08/24 22:46:37 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2010/08/24 22:46:36 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2010/08/24 22:46:35 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2010/08/24 22:46:33 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2010/08/24 22:46:31 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll
[2010/08/24 22:46:30 | 000,249,856 | ---- | C] (ComtrolŪ Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2010/08/24 22:46:29 | 000,096,256 | ---- | C] (Copyright © Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2010/08/24 22:46:27 | 000,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2010/08/24 22:46:26 | 000,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys
[2010/08/24 22:46:23 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll
[2010/08/24 22:46:22 | 000,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2010/08/24 22:46:20 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2010/08/24 22:46:20 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2010/08/24 22:46:18 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2010/08/24 22:46:17 | 000,021,533 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2010/08/24 22:46:16 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cpqarray.sys
[2010/08/24 22:46:09 | 000,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2010/08/24 22:46:06 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2010/08/24 22:46:04 | 000,006,656 | ---- | C] (CMD Technology, Inc.) -- C:\WINDOWS\System32\dllcache\cmdide.sys
[2010/08/24 22:46:02 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2010/08/24 22:46:00 | 000,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2010/08/24 22:45:59 | 000,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2010/08/24 22:45:59 | 000,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2010/08/24 22:45:57 | 000,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2010/08/24 22:45:56 | 000,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2010/08/24 22:45:54 | 000,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2010/08/24 22:45:52 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2010/08/24 22:45:50 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010/08/24 22:45:50 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010/08/24 22:45:48 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2010/08/24 22:45:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2010/08/24 22:45:47 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2010/08/24 22:45:47 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2010/08/24 22:45:46 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2010/08/24 22:45:43 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2010/08/24 22:45:42 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2010/08/24 22:45:42 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2010/08/24 22:45:41 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2010/08/24 22:45:40 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2010/08/24 22:45:37 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2010/08/24 22:45:37 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cd20xrnt.sys
[2010/08/24 22:45:36 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2010/08/24 22:45:35 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2010/08/24 22:45:34 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2010/08/24 22:45:33 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2010/08/24 22:45:29 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2010/08/24 22:45:26 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2010/08/24 22:45:25 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2010/08/24 22:45:24 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2010/08/24 22:45:23 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2010/08/24 22:45:23 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2010/08/24 22:45:22 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2010/08/24 22:45:21 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2010/08/24 22:45:20 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2010/08/24 22:45:19 | 000,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2010/08/24 22:45:18 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2010/08/24 22:45:17 | 000,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2010/08/24 22:45:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2010/08/24 22:44:38 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2010/08/24 22:44:34 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2010/08/24 22:44:34 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2010/08/24 22:44:33 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2010/08/24 22:44:32 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2010/08/24 22:44:31 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2010/08/24 22:44:30 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2010/08/24 22:44:29 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2010/08/24 22:44:28 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2010/08/24 22:44:26 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2010/08/24 22:44:25 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2010/08/24 22:44:24 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2010/08/24 22:44:24 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2010/08/24 22:44:23 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2010/08/24 22:44:22 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2010/08/24 22:44:21 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2010/08/24 22:44:20 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2010/08/24 22:44:19 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2010/08/24 22:44:18 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2010/08/24 22:44:17 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2010/08/24 22:44:15 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2010/08/24 22:44:13 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2010/08/24 22:44:13 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2010/08/24 22:44:12 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2010/08/24 22:44:11 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2010/08/24 22:44:10 | 000,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys
[2010/08/24 22:44:09 | 000,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys
[2010/08/24 22:44:07 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2010/08/24 22:44:07 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2010/08/24 22:44:06 | 000,096,640 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys
[2010/08/24 22:44:05 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2010/08/24 22:44:04 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2010/08/24 22:44:01 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2010/08/24 22:44:00 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2010/08/24 22:43:59 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2010/08/24 22:43:57 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2010/08/24 22:43:56 | 000,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2010/08/24 22:43:55 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2010/08/24 22:43:44 | 000,070,528 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys
[2010/08/24 22:43:43 | 000,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll
[2010/08/24 22:43:40 | 000,281,600 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys
[2010/08/24 22:43:39 | 000,075,136 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys
[2010/08/24 22:43:38 | 000,289,664 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys
[2010/08/24 22:43:38 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2010/08/24 22:43:37 | 000,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll
[2010/08/24 22:43:36 | 000,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll
[2010/08/24 22:43:36 | 000,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll
[2010/08/24 22:43:31 | 000,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2010/08/24 22:43:31 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2010/08/24 22:43:29 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2010/08/24 22:43:28 | 000,014,848 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc3550.sys
[2010/08/24 22:43:27 | 000,022,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asc3350p.sys
[2010/08/24 22:43:26 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2010/08/24 22:43:26 | 000,026,496 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc.sys
[2010/08/24 22:43:24 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2010/08/24 22:43:24 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2010/08/24 22:43:23 | 000,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\amsint.sys
[2010/08/24 22:43:22 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2010/08/24 22:43:21 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys
[2010/08/24 22:43:20 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys
[2010/08/24 22:43:19 | 000,056,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78xx.sys
[2010/08/24 22:43:19 | 000,055,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78u2.sys
[2010/08/24 22:43:18 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aha154x.sys
[2010/08/24 22:43:11 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2010/08/24 22:43:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2010/08/24 22:43:06 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adpu160m.sys
[2010/08/24 22:43:06 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2010/08/24 22:43:05 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2010/08/24 22:43:04 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2010/08/24 22:43:03 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2010/08/24 22:43:03 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2010/08/24 22:43:02 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2010/08/24 22:43:01 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2010/08/24 22:42:59 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2010/08/24 22:42:58 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2010/08/24 22:42:58 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2010/08/24 22:42:57 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2010/08/24 22:42:57 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2010/08/24 22:42:56 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\abp480n5.sys
[2010/08/24 22:42:55 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2010/08/24 22:42:53 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2010/08/24 22:42:52 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2010/08/24 22:42:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2010/08/24 22:42:51 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2010/08/24 22:42:51 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2010/08/24 22:42:50 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2010/08/24 22:42:50 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2010/08/24 22:41:55 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2010/08/24 18:05:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\IObit
[2010/08/24 18:05:24 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010/08/24 17:35:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/08/24 17:31:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Downloads
[2010/08/24 17:20:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Mozilla
[2010/08/24 17:20:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Mozilla
[2010/08/24 16:42:44 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/08/23 23:11:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\backups
[2010/08/23 08:14:29 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/08/23 08:14:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/08/23 08:14:17 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/08/23 07:52:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Sunbelt Software
[2010/08/23 07:49:11 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{ECC164E0-3133-4C70-A831-F08DB2940F70}
[2010/08/23 07:47:36 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/08/23 07:47:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010/08/22 21:57:53 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/08/22 21:57:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/08/22 18:35:18 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2010/08/18 18:49:09 | 000,000,000 | ---D | C] -- C:\Autoruns
[2010/08/17 16:53:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2010/08/17 16:53:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/08/17 16:53:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/08/17 16:53:35 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/08/17 16:53:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/17 16:51:18 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Owner\Desktop\HijackThis.exe
[2010/08/15 22:32:57 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/08/15 16:22:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/08/15 15:38:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/08/15 15:38:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/08/15 15:38:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/08/15 15:38:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/08/15 15:29:17 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IECompatCache
[2010/08/15 15:28:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010/08/15 15:25:44 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\PrivacIE
[2010/08/15 15:19:32 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/08/15 15:19:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2010/08/15 15:01:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IETldCache
[2010/08/15 14:54:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/08/15 14:51:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/08/15 14:51:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/09/10 17:27:03 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/09/10 17:26:27 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/10 17:26:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/10 17:26:19 | 535,875,584 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/10 07:24:34 | 007,340,032 | ---- | M] () -- C:\Documents and Settings\Owner\ntuser.dat
[2010/09/10 07:24:34 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010/09/10 07:20:13 | 009,095,070 | -H-- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\IconCache.db
[2010/09/10 07:20:04 | 000,000,516 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/09/10 07:20:04 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2010/09/10 07:20:04 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/09/10 07:01:34 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/09/10 06:53:54 | 000,001,165 | ---- | M] () -- C:\CF-Submit.htm
[2010/09/09 10:36:00 | 003,841,108 | R--- | M] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2010/09/09 10:06:59 | 064,468,357 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/09/08 17:43:40 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2010/09/08 16:59:37 | 000,133,632 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RKUnhookerLE.EXE
[2010/08/30 07:19:59 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\defogger_reenable
[2010/08/30 06:45:40 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Defogger.exe
[2010/08/28 10:28:49 | 000,000,981 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/08/28 10:28:48 | 000,000,963 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Spybot - Search & Destroy.lnk
[2010/08/26 13:44:22 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/08/26 13:44:22 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2010/08/26 13:44:19 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/08/26 13:44:03 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/08/26 13:44:01 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/08/26 13:43:59 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/08/24 18:05:49 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk
[2010/08/24 18:05:49 | 000,000,874 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare.lnk
[2010/08/24 17:59:30 | 000,050,752 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/08/24 17:20:39 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/08/24 16:43:40 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/24 16:43:40 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/08/24 12:52:47 | 000,220,840 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/08/24 11:34:01 | 000,000,448 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\wklnhst.dat
[2010/08/23 20:25:48 | 000,000,084 | -H-- | M] () -- C:\aaw7boot.cmd
[2010/08/23 08:14:17 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/08/23 07:49:07 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/08/23 07:49:06 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/08/22 22:28:13 | 000,416,826 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100826-182606.backup
[2010/08/22 20:00:46 | 000,001,968 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\cc_20100822_195720.reg
[2010/08/21 13:15:41 | 000,020,480 | ---- | M] (NT Kernel Resources) -- C:\WINDOWS\System32\drivers\ndisrd.sys
[2010/08/18 18:59:44 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/08/17 16:53:42 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/17 16:41:38 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\opufjku6.exe
[2010/08/17 16:40:56 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Owner\Desktop\HijackThis.exe
[2010/08/17 16:40:18 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\dds.scr
[2010/08/17 15:55:44 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/08/16 22:22:21 | 000,001,514 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\Disk Cleanup.lnk
[2010/08/15 16:28:42 | 000,443,380 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/08/15 16:28:42 | 000,383,822 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/08/15 16:28:42 | 000,054,010 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/08/15 16:25:14 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010/08/15 15:27:42 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/08/12 07:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/09/10 06:53:54 | 000,001,165 | ---- | C] () -- C:\CF-Submit.htm
[2010/09/09 11:05:49 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/09/09 11:05:42 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2010/09/09 10:58:34 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/09/09 10:58:34 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/09/09 10:58:34 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/09/09 10:58:34 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/09/09 10:58:34 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/09/09 10:46:07 | 003,841,108 | R--- | C] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2010/09/08 16:59:37 | 000,133,632 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RKUnhookerLE.EXE
[2010/08/30 07:19:59 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\defogger_reenable
[2010/08/30 07:19:06 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Defogger.exe
[2010/08/26 13:44:22 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2010/08/26 13:43:59 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/08/26 13:43:33 | 064,468,357 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/08/24 23:35:08 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2010/08/24 23:34:59 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2010/08/24 23:34:44 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010/08/24 23:20:35 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2010/08/24 23:20:29 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2010/08/24 23:20:23 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010/08/24 23:20:23 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010/08/24 23:14:00 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2010/08/24 23:11:41 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010/08/24 23:11:36 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/08/24 23:10:21 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/08/24 22:53:24 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2010/08/24 22:53:15 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2010/08/24 22:53:09 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2010/08/24 22:53:02 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2010/08/24 22:52:56 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2010/08/24 22:52:30 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/08/24 22:47:58 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2010/08/24 22:47:56 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2010/08/24 22:47:55 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2010/08/24 22:45:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010/08/24 22:45:11 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010/08/24 22:45:07 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010/08/24 22:45:06 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010/08/24 22:45:06 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010/08/24 22:45:05 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010/08/24 22:45:05 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010/08/24 22:45:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010/08/24 22:45:04 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010/08/24 22:45:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010/08/24 22:45:03 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010/08/24 22:45:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010/08/24 22:45:02 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010/08/24 22:45:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010/08/24 22:45:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010/08/24 22:45:01 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010/08/24 22:45:00 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010/08/24 22:44:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010/08/24 22:44:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010/08/24 22:44:59 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010/08/24 22:44:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010/08/24 22:44:58 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010/08/24 22:44:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010/08/24 22:44:57 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010/08/24 22:44:56 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010/08/24 22:44:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010/08/24 22:44:55 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010/08/24 22:44:54 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010/08/24 22:44:54 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010/08/24 22:44:54 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010/08/24 22:44:53 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010/08/24 22:44:53 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010/08/24 22:44:52 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010/08/24 22:44:52 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010/08/24 22:44:51 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010/08/24 22:44:49 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010/08/24 22:44:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010/08/24 22:44:48 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010/08/24 22:44:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010/08/24 22:44:47 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010/08/24 22:44:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010/08/24 22:44:46 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010/08/24 22:44:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010/08/24 22:44:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010/08/24 22:44:45 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010/08/24 22:44:44 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010/08/24 22:44:42 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010/08/24 22:44:40 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010/08/24 22:44:40 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010/08/24 22:44:39 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010/08/24 22:44:17 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010/08/24 22:44:14 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010/08/24 22:43:50 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2010/08/24 22:43:50 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2010/08/24 22:43:49 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2010/08/24 22:43:48 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2010/08/24 22:43:47 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2010/08/24 22:43:46 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2010/08/24 22:43:46 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2010/08/24 22:43:45 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2010/08/24 22:43:41 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2010/08/24 22:43:35 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2010/08/24 18:05:49 | 000,000,892 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk
[2010/08/24 18:05:49 | 000,000,874 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare.lnk
[2010/08/24 17:20:39 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/08/24 16:43:40 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/08/24 16:43:40 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/08/23 20:25:48 | 000,000,084 | -H-- | C] () -- C:\aaw7boot.cmd
[2010/08/23 07:49:07 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/08/23 07:49:06 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/08/22 21:58:03 | 000,000,981 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/08/22 21:58:03 | 000,000,963 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\Spybot - Search & Destroy.lnk
[2010/08/22 20:00:41 | 000,001,968 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\cc_20100822_195720.reg
[2010/08/18 19:32:37 | 535,875,584 | -HS- | C] () -- C:\hiberfil.sys
[2010/08/17 16:53:42 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/17 16:51:20 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\opufjku6.exe
[2010/08/17 16:51:13 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\dds.scr
[2008/08/22 21:31:39 | 000,000,632 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2006/11/21 20:22:02 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/04/24 16:54:06 | 000,005,665 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\GdiplusUpgrade_MSIApproach_Wrapper.log
[2006/04/24 16:54:06 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/04/20 19:49:19 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/07/13 14:43:50 | 000,000,448 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\wklnhst.dat
[2005/04/19 16:46:32 | 000,000,857 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\AdobeDLM.log
[2005/04/19 16:46:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\dm.ini
[2005/03/27 20:49:39 | 000,008,704 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/02/20 17:07:02 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2005/02/20 16:26:55 | 000,000,774 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2004/11/21 21:09:59 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/11/21 20:59:50 | 000,015,669 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/11/21 20:49:10 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2004/08/16 07:42:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/07 08:16:44 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/07 08:10:08 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/02/26 01:18:04 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll

========== Custom Scans ==========


< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2004/08/07 00:45:26 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/08/07 00:45:26 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/07 00:45:26 | 000,892,928 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\*. /mp /s >

< %SYSTEMDRIVE%\*.exe >

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\drivers\ndisrd.sys:SummaryInformation
< End of report >

Thanks,
Techgirl888

#11 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:11:09 AM

Posted 12 September 2010 - 12:31 PM

Hi techgirl888,

Please do the following then let me know if your internet is working.

Go to Start>>Run and type devmgmt.msc
In device manager expand Network adapters
Right click on each network adapter and select Uninstall then Ok
Then click on the Scan for hardware changes button
Once it has finished, check if you internet connection is working.

unite.jpg


#12 techgirl888

techgirl888
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Chicago, IL USA
  • Local time:05:09 AM

Posted 12 September 2010 - 05:22 PM

Hi Syler,

Yes internet connection is now working, although the adapter listed as WAN Miniport (IP) - WinpkFilter Miniport would not uninstall and still has the same status message.

I went ahead and submitted the files requested by combo fix.

Thanks,
Techgirl888



#13 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:11:09 AM

Posted 13 September 2010 - 07:46 AM

Good to hear it's working, can you tell me how the computer is running now and if their are any more problems?

Download AlternateStreamView.zip and extract the contents.
Double click on AlternateStreamView.exe to start it.
In the Scan Options box, click browse and navigate to the folder C:\WINDOWS\system32\drivers
Uncheck Scan Subfolders, then click scan.
In the results, find the steam under Filename called C:\WINDOWS\system32\drivers\ndisrd.sys
Right click on it and select Export selected streams to... then Browse to your C drive (C:\).
Check the Add the following extension to exported filenames: box, then click Ok.
Now go to the file you just saved ndisrd.sys__.dat, zip it up and attach it in your reply.



Please download JavaRa and unzip it to your desktop.
Then Print these instructions as you won't have Internet access during this particular phase.

Close any instances of Internet Explorer before continuing
  • Double-click on JavaRa.exe to start the program.
  • From the drop-down menu, choose English or the appropriate language...and click on Select.
  • JavaRa will open; Select Remove Older Versions, click yes, then ok.
  • A logfile will pop up, you can close it.
  • Now select Additional Tasks and check the following:
    Remove Useless JRE Files
    Remove Startup Entry
  • Click Go then ok to all the prompts, once done restart your computer.



Please do a scan with ESET OnlineScan

Note: If you run this in a browser other than IE you will be asked to download and install esetsmartinstaller_enu.exe
  • Click the button.
  • Check
  • Click the button.
  • Accept any security warnings from your browser and allow it to install the ActiveX control.
  • Check
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push
  • Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the button.
  • Push

unite.jpg


#14 techgirl888

techgirl888
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Chicago, IL USA
  • Local time:05:09 AM

Posted 14 September 2010 - 09:09 AM

Hi Syler,

Sorry for the delay in my reply this time. Yesterday was a rough one. IE is no longer redirecting searches, YEAH!!! I am noticing after 10mins of use the computer slows to a crawl and it takes forever to do anything. Other than that it seems to be operating correctly.

I attached the ndisrd zip as requested.

Here is the ESET report:

C:\Qoobox\Quarantine\C\WINDOWS\system32\yyadd.bak1.vir Win32/Adware.Virtumonde.NEO application
C:\Qoobox\Quarantine\C\WINDOWS\system32\yyadd.bak2.vir Win32/Adware.Virtumonde.NEO application
C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\nv_agp.SYS.vir Win32/Olmarik.ZC trojan

I recognize the Qoobox folder as the one that I submitted for review(combofix).


Thanks,
Techgirl888

Attached Files



#15 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:11:09 AM

Posted 14 September 2010 - 10:37 AM

Hi Techgirl888,

Everthing there looks ok, the files in Qoobox will be dealt with when we do the final cleanup. When the computer slows down
after 10mins can you take a look in task manager and tell me if their is any particular file taking up the cpu, also does this
slow down stop after a while?

unite.jpg





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users