Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Wanted to see if I messed any thing up while trying to fix a MBR virus on my own


  • This topic is locked This topic is locked
20 replies to this topic

#1 lostkause

lostkause

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:19 PM

Posted 08 October 2010 - 01:35 PM

Hello,
Before I found this forum I attempted to fix my computer that had a MBR virus.
Not real smart I know but didn't know there was any help out there in internet land.
It all started with a google redirect.
Did some researched and found this virus can be many things.
I have CA security suite from roadrunner and called them after I ran there software and the problem was not fixed.
The CA tech took over my computer and through a rootkit software tool that they have , found a MBR virus.(no specifics)
Also they ran TDDSKILLER by kapersky before this. I don't think it found anything not sure.
But the rootkit software certainty did.
They then told me that there is nothing you can do for a MBR virus and to reformat.
I was very disappointed to say the least.
My google redirect was in firefox but my explorer worked fine so I researched some more.
I came across a thread that recommended Hitman pro. ( Sounded promising) Didn't work of course.
I lastly found out about combo-fix. Ran the program per the very intense instructions.
Google redirect was gone.
So I called CA back and asked them to take over my computer again and run this rootkit software.
They did reluctantly and found it again. ( Even after combo-fix)
Was starting to get worried because even if I wasn't getting the redirect the MBR was still showing up.
Once again did some more research and found out that even if you reformat this may not remove the virus because reformatting does not affect the MBR.
So I found the final step that I did which was putting in my recovery CD and going to repair and selecting drive C
and doing the fixmbr and fixboot.
I know it was very risky from the information i read but seemed the only thing I could do.
Was very scared I was going to loose all my drives and who knows what else.
To my surprise everything came back to normal.
I ran the software that CA had left on my computer. ( CA rootkit repair) and the MBR that was showing up was gone.
I also ran CA anti-virus-found nothing
I also ran Tddskiller-found nothing
I also ran malwarebytes-found nothing
I think a few others with nothing found.
After this lengthy post of my endeavors I was wondering is there anything you can have me run that will produce a log
and upload it to you for analysis.
My concern is everything seems fine on the surface but I could not read a report log and figure it out if anything is still wrong.
Lastly I will say my other concern is that I think but not sure the original virus came in through firefox add-on.
I have tried to uninstall firefox just because I wanted a fresh one.
This program will not uninstall. ( maybe a concern, maybe just something to do with firefox , don't know.)
I hope this post wasn't to long just wanted to give you all the history.
Thank you in advance LOSTKAUSE


BC AdBot (Login to Remove)

 


#2 lostkause

lostkause
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:19 PM

Posted 15 October 2010 - 09:40 PM

I have posted this problem before without the logs required by this site for help.
I am now re-posting problem with correct logs. Sorry for the miss-communication.
I think I have my ducks in a row now. To start I have ran the Defrogger before all other steps were taken.
Running XP OS Service pack 3 on HP Desktop.
Before I found this forum I attempted to fix my computer that had a MBR virus.
Not real smart I know.Found this site after the fact.
It all started with a google redirect.Apparently I'm not the only one that has had this problem.
I have CA security suite from roadrunner and called them after I ran there AV software and the problem was not fixed.
The CA tech took over my computer and through a rootkit software tool that they have , found a MBR virus.(no specifics)
Also they ran TDDSKILLER by kapersky before this. I don't think it found anything not sure.
But the rootkit software certainty did.
They then told me that there is nothing you can do for a MBR virus and to reformat.
Very hard to here from your AV provider. Almost pulled the trigger and then decided to read up on it.
My google redirect was in firefox but my explorer worked fine so thats what I did.
I came across a thread that recommended Hitman pro. ( Sounded promising) Didn't work of course.
I lastly found out about combo-fix. Ran the program per the very intense instructions.
Google redirect was gone.(Sorry did not keep the logs.Sorry bout that.
So I called CA back and asked them to take over my computer again and run this rootkit software.Attached File  Attach.txt   18.58KB   1 downloads
They did and found it again.
Was starting to get worried because even if I wasn't getting the redirect the MBR was still showing up.
Once again did some more research and found out that even if you reformat this may not remove the virus because reformatting does not affect the MBR.(So I read)Im sure you guys know the answer to that.
So I found the final step that I did on some other fourm which was putting in my recovery CD and going to repair and selecting drive C and doing the fixmbr and fixboot.
I know it was very risky from the information I read but seemed the only thing I could do before reformatting.
Was very scared I was going to loose all my drives and who knows what else.
To my surprise everything came back to normal.
I ran the software that CA had left on my computer. ( CA rootkit repair) and the MBR that was showing up was gone.
I also ran CA anti-virus-found nothing(This AV does not produse a log)
I also ran Tddskiller-found nothing
I also ran malwarebytes-found nothing.
Out of all scans the only problem one will be the Kaspersky on line 7.0 scanner.This is what it found.Scan statistics:
Objects scanned: 125683
Threats found: 1
Infected objects found: 8
Suspicious objects found: 0
Scan duration: 08:13:59


File name / Threat / Threats count
C:\hp\recovery\wizard\fscommand\AppRecoveryLink_ret.exe Infected: Trojan-Spy.Win32.Agent.bdrd 1
C:\hp\recovery\wizard\fscommand\CDLogic_ret.exe Infected: Trojan-Spy.Win32.Agent.bdrd 1
C:\hp\recovery\wizard\fscommand\CreatorLink_ret.exe Infected: Trojan-Spy.Win32.Agent.bdrd 1
C:\hp\recovery\wizard\fscommand\RestoreLink_ret.exe Infected: Trojan-Spy.Win32.Agent.bdrd 1
C:\hp\recovery\wizard\fscommand\RTCDLink_ret.exe Infected: Trojan-Spy.Win32.Agent.bdrd 1
C:\hp\recovery\wizard\fscommand\RunLink_ret.exe Infected: Trojan-Spy.Win32.Agent.bdrd 1
C:\hp\recovery\wizard\fscommand\SysRecoveryLink_ret.exe Infected: Trojan-Spy.Win32.Agent.bdrd 1
C:\hp\recovery\wizard\fscommand\WizardLink_ret.exe Infected: Trojan-Spy.Win32.Agent.bdrd 1
Selected area has been scanned.

As you know Kaspersky online scanner does not have a removal tool so I did a scan with Eset scanner.

Eset found the same virus --C:\hp\recovery\wizard\fscommand\AppRecoveryLink_ret.exe Infected: Trojan-Spy.Win32.Agent.bdrd
C:\hp\recovery\wizard\fscommand\CDLogic_ret.exe Infected: Trojan-Spy.Win32.Agent.bdrd 1
C:\hp\recovery\wizard\fscommand\CreatorLink_ret.exe Infected: Trojan-Spy.Win32.Agent.bdrd 1
C:\hp\recovery\wizard\fscommand\RestoreLink_ret.exe Infected: Trojan-Spy.Win32.Agent.bdrd 1
C:\hp\recovery\wizard\fscommand\RTCDLink_ret.exe Infected: Trojan-Spy.Win32.Agent.bdrd 1
C:\hp\recovery\wizard\fscommand\RunLink_ret.exe Infected: Trojan-Spy.Win32.Agent.bdrd 1
C:\hp\recovery\wizard\fscommand\SysRecoveryLink_ret.exe Infected: Trojan-Spy.Win32.Agent.bdrd 1
C:\hp\recovery\wizard\fscommand\WizardLink_ret.exe Infected: Trojan-Spy.Win32.Agent.bdrd 1
Eset quarantined and deleted virus. (Or virus logs )

Ran Kaspersky online scanner 7.0 again.Log was clean.
Since then I have ran Superantispyware and malwarebytes in safe mode and have gotten clean scans.
Also Eset and Kaspersky both produce clean logs .After the ESET quarantine.
I would assume this matter is fixed but me being me I am asking for some assistance for a review of my logs to be sure.
Its very hard to let this go just on my program scans and not a deeper look after my own AV people said to reformat.
I have also removed and updated Java and Adobe per information from other post at this site.
Thank you so much in advance,Lostkause.

DDS (Ver_10-10-10.03) - NTFSx86
Run by Owner at 19:51:40.07 on Thu 10/14/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1527.919 [GMT -4:00]

AV: CA Anti-Virus Plus *On-access scanning enabled* (Updated) {6B98D35F-BB76-41C0-876B-A50645ED099A}
FW: CA Personal Firewall *enabled* {38102F93-1B6E-4922-90E1-A35D8DC6DAA3}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
svchost.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe
C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\CA\CA Internet Security Suite\ccEvtMgr.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\CA\CA Internet Security Suite\casc.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01542859\Toolbar\CAGlobal.exe
C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01542859\Light\CAGlobalLight.exe
C:\Program Files\MSN Toolbar\Platform\4.0.0417.0\mswinext.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Documents and Settings\Owner\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.facebook.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = localhost;*.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: {6d5e2df5-cfc8-d565-5af9-82e825cea0f4} - 7c887026
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: BrowserHelper Class: {8a9d74f9-560b-4fe7-abeb-3b2e638e5cd6} - c:\program files\sgpsa\SearchAssistant.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Search Assistant: {f0626a63-410b-45e2-99a1-3f2475b2d695} - c:\program files\sgpsa\BHO.dll
BHO: CA Toolbar Helper: {fbf2401b-7447-4727-be5d-c19b2075ca84} - c:\program files\ca\ca internet security suite\ca website inspector\1.2.1.24.01542859\toolbar\CallingIDIE.dll
BHO: Fast Browser Search Toolbar Helper: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\fast browser search\ie\FBStoolbar.dll
BHO: {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: LimeWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: CA Toolbar: {10134636-e7af-4ac5-a1dc-c7c44bb97d81} - c:\program files\ca\ca internet security suite\ca website inspector\1.2.1.24.01542859\toolbar\CallingIDIE.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\4.0.0417.0\npwinext.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: Fast Browser Search Toolbar: {1bb22d38-a411-4b13-a746-c2a4f4ec7344} - c:\program files\fast browser search\ie\FBStoolbar.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [SmartRAM] "c:\program files\iobit\advanced systemcare 3\Sup_SmartRAM.exe" /m
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [TkBellExe]
uRun: [capfupgrade]
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [InCD] c:\program files\ahead\incd\InCD.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [AlcxMonitor] ALCXMNTR.EXE
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [cctray] "c:\program files\ca\ca internet security suite\casc.exe"
mRun: [capfupgrade] c:\program files\ca\ca internet security suite\ca personal firewall\capfupgrade.exe
mRun: [SunJavaUpdateSched] c:\program files\java\jre6\bin\jusched.exe
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
dRunOnce: [RunNarrator] Narrator.exe
mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
LSP: c:\windows\system32\VetRedir.dll
DPF: {01010200-5E80-11D8-9E86-0007E96C65AE} - hxxp://supportcenter.rr.com/sdccommon/download/tgctlins.cab
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://supportcenter.rr.com/sdccommon/download/tgctlcm.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?39074.9135532407
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: {30364662-925E-4922-852C-98109833CC4B} = 4.2.2.2,4.2.2.1
Handler: callingid - {086D03BA-57AC-4C8E-A33D-0BAABF742411} - c:\program files\ca\ca internet security suite\ca website inspector\1.2.1.24.01542859\toolbar\CallingIDToolbar.dll
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxsrvc.dll
Notify: PFW - UmxWnp.Dll
AppInit_DLLs: UmxSbxExw.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: ShellHook Class: {1869181a-9f50-4fcf-8bff-1b8588ecb85c} - c:\program files\ca\ca internet security suite\ca website inspector\1.2.1.24.01542859\linkadvisor\CIDLinkAdvisor.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\iw5n5xq2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=99&q=
FF - prefs.js: browser.search.selectedEngine - Fast Browser Search
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=99&tid={70CCD33E-A4D0-2C89-8DB6-BDF2817AA545}&q=
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\iw5n5xq2.default\extensions\{e4878b45-e2c0-4307-b6e8-734922f92f5b}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\iw5n5xq2.default\extensions\{e4878b45-e2c0-4307-b6e8-734922f92f5b}\components\RadioWMPCore.dll
FF - component: c:\program files\ca\ca internet security suite\ca website inspector\1.2.1.24.01542859\linkadvisor\firefox\components\CallingIDLinkAdvisorGecko.dll
FF - component: c:\program files\ca\ca internet security suite\ca website inspector\1.2.1.24.01542859\toolbar\firefox\components\CIDDomFx3.dll
FF - component: c:\program files\ca\ca internet security suite\ca website inspector\1.2.1.24.01542859\toolbar\firefox\components\CIDDomFx35.dll
FF - component: c:\program files\ca\ca internet security suite\ca website inspector\1.2.1.24.01542859\toolbar\firefox\components\CIDDomFx36.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\msn toolbar\platform\4.0.0417.0\npwinext.dll
FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll
FF - plugin: c:\program files\real\realone player\netscape6\nppl3260.dll
FF - plugin: c:\program files\real\realone player\netscape6\nprjplug.dll
FF - plugin: c:\program files\real\realone player\netscape6\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

============= SERVICES / DRIVERS ===============

R0 KmxAMRT;KmxAMRT;c:\windows\system32\drivers\KmxAMRT.sys [2009-12-23 132088]
R0 KmxStart;KmxStart;c:\windows\system32\drivers\KmxStart.sys [2009-6-8 108024]
R1 KmxAgent;KmxAgent;c:\windows\system32\drivers\KmxAgent.sys [2009-12-23 78840]
R1 KmxFile;KmxFile;c:\windows\system32\drivers\KmxFile.sys [2009-9-2 53240]
R1 KmxFw;KmxFw;c:\windows\system32\drivers\KmxFw.sys [2009-6-8 115704]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 CAISafe;CAISafe;c:\program files\ca\ca internet security suite\ca anti-virus plus\isafe.exe [2010-10-6 212992]
R2 ccSchedulerSVC;CA Common Scheduler Service;c:\program files\ca\ca internet security suite\ccschedulersvc.exe [2010-10-6 206160]
R2 KmxCF;KmxCF;c:\windows\system32\drivers\KmxCF.sys [2009-8-14 145912]
R2 KmxSbx;KmxSbx;c:\windows\system32\drivers\KmxSbx.sys [2009-9-30 60920]
R2 UmxAgent;HIPS Event Manager;c:\program files\ca\sharedcomponents\hipsengine\UmxAgent.exe [2009-8-4 887288]
R2 UmxCfg;HIPS Configuration Interpreter;c:\program files\ca\sharedcomponents\hipsengine\UmxCfg.exe [2009-7-13 760664]
R2 UmxPol;HIPS Policy Manager;c:\program files\ca\sharedcomponents\hipsengine\UmxPol.exe [2009-7-27 227832]
R3 KmxCfg;KmxCfg;c:\windows\system32\drivers\KmxCfg.sys [2009-9-30 239608]
S0 kl1;kl1;c:\windows\system32\drivers\kl1.sys --> c:\windows\system32\drivers\kl1.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-4-18 135664]
S2 mrtRate;mrtRate; [x]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336]
S3 cpuz132;cpuz132;\??\c:\docume~1\owner\locals~1\temp\cpuz132\cpuz132_x32.sys --> c:\docume~1\owner\locals~1\temp\cpuz132\cpuz132_x32.sys [?]
S3 KmxAMVet;KmxAMVet;c:\windows\system32\drivers\KmxAMVet.sys [2009-3-27 598656]
S3 M_GL0AP_IL4AV5I;M_GL0AP_IL4AV5I;c:\windows\system32\drivers\m_gl0ap_il4av5i --> c:\windows\system32\drivers\M_GL0AP_IL4AV5I [?]
S3 mamotou;mamotou;c:\windows\system32\drivers\mamotou.sys [2007-11-25 49377]

=============== Created Last 30 ================

2010-10-14 01:52:04 -------- d-----w- c:\docume~1\owner\applic~1\WinPatrol
2010-10-14 01:51:50 -------- d-----w- c:\program files\BillP Studios
2010-10-13 04:07:16 -------- d-----w- C:\Softpaq
2010-10-13 03:57:01 -------- d-----w- c:\program files\Microsoft
2010-10-13 03:56:46 -------- d-----w- c:\program files\MSN Toolbar
2010-10-13 03:53:25 -------- d-----w- c:\program files\MSN Toolbar Installer
2010-10-13 03:17:38 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2010-10-13 03:17:37 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2010-10-13 03:17:36 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2010-10-13 03:17:35 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2010-10-13 03:17:35 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2010-10-13 03:17:28 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2010-10-13 03:17:27 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2010-10-13 03:17:25 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2010-10-13 03:17:17 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys
2010-10-13 03:17:14 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2010-10-13 03:16:34 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys
2010-10-13 03:16:28 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys
2010-10-13 03:16:27 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys
2010-10-13 03:16:13 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys
2010-10-13 03:16:08 53760 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll
2010-10-13 03:16:03 701386 -c--a-w- c:\windows\system32\dllcache\wdhaalba.sys
2010-10-13 03:16:01 23615 -c--a-w- c:\windows\system32\dllcache\wch7xxnt.sys
2010-10-13 03:16:00 35871 -c--a-w- c:\windows\system32\dllcache\wbfirdma.sys
2010-10-13 03:16:00 31744 -c--a-w- c:\windows\system32\dllcache\wceusbsh.sys
2010-10-13 03:14:59 36736 -c--a-w- c:\windows\system32\dllcache\ultra.sys
2010-10-13 03:13:55 58368 -c--a-w- c:\windows\system32\dllcache\smiminib.sys
2010-10-13 03:12:59 82432 -c--a-w- c:\windows\system32\dllcache\rwia450.dll
2010-10-13 03:11:59 211584 -c--a-w- c:\windows\system32\dllcache\perm2dll.dll
2010-10-13 03:10:59 52255 -c--a-w- c:\windows\system32\dllcache\n1000nt5.sys
2010-10-13 03:09:59 8320 -c--a-w- c:\windows\system32\dllcache\memcard.sys
2010-10-13 03:08:59 23552 -c--a-w- c:\windows\system32\dllcache\irmk7.sys
2010-10-13 03:07:59 83968 -c--a-w- c:\windows\system32\dllcache\hpgt21.dll
2010-10-13 03:06:59 455199 -c--a-w- c:\windows\system32\dllcache\el985n51.sys
2010-10-13 03:05:59 17152 -c--a-w- c:\windows\system32\dllcache\cyclad-z.sys
2010-10-13 03:04:49 13824 -c--a-w- c:\windows\system32\dllcache\bulltlp3.sys
2010-10-13 03:03:59 6272 -c--a-w- c:\windows\system32\dllcache\apmbatt.sys
2010-10-10 05:27:14 388096 ----a-r- c:\docume~1\owner\applic~1\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2010-10-09 17:20:33 -------- d-----w- c:\docume~1\owner\applic~1\SUPERAntiSpyware.com
2010-10-09 17:20:33 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2010-10-09 17:20:16 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-10-08 00:37:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-08 00:37:09 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-06 22:18:57 -------- d-----w- c:\docume~1\owner\applic~1\CallingID
2010-10-06 22:18:40 -------- d-----w- c:\program files\ISSThirdParty
2010-10-06 22:18:08 95472 ----a-w- c:\windows\system32\Vetredir.dll
2010-10-06 22:18:08 201968 ----a-w- c:\windows\system32\Isafprod.dll
2010-10-06 22:18:08 128240 ----a-w- c:\windows\system32\Isafeif.dll
2010-10-06 22:11:45 -------- d-----w- c:\program files\CleanUp!
2010-10-06 22:03:29 3584 ----a-r- c:\docume~1\owner\applic~1\microsoft\installer\{121634b0-2f4b-11d3-ada3-00c04f52dd52}\Icon386ED4E3.exe
2010-10-06 22:03:29 -------- d-----w- c:\program files\Windows Installer Clean Up
2010-10-06 22:00:43 -------- d-----w- c:\docume~1\alluse~1\applic~1\CA
2010-10-06 07:49:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-06 07:04:46 -------- d-----w- C:\56c555895b0a84483b61a2eb84dc4f
2010-10-05 20:09:55 -------- d-----w- c:\windows\system32\wbem\repository\FS
2010-10-05 20:09:55 -------- d-----w- c:\windows\system32\wbem\Repository
2010-10-05 20:08:21 -------- d-----w- c:\program files\Ask.com
2010-10-05 20:08:20 -------- d-----w- c:\program files\Fast Browser Search
2010-10-05 20:06:18 -------- d--h--w- c:\windows\ie8
2010-10-05 20:05:40 -------- d-----w- c:\windows\system32\1053378324
2010-10-05 20:05:40 -------- d-----w- c:\program files\SGPSA
2010-10-05 20:05:40 -------- d-----w- c:\program files\Search Guard PlusU
2010-10-05 20:05:40 -------- d-----w- c:\program files\Search Guard Plus
2010-10-04 20:33:37 -------- d-----w- C:\RECYCLER(2)
2010-10-04 17:37:17 -------- dc----w- c:\windows\ie8(2)
2010-10-04 14:27:42 272888 ----a-w- c:\windows\system32\UmxSbxw.dll
2010-10-04 14:27:42 113144 ----a-w- c:\windows\system32\UmxSbxExw.dll
2010-10-04 11:57:31 -------- d-----w- c:\program files\Trend Micro
2010-10-04 10:20:43 -------- d-----w- c:\docume~1\alluse~1\applic~1\Hitman Pro
2010-10-04 02:26:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware(2)
2010-10-03 23:01:45 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-10-03 19:43:40 -------- d-----w- c:\windows\system32\NtmsData
2010-10-01 13:34:34 -------- d-----w- c:\program files\CA
2010-10-01 13:07:14 1445888 ----a-w- c:\documents and settings\owner\DesktopWinsockxpFix.exe
2010-10-01 13:07:12 36864 ----a-w- c:\documents and settings\owner\DesktopSafeMSI.exe
2010-10-01 13:07:12 186368 ----a-w- c:\documents and settings\owner\DesktopLSPFix.exe
2010-10-01 13:04:00 -------- d-----w- c:\windows\system32\winsflte.dl1
2010-10-01 13:04:00 -------- d-----w- c:\windows\system32\winsflt.dl1
2010-10-01 12:58:55 -------- d-----w- c:\docume~1\alluse~1\applic~1\CA-SupportBridge
2010-09-30 15:21:33 7 ----a-w- c:\windows\system32\mkghj.dll
2010-09-22 22:10:52 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2010-09-22 22:10:52 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2010-09-15 21:37:10 -------- d-----w- C:\0c5655426c6a08a8cf71b77785
2010-09-15 06:32:18 203776 --sh--w- c:\windows\system32\unrar.exe

==================== Find3M ====================

2010-09-18 16:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:58:08 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58:06 43520 ------w- c:\windows\system32\licmgr10.dll
2010-09-10 05:58:06 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-08 15:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 15:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-01 11:51:14 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 12:52:45 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-27 22:44:10 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-07-27 22:44:10 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-07-27 22:44:10 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-07-17 09:00:04 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-17 06:42:29 73728 ----a-w- c:\windows\system32\javacpl.cpl
2000-10-08 06:50:24 653471 -c--a-w- c:\program files\INSTALL.EXE

============= FINISH: 19:55:14.57 ===============


{\rtf1\ansi\ansicpg1252\deff0{\fonttbl{\f0\fnil\fcharset0 Courier New;}}
{\*\generator Msftedit 5.41.15.1515;}\viewkind4\uc1\pard\lang1033\f0\fs20 GMER 1.0.15.15281 - http://www.gmer.net\par
Rootkit scan 2010-10-15 01:25:47\par
Windows 5.1.2600 Service Pack 3\par
Running: gmer.exe; Driver: C:\\DOCUME~1\\ADMINI~1.000\\LOCALS~1\\Temp\\fgacapow.sys\par
\par
\par
---- Devices - GMER 1.0.15 ----\par
\par
Device ACPI.sys (ACPI Driver for NT/Microsoft Corporation)\par
\par
AttachedDevice \\FileSystem\\Fastfat \\Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)\par
\par
Device \\FileSystem\\Cdfs \\Cdfs BA3E3400\par
\par
---- Files - GMER 1.0.15 ----\par
\par
File C:\\My Downloads\\Programs\\DVDXCopy Platinum 4.0.3.8 Incl KeyGen 321 studios dvdx copy (clone any dvd) burn rip x key(2)\\DVDXCopy Platinum 4.0.3.8 Incl KeyGen 321 studios dvdx copy (clone any dvd) burn rip x key(1)\\DVDXCopy Platinum 4.0.3.8\\platinum4038crack\\Readme.txt 437 bytes\par
File C:\\My Downloads\\Programs\\DVDXCopy Platinum 4.0.3.8 Incl KeyGen 321 studios dvdx copy (clone any dvd) burn rip x key(2)\\DVDXCopy Platinum 4.0.3.8 Incl KeyGen 321 studios dvdx copy (clone any dvd) burn rip x key(1)\\DVDXCopy Platinum 4.0.3.8\\platinum4038crack\\setup.exe 143850 bytes executable\par
\par
---- EOF - GMER 1.0.15 ----\par
\par
}

Sorry for the break up of this log,hope you can make it out.

I removed DVDXCOPY program from my computer about mabey 2 or 3 years ago.(Mabey still a problem in hidden files but I dont think its related to current situation.

Edited by lostkause, 15 October 2010 - 11:44 PM.
Merged topics. ~ OB


#3 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:19 AM

Posted 17 October 2010 - 05:07 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
We need to create an OTL Report
  1. Please download OTL from one of the following mirrors:
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Click the "Scan All Users" checkbox.
  5. In the custom scan box paste the following:
    CODE
    msconfig
    safebootminimal
    activex
    drivers32
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    hlp.dat
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90
  6. Push the button.
  7. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt<--Will be minimized

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#4 lostkause

lostkause
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:19 PM

Posted 17 October 2010 - 07:32 AM

Thanks for getting to me , I know you guys are swamp.
OS XP Service pack 3. Desktop HP
No change,Still same situation,Just hope scan logs look OK.
I have made one slight change since last post.Had a Fast Browser Tool Bar that would not uninstall no matter what I done.
So installed Revo and took it off.That is the only change made.Them guys at Search-Guard sure do know how to deeply embed a Program.
LOG#
OTL logfile created on: 10/17/2010 7:36:59 AM - Run 1
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 59.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): C:\pagefile.sys 372 744 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.44 Gb Total Space | 48.67 Gb Free Space | 69.09% Space Free | Partition Type: NTFS
Drive D: | 4.07 Gb Total Space | 0.79 Gb Free Space | 19.39% Space Free | Partition Type: FAT32

Computer Name: YOUR-2S4KN5K0H3 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/10/17 07:34:30 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe
PRC - [2010/10/06 18:21:05 | 001,721,680 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\casc.exe
PRC - [2010/10/01 11:54:56 | 000,329,096 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2010/09/16 00:58:32 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/07/21 15:43:24 | 000,198,864 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
PRC - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010/04/06 08:12:24 | 000,206,160 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
PRC - [2010/04/06 08:12:22 | 000,251,216 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
PRC - [2010/04/06 08:12:10 | 001,103,184 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\ccEvtMgr.exe
PRC - [2010/03/22 12:02:18 | 000,947,640 | ---- | M] (CallingID Ltd.) -- C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01542859\Toolbar\CAGlobal.exe
PRC - [2010/03/22 12:01:45 | 000,878,008 | ---- | M] (CallingID Ltd.) -- C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01542859\Light\CAGlobalLight.exe
PRC - [2010/03/20 05:41:08 | 000,212,992 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe
PRC - [2009/08/04 10:42:18 | 000,887,288 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
PRC - [2009/07/31 16:30:14 | 000,150,008 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
PRC - [2009/07/27 15:40:44 | 000,227,832 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
PRC - [2009/07/13 10:39:14 | 000,760,664 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
PRC - [2008/08/26 14:02:24 | 000,014,336 | ---- | M] (Agere Systems) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/07/19 18:32:18 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2003/12/05 05:25:56 | 001,237,042 | ---- | M] (Ahead Software AG) -- C:\Program Files\Ahead\InCD\InCD.exe
PRC - [2003/12/05 05:25:28 | 000,798,772 | ---- | M] (AHEAD Software) -- C:\Program Files\Ahead\InCD\incdsrv.exe


========== Modules (SafeList) ==========

MOD - [2010/10/17 07:34:30 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/03/22 12:02:29 | 001,852,856 | ---- | M] (CallingID Ltd.) -- C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01542859\LinkAdvisor\CIDLinkAdvisor.dll
MOD - [2010/03/20 07:04:26 | 000,083,184 | ---- | M] (CA) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-8.0.0.264\QOEHook.dll
MOD - [2009/07/01 10:55:58 | 000,113,144 | ---- | M] (CA) -- C:\WINDOWS\system32\UmxSbxExw.dll
MOD - [2009/04/01 09:45:50 | 000,272,888 | ---- | M] (CA) -- C:\WINDOWS\system32\UmxSbxw.dll
MOD - [2008/04/13 20:12:01 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2007/03/26 14:03:20 | 000,057,344 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/04/06 08:12:24 | 000,206,160 | ---- | M] (Computer Associates International, Inc.) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2010/04/06 08:12:22 | 000,251,216 | ---- | M] (CA, Inc.) [On_Demand | Running] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2010/03/20 05:41:08 | 000,212,992 | ---- | M] (Computer Associates International, Inc.) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe -- (CAISafe)
SRV - [2009/08/04 10:42:18 | 000,887,288 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe -- (UmxAgent)
SRV - [2009/07/31 16:30:14 | 000,150,008 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe -- (UmxFwHlp)
SRV - [2009/07/27 15:40:44 | 000,227,832 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe -- (UmxPol)
SRV - [2009/07/13 10:39:14 | 000,760,664 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe -- (UmxCfg)
SRV - [2008/08/26 14:02:24 | 000,014,336 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2003/12/05 05:25:28 | 000,798,772 | ---- | M] (AHEAD Software) [Auto | Running] -- C:\Program Files\Ahead\InCD\incdsrv.exe -- (InCDsrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\kl1.sys -- (kl1)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Owner\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys -- (BDRsDrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys -- (BDFsDrv)
DRV - [2010/05/10 14:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 14:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/12/23 11:29:36 | 000,132,088 | ---- | M] (CA) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\KmxAMRT.sys -- (KmxAMRT)
DRV - [2009/12/23 11:29:36 | 000,078,840 | ---- | M] (CA) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2009/12/18 10:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009/09/30 16:51:00 | 000,239,608 | ---- | M] (CA) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2009/09/30 16:51:00 | 000,060,920 | ---- | M] (CA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2009/09/02 17:29:58 | 000,053,240 | ---- | M] (CA) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2009/08/14 11:43:50 | 000,145,912 | ---- | M] (CA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2009/06/08 10:02:04 | 000,115,704 | ---- | M] (CA) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2009/06/08 10:02:02 | 000,108,024 | ---- | M] (CA) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\kmxstart.sys -- (KmxStart)
DRV - [2009/03/27 15:27:04 | 000,598,656 | ---- | M] (Computer Associates International, Inc.) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KmxAMVet.sys -- (KmxAMVet)
DRV - [2009/03/25 14:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/10/29 15:43:44 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008/04/13 14:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2007/02/02 17:57:16 | 000,049,377 | ---- | M] (Mobile Action Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mamotou.sys -- (mamotou)
DRV - [2007/01/16 12:44:46 | 000,011,986 | ---- | M] (Mobile Action Technology Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\MaVc2K.sys -- (MaVctrl)
DRV - [2007/01/11 22:47:08 | 000,022,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbsermpt.sys -- (usbsermpt)
DRV - [2006/09/28 18:33:08 | 000,040,960 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P2k.sys -- (P2k)
DRV - [2006/06/08 19:55:50 | 000,005,632 | ---- | M] (Motorola INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2005/05/27 10:32:52 | 001,317,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvcm.sys -- (QCMerced)
DRV - [2005/05/27 10:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2004/08/04 01:29:54 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/01/03 00:05:48 | 000,011,520 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2004/01/02 23:20:40 | 000,432,000 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2003/12/12 10:54:14 | 000,391,424 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003/12/05 05:27:40 | 000,028,592 | ---- | M] (Ahead Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\incdpass.sys -- (InCDPass)
DRV - [2003/12/05 05:27:24 | 000,089,168 | ---- | M] (Ahead Software) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\incdfs.sys -- (InCDfs)
DRV - [2003/12/02 22:23:20 | 000,142,336 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\fasttx2k.sys -- (fasttx2k)
DRV - [2003/09/19 02:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003/08/21 10:56:36 | 000,025,520 | ---- | M] (Ahead Software AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\incdrm.sys -- (incdrm)
DRV - [2003/07/18 20:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2003/07/02 15:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002/10/04 21:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/07/30 01:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 01 98 3A 02 8F A6 CF 4C 8E 79 7E 7E 18 58 77 B0 [binary data]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 01 98 3A 02 8F A6 CF 4C 8E 79 7E 7E 18 58 77 B0 [binary data]
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 01 98 3A 02 8F A6 CF 4C 8E 79 7E 7E 18 58 77 B0 [binary data]
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 01 98 3A 02 8F A6 CF 4C 8E 79 7E 7E 18 58 77 B0 [binary data]
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1861399033-1312079479-937536695-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1861399033-1312079479-937536695-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1861399033-1312079479-937536695-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IE - HKU\S-1-5-21-1861399033-1312079479-937536695-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
IE - HKU\S-1-5-21-1861399033-1312079479-937536695-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-1861399033-1312079479-937536695-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1861399033-1312079479-937536695-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DE 2D B7 32 13 DF CA 01 [binary data]
IE - HKU\S-1-5-21-1861399033-1312079479-937536695-1003\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 01 98 3A 02 8F A6 CF 4C 8E 79 7E 7E 18 58 77 B0 [binary data]
IE - HKU\S-1-5-21-1861399033-1312079479-937536695-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1861399033-1312079479-937536695-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1861399033-1312079479-937536695-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=99&q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.selectedEngine: "Fast Browser Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.48.3
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.3
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: {e4878b45-e2c0-4307-b6e8-734922f92f5b}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91
FF - prefs.js..extensions.enabledItems: {e9259cba-e7ad-4f74-863f-ef9fe935394d}:1.2.1.24
FF - prefs.js..extensions.enabledItems: {8b02914c-4e6b-4410-90e1-1a2b1b69b12d}:1.2.1.24
FF - prefs.js..keyword.URL: "http://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=99&tid={70CCD33E-A4D0-2C89-8DB6-BDF2817AA545}&q="
FF - prefs.js..network.proxy.no_proxies_on: "localhost"


FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/04/18 12:36:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{e9259cba-e7ad-4f74-863f-ef9fe935394d}: C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01542859\Toolbar\Firefox [2010/10/06 18:18:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{8b02914c-4e6b-4410-90e1-1a2b1b69b12d}: C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01542859\LinkAdvisor\Firefox [2010/10/06 18:18:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\4.0.0417.0\Firefox
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/10/13 22:56:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/26 20:30:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/06 17:21:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{8b02914c-4e6b-4410-90e1-1a2b1b69b12d}: C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01542859\LinkAdvisor\Firefox [2010/10/06 18:18:53 | 000,000,000 | ---D | M]

[2009/04/08 22:44:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2009/04/08 22:44:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/10/17 07:00:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions
[2010/09/04 16:43:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2010/09/04 16:44:03 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/05 16:05:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions\{3a4336e3-ca32-44df-9d3e-46c65d58bb62}
[2010/09/04 16:41:14 | 000,000,000 | ---D | M] (Free Radio TV Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions\{9dbb9aeb-5a16-4989-a66f-c0f1c909d647}
[2010/09/13 01:12:38 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/10/17 01:34:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
[2010/09/04 16:43:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2010/09/04 16:44:01 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010/10/06 17:57:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/09/13 01:12:37 | 000,000,000 | ---D | M] (Road Runner Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions\{e4878b45-e2c0-4307-b6e8-734922f92f5b}
[2010/10/13 20:00:53 | 000,001,832 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\searchplugins\bing.xml
[2010/08/19 21:37:56 | 000,000,929 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\searchplugins\conduit.xml
[2010/10/17 07:00:20 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/11 06:09:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2008/06/18 02:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/05/22 21:28:48 | 000,221,184 | ---- | M] (CNN) -- C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll

O1 HOSTS File: ([2010/10/04 15:19:52 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (7c887026) - {6D5E2DF5-CFC8-D565-5AF9-82E825CEA0F4} - Reg Error: Value error. File not found
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (CA Toolbar Helper) - {FBF2401B-7447-4727-BE5D-C19B2075CA84} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01542859\Toolbar\CallingIDIE.dll (CallingID Ltd.)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (CA Toolbar) - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01542859\Toolbar\CallingIDIE.dll (CallingID Ltd.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1861399033-1312079479-937536695-1003\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1861399033-1312079479-937536695-1003\..\Toolbar\WebBrowser: (CA Toolbar) - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01542859\Toolbar\CallingIDIE.dll (CallingID Ltd.)
O3 - HKU\S-1-5-21-1861399033-1312079479-937536695-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe (CA, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Ahead Software AG)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKU\S-1-5-21-1861399033-1312079479-937536695-1003..\Run: [capfupgrade] File not found
O4 - HKU\S-1-5-21-1861399033-1312079479-937536695-1003..\Run: [SmartRAM] C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe (IObit)
O4 - HKU\S-1-5-21-1861399033-1312079479-937536695-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-1861399033-1312079479-937536695-1003..\Run: [TkBellExe] File not found
O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1861399033-1312079479-937536695-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1861399033-1312079479-937536695-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1861399033-1312079479-937536695-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O16 - DPF: {01010200-5E80-11D8-9E86-0007E96C65AE} http://supportcenter.rr.com/sdccommon/download/tgctlins.cab (SupportSoft Installer)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://supportcenter.rr.com/sdccommon/download/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/...9074.9135532407 (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\callingid {086D03BA-57AC-4C8E-A33D-0BAABF742411} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01542859\Toolbar\CallingIDToolbar.dll (CallingID Ltd.)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (CA)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {1869181A-9F50-4FCF-8BFF-1B8588ECB85C} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01542859\LinkAdvisor\CIDLinkAdvisor.dll (CallingID Ltd.)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/02 15:55:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 14:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2002/09/10 11:02:32 | 000,000,045 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{2659ce04-324d-11dc-a1da-0011090fc19a}\Shell - "" = AutoRun
O33 - MountPoints2\{2659ce04-324d-11dc-a1da-0011090fc19a}\Shell\1\Command - "" = .\RECYCLER\RECYCLER\autorun.exe
O33 - MountPoints2\{2659ce04-324d-11dc-a1da-0011090fc19a}\Shell\2\Command - "" = .\RECYCLER\RECYCLER\autorun.exe
O33 - MountPoints2\{2659ce04-324d-11dc-a1da-0011090fc19a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{39afd58a-93e0-11db-a134-0011090fc19a}\Shell - "" = AutoRun
O33 - MountPoints2\{39afd58a-93e0-11db-a134-0011090fc19a}\Shell\1\Command - "" = C:\hp\bin\autorun.exe -- [1999/10/28 22:40:04 | 000,237,568 | ---- | M] (Hewlett-Packard Company)
O33 - MountPoints2\{39afd58a-93e0-11db-a134-0011090fc19a}\Shell\2\Command - "" = C:\hp\bin\autorun.exe -- [1999/10/28 22:40:04 | 000,237,568 | ---- | M] (Hewlett-Packard Company)
O33 - MountPoints2\{39afd58a-93e0-11db-a134-0011090fc19a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6a0daf08-922a-11db-a114-806d6172696f}\Shell\AutoRun\command - "" = D:\Info.exe -- [2002/09/10 05:54:58 | 000,040,960 | -HS- | M] (XSS)
O33 - MountPoints2\{81737ec2-a384-11db-a161-0011090fc19a}\Shell - "" = AutoRun
O33 - MountPoints2\{81737ec2-a384-11db-a161-0011090fc19a}\Shell\1\Command - "" = C:\hp\bin\autorun.exe -- [1999/10/28 22:40:04 | 000,237,568 | ---- | M] (Hewlett-Packard Company)
O33 - MountPoints2\{81737ec2-a384-11db-a161-0011090fc19a}\Shell\2\Command - "" = C:\hp\bin\autorun.exe -- [1999/10/28 22:40:04 | 000,237,568 | ---- | M] (Hewlett-Packard Company)
O33 - MountPoints2\{81737ec2-a384-11db-a161-0011090fc19a}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (SDEarlyDelete) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk - C:\PROGRA~1\Adobe\READER~1.0\Reader\READER~1.EXE - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk - C:\PROGRA~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Compaq Connections.lnk - Reg Error: Value error. - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe - (Google)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe - (Logitech)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk - Reg Error: Value error. - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk - C:\Program Files\Quicken\bagent.exe - (Intuit Inc.)
MsConfig - StartUpFolder: C:^Documents and Settings^Owner^Start Menu^Programs^Startup^IMStart.lnk - Reg Error: Value error. - File not found
MsConfig - StartUpReg: CaAvTray - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: CAVRID - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: eTrustPPAP - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: QOELOADER - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: Zone Labs Client - hkey= - key= - Reg Error: Value error. File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608555} - Internet Explorer Classes for Java
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.4
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4d64f3ba-f112-4efe-a02e-96680859937c} - KB918899
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5b7bf89d-d196-4c32-a303-a57b8ab7f18d} - KB918439
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {96543d59-497a-4801-a1f3-5936aacaf7b1} - Q828750
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {dd772a76-bef3-44d7-8b39-502c8504c1f1} - KB925486
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {eddbec60-89cb-44ef-8291-0850fd28ff6a} - Q832894
ActiveX: {f15ee071-deb7-4cbb-951f-431c98338d8e} - KB911567
ActiveX: {F5776D81-AE53-4935-8E84-B0B283D8BCEF} - Q330994
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - C:\WINDOWS\System32\LCodcCMP.dll (LEAD Technologies, Inc.)

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/10/17 07:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2010/10/17 07:05:05 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/10/16 23:31:28 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2010/10/15 03:06:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Bleeping Computers Logs
[2010/10/13 21:52:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\WinPatrol
[2010/10/13 21:51:50 | 000,000,000 | ---D | C] -- C:\Program Files\BillP Studios
[2010/10/12 23:57:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/10/12 23:17:38 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2010/10/12 23:17:37 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2010/10/12 23:17:35 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2010/10/12 23:17:28 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2010/10/12 23:17:27 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2010/10/12 23:17:25 | 000,019,455 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys
[2010/10/12 23:17:17 | 000,012,063 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys
[2010/10/12 23:17:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2010/10/12 23:16:34 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiacpi.sys
[2010/10/12 23:16:28 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2010/10/12 23:16:27 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2010/10/12 23:16:13 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2010/10/12 23:16:08 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2010/10/12 23:16:03 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys
[2010/10/12 23:16:01 | 000,023,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys
[2010/10/12 23:16:00 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2010/10/12 23:16:00 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys
[2010/10/12 23:15:54 | 000,033,599 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys
[2010/10/12 23:15:53 | 000,019,551 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys
[2010/10/12 23:15:51 | 000,029,311 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys
[2010/10/12 23:15:49 | 000,011,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys
[2010/10/12 23:15:47 | 000,012,127 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys
[2010/10/12 23:15:46 | 000,012,415 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys
[2010/10/12 23:15:44 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2010/10/12 23:15:43 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2010/10/12 23:15:43 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2010/10/12 23:15:41 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2010/10/12 23:15:39 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2010/10/12 23:15:37 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2010/10/12 23:15:35 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2010/10/12 23:15:34 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys
[2010/10/12 23:15:26 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2010/10/12 23:15:24 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2010/10/12 23:15:22 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2010/10/12 23:15:21 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2010/10/12 23:15:18 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2010/10/12 23:15:18 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2010/10/12 23:15:17 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2010/10/12 23:15:16 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2010/10/12 23:15:08 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2010/10/12 23:15:04 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll
[2010/10/12 23:15:04 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2010/10/12 23:15:04 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2010/10/12 23:15:03 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll
[2010/10/12 23:15:03 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2010/10/12 23:15:02 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2010/10/12 23:15:02 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2010/10/12 23:15:01 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2010/10/12 23:15:01 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2010/10/12 23:15:00 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2010/10/12 23:14:59 | 000,036,736 | ---- | C] (Promise Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ultra.sys
[2010/10/12 23:14:58 | 000,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys
[2010/10/12 23:14:54 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2010/10/12 23:14:54 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2010/10/12 23:14:53 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2010/10/12 23:14:53 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2010/10/12 23:14:52 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2010/10/12 23:14:52 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2010/10/12 23:14:50 | 000,042,496 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll
[2010/10/12 23:14:50 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys
[2010/10/12 23:14:49 | 000,082,944 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4mon.exe
[2010/10/12 23:14:48 | 000,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll
[2010/10/12 23:14:47 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\toside.sys
[2010/10/12 23:14:46 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys
[2010/10/12 23:14:46 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys
[2010/10/12 23:14:45 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys
[2010/10/12 23:14:44 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2010/10/12 23:14:42 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2010/10/12 23:14:42 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2010/10/12 23:14:40 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2010/10/12 23:14:38 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2010/10/12 23:14:38 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2010/10/12 23:14:35 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys
[2010/10/12 23:14:33 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2010/10/12 23:14:33 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2010/10/12 23:14:32 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2010/10/12 23:14:28 | 000,032,640 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\symc8xx.sys
[2010/10/12 23:14:27 | 000,030,688 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_u3.sys
[2010/10/12 23:14:27 | 000,016,256 | ---- | C] (Symbios Logic Inc.) -- C:\WINDOWS\System32\dllcache\symc810.sys
[2010/10/12 23:14:26 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2010/10/12 23:14:26 | 000,028,384 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_hi.sys
[2010/10/12 23:14:25 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2010/10/12 23:14:25 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2010/10/12 23:14:25 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2010/10/12 23:14:24 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2010/10/12 23:14:24 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2010/10/12 23:14:23 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2010/10/12 23:14:21 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2010/10/12 23:14:21 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2010/10/12 23:14:20 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2010/10/12 23:14:19 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2010/10/12 23:14:16 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2010/10/12 23:14:15 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2010/10/12 23:14:12 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2010/10/12 23:14:09 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2010/10/12 23:14:08 | 000,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2010/10/12 23:14:08 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2010/10/12 23:14:07 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2010/10/12 23:14:06 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll
[2010/10/12 23:14:06 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys
[2010/10/12 23:14:05 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys
[2010/10/12 23:14:05 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2010/10/12 23:14:03 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys
[2010/10/12 23:14:02 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2010/10/12 23:13:55 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2010/10/12 23:13:54 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2010/10/12 23:13:53 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2010/10/12 23:13:53 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2010/10/12 23:13:52 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2010/10/12 23:13:52 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys
[2010/10/12 23:13:50 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys
[2010/10/12 23:13:49 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys
[2010/10/12 23:13:48 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll
[2010/10/12 23:13:47 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll
[2010/10/12 23:13:47 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll
[2010/10/12 23:13:45 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll
[2010/10/12 23:13:38 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2010/10/12 23:13:37 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2010/10/12 23:13:37 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2010/10/12 23:13:36 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll
[2010/10/12 23:13:35 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys
[2010/10/12 23:13:34 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2010/10/12 23:13:32 | 000,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll
[2010/10/12 23:13:32 | 000,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll
[2010/10/12 23:13:32 | 000,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys
[2010/10/12 23:13:31 | 000,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys
[2010/10/12 23:13:24 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2010/10/12 23:13:23 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2010/10/12 23:13:23 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2010/10/12 23:13:22 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2010/10/12 23:13:22 | 000,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys
[2010/10/12 23:13:19 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2010/10/12 23:13:18 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys
[2010/10/12 23:13:16 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys
[2010/10/12 23:13:15 | 000,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys
[2010/10/12 23:13:14 | 000,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys
[2010/10/12 23:13:12 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2010/10/12 23:13:12 | 000,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys
[2010/10/12 23:13:11 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2010/10/12 23:13:10 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2010/10/12 23:13:08 | 000,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll
[2010/10/12 23:13:08 | 000,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys
[2010/10/12 23:13:05 | 000,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll
[2010/10/12 23:13:05 | 000,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys
[2010/10/12 23:13:04 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2010/10/12 23:13:04 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2010/10/12 23:13:03 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2010/10/12 23:13:03 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2010/10/12 23:13:02 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2010/10/12 23:13:02 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2010/10/12 23:13:01 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2010/10/12 23:13:01 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2010/10/12 23:13:00 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2010/10/12 23:13:00 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2010/10/12 23:12:59 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2010/10/12 23:12:58 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2010/10/12 23:12:56 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2010/10/12 23:12:55 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2010/10/12 23:12:52 | 000,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys
[2010/10/12 23:12:52 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2010/10/12 23:12:49 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2010/10/12 23:12:48 | 000,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys
[2010/10/12 23:12:45 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2010/10/12 23:12:44 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2010/10/12 23:12:43 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2010/10/12 23:12:34 | 000,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys
[2010/10/12 23:12:32 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2010/10/12 23:12:31 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2010/10/12 23:12:31 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2010/10/12 23:12:30 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[2010/10/12 23:12:26 | 000,049,024 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1280.sys
[2010/10/12 23:12:26 | 000,045,312 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql12160.sys
[2010/10/12 23:12:26 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql1240.sys
[2010/10/12 23:12:25 | 000,040,320 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1080.sys
[2010/10/12 23:12:25 | 000,033,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql10wnt.sys
[2010/10/12 23:12:23 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys
[2010/10/12 23:12:21 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2010/10/12 23:12:21 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2010/10/12 23:12:20 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2010/10/12 23:12:19 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll
[2010/10/12 23:12:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll
[2010/10/12 23:12:18 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll
[2010/10/12 23:12:17 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2010/10/12 23:12:13 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys
[2010/10/12 23:12:12 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys
[2010/10/12 23:12:11 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys
[2010/10/12 23:12:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys
[2010/10/12 23:12:06 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll
[2010/10/12 23:12:05 | 000,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys
[2010/10/12 23:12:04 | 000,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys
[2010/10/12 23:12:04 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys
[2010/10/12 23:12:04 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys
[2010/10/12 23:12:03 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax
[2010/10/12 23:12:03 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll
[2010/10/12 23:12:02 | 000,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll
[2010/10/12 23:12:00 | 000,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys
[2010/10/12 23:11:59 | 000,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll
[2010/10/12 23:11:58 | 000,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys
[2010/10/12 23:11:57 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2hib.sys
[2010/10/12 23:11:56 | 000,027,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2.sys
[2010/10/12 23:11:54 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2010/10/12 23:11:54 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2010/10/12 23:11:54 | 000,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys
[2010/10/12 23:11:53 | 000,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[2010/10/12 23:11:53 | 000,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys
[2010/10/12 23:11:52 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2010/10/12 23:11:50 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2010/10/12 23:11:49 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2010/10/12 23:11:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010/10/12 23:11:46 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll
[2010/10/12 23:11:45 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll
[2010/10/12 23:11:45 | 000,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys
[2010/10/12 23:11:44 | 000,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys
[2010/10/12 23:11:44 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe
[2010/10/12 23:11:44 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll
[2010/10/12 23:11:43 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll
[2010/10/12 23:11:43 | 000,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys
[2010/10/12 23:11:42 | 000,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys
[2010/10/12 23:11:42 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys
[2010/10/12 23:11:41 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2010/10/12 23:11:41 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys
[2010/10/12 23:11:40 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2010/10/12 23:11:40 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2010/10/12 23:11:39 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2010/10/12 23:11:35 | 000,061,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ohci1394.sys
[2010/10/12 23:11:29 | 000,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys
[2010/10/12 23:11:29 | 000,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll
[2010/10/12 23:11:22 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2010/10/12 23:11:21 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys
[2010/10/12 23:11:20 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys
[2010/10/12 23:11:19 | 000,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys
[2010/10/12 23:11:16 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2010/10/12 23:11:16 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2010/10/12 23:11:14 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2010/10/12 23:11:13 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2010/10/12 23:11:10 | 000,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys
[2010/10/12 23:11:08 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2010/10/12 23:11:08 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2010/10/12 23:11:07 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys
[2010/10/12 23:11:03 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2010/10/12 23:11:02 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2010/10/12 23:11:02 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2010/10/12 23:11:01 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2010/10/12 23:11:01 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2010/10/12 23:11:00 | 000,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys
[2010/10/12 23:11:00 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2010/10/12 23:10:59 | 000,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys
[2010/10/12 23:10:58 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2010/10/12 23:10:58 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2010/10/12 23:10:57 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2010/10/12 23:10:57 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2010/10/12 23:10:56 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2010/10/12 23:10:55 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2010/10/12 23:10:44 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2010/10/12 23:10:41 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys
[2010/10/12 23:10:35 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmpu401.sys
[2010/10/12 23:10:32 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys
[2010/10/12 23:10:31 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010/10/12 23:10:31 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010/10/12 23:10:24 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys
[2010/10/12 23:10:23 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys
[2010/10/12 23:10:16 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2010/10/12 23:10:12 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2010/10/12 23:10:11 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys
[2010/10/12 23:10:06 | 000,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys
[2010/10/12 23:10:02 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys
[2010/10/12 23:10:02 | 000,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll
[2010/10/12 23:10:00 | 000,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys
[2010/10/12 23:09:59 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll
[2010/10/12 23:09:59 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys
[2010/10/12 23:09:58 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2010/10/12 23:09:55 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys
[2010/10/12 23:09:54 | 000,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys
[2010/10/12 23:09:53 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll
[2010/10/12 23:09:53 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll
[2010/10/12 23:09:52 | 000,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys
[2010/10/12 23:09:51 | 000,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys
[2010/10/12 23:09:50 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2010/10/12 23:09:49 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2010/10/12 23:09:48 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys
[2010/10/12 23:09:47 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2010/10/12 23:09:47 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2010/10/12 23:09:46 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2010/10/12 23:09:45 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2010/10/12 23:09:43 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys
[2010/10/12 23:09:40 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2010/10/12 23:09:40 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2010/10/12 23:09:39 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2010/10/12 23:09:38 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2010/10/12 23:09:37 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2010/10/12 23:09:36 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2010/10/12 23:09:35 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2010/10/12 23:09:33 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2010/10/12 23:09:32 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010/10/12 23:09:30 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll
[2010/10/12 23:09:30 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll
[2010/10/12 23:09:14 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2010/10/12 23:09:01 | 000,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys
[2010/10/12 23:09:01 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2010/10/12 23:09:00 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll
[2010/10/12 23:08:59 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2010/10/12 23:08:59 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2010/10/12 23:08:58 | 000,088,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys
[2010/10/12 23:08:53 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2010/10/12 23:08:52 | 000,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll
[2010/10/12 23:08:52 | 000,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys
[2010/10/12 23:08:50 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ini910u.sys
[2010/10/12 23:08:50 | 000,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys
[2010/10/12 23:08:46 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010/10/12 23:08:42 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe

File to large will send half on this post.Hope thats OK



#5 lostkause

lostkause
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:19 PM

Posted 17 October 2010 - 07:33 AM

Other half of First log.
[2010/10/12 23:08:34 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2010/10/12 23:08:33 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys
[2010/10/12 23:08:33 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll
[2010/10/12 23:08:32 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2010/10/12 23:08:32 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll
[2010/10/12 23:08:31 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2010/10/12 23:08:31 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2010/10/12 23:08:30 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2010/10/12 23:08:30 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2010/10/12 23:08:29 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys
[2010/10/12 23:08:29 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2010/10/12 23:08:28 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys
[2010/10/12 23:08:28 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys
[2010/10/12 23:08:28 | 000,009,216 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[2010/10/12 23:08:25 | 000,702,845 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll
[2010/10/12 23:08:25 | 000,161,020 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys
[2010/10/12 23:08:24 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll
[2010/10/12 23:08:24 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys
[2010/10/12 23:08:23 | 000,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omp.sys
[2010/10/12 23:08:22 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2010/10/12 23:08:21 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010/10/12 23:08:15 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010/10/12 23:08:13 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys
[2010/10/12 23:08:13 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys
[2010/10/12 23:08:12 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys
[2010/10/12 23:08:12 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys
[2010/10/12 23:08:11 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys
[2010/10/12 23:08:11 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys
[2010/10/12 23:08:10 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys
[2010/10/12 23:08:10 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll
[2010/10/12 23:08:09 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys
[2010/10/12 23:08:09 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys
[2010/10/12 23:08:08 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys
[2010/10/12 23:08:08 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys
[2010/10/12 23:08:07 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys
[2010/10/12 23:08:06 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2010/10/12 23:08:06 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2010/10/12 23:08:05 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2010/10/12 23:08:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2010/10/12 23:08:04 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2010/10/12 23:08:04 | 000,025,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpn.sys
[2010/10/12 23:08:03 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2010/10/12 23:08:03 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2010/10/12 23:08:02 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2010/10/12 23:08:01 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2010/10/12 23:08:00 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2010/10/12 23:07:59 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2010/10/12 23:07:56 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2010/10/12 23:07:56 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2010/10/12 23:07:55 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2010/10/12 23:07:54 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2010/10/12 23:07:52 | 000,907,456 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys
[2010/10/12 23:07:51 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010/10/12 23:07:49 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2010/10/12 23:07:48 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2010/10/12 23:07:48 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2010/10/12 23:07:45 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys
[2010/10/12 23:07:44 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys
[2010/10/12 23:07:44 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2010/10/12 23:07:43 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll
[2010/10/12 23:07:42 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll
[2010/10/12 23:07:42 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys
[2010/10/12 23:07:41 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2010/10/12 23:07:37 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2010/10/12 23:07:37 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2010/10/12 23:07:36 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2010/10/12 23:07:34 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2010/10/12 23:07:33 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2010/10/12 23:07:33 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2010/10/12 23:07:30 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2010/10/12 23:07:29 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2010/10/12 23:07:26 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2010/10/12 23:07:25 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys
[2010/10/12 23:07:23 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2010/10/12 23:07:23 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys
[2010/10/12 23:07:22 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2010/10/12 23:07:21 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2010/10/12 23:07:19 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys
[2010/10/12 23:07:19 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2010/10/12 23:07:16 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2010/10/12 23:07:15 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2010/10/12 23:07:14 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2010/10/12 23:07:13 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys
[2010/10/12 23:07:13 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2010/10/12 23:07:12 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2010/10/12 23:07:11 | 000,347,550 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2010/10/12 23:07:10 | 000,595,647 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2010/10/12 23:07:10 | 000,594,238 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys
[2010/10/12 23:07:09 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2010/10/12 23:07:09 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2010/10/12 23:07:09 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2010/10/12 23:07:08 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2010/10/12 23:07:07 | 000,061,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2010/10/12 23:07:07 | 000,051,200 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2010/10/12 23:07:06 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2010/10/12 23:07:06 | 000,053,248 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2010/10/12 23:07:05 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2010/10/12 23:07:05 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2010/10/12 23:07:04 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2010/10/12 23:07:04 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\enum1394.sys
[2010/10/12 23:07:03 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys
[2010/10/12 23:07:02 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2010/10/12 23:07:01 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2010/10/12 23:07:01 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2010/10/12 23:07:00 | 000,171,520 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2010/10/12 23:07:00 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2010/10/12 23:06:59 | 000,455,199 | ---- | C] (3Com Corporation.) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2010/10/12 23:06:59 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2010/10/12 23:06:58 | 000,241,206 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2010/10/12 23:06:58 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2010/10/12 23:06:57 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2010/10/12 23:06:56 | 000,634,134 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2010/10/12 23:06:56 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2010/10/12 23:06:55 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2010/10/12 23:06:54 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2010/10/12 23:06:54 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2010/10/12 23:06:53 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2010/10/12 23:06:53 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2010/10/12 23:06:51 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2010/10/12 23:06:50 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100b325.sys
[2010/10/12 23:06:50 | 000,050,719 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2010/10/12 23:06:44 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2010/10/12 23:06:43 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2010/10/12 23:06:41 | 000,020,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpti2o.sys
[2010/10/12 23:06:38 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2010/10/12 23:06:37 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2010/10/12 23:06:37 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2010/10/12 23:06:37 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2010/10/12 23:06:36 | 000,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys
[2010/10/12 23:06:30 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2010/10/12 23:06:30 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2010/10/12 23:06:29 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2010/10/12 23:06:29 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2010/10/12 23:06:27 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2010/10/12 23:06:26 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2010/10/12 23:06:26 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2010/10/12 23:06:25 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2010/10/12 23:06:23 | 000,614,429 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2010/10/12 23:06:23 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2010/10/12 23:06:22 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2010/10/12 23:06:22 | 000,042,432 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2010/10/12 23:06:22 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2010/10/12 23:06:21 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2010/10/12 23:06:21 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2010/10/12 23:06:20 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2010/10/12 23:06:20 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2010/10/12 23:06:19 | 000,103,044 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2010/10/12 23:06:19 | 000,090,525 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2010/10/12 23:06:18 | 000,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2010/10/12 23:06:18 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2010/10/12 23:06:18 | 000,037,735 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2010/10/12 23:06:15 | 000,419,357 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2010/10/12 23:06:15 | 000,029,531 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2010/10/12 23:06:14 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2010/10/12 23:06:13 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2010/10/12 23:06:12 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll
[2010/10/12 23:06:12 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe
[2010/10/12 23:06:11 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2010/10/12 23:06:10 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2010/10/12 23:06:09 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2010/10/12 23:06:08 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2010/10/12 23:06:08 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2010/10/12 23:06:08 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2010/10/12 23:06:07 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2010/10/12 23:06:05 | 000,179,584 | ---- | C] (Mylex Corporation) -- C:\WINDOWS\System32\dllcache\dac2w2k.sys
[2010/10/12 23:06:05 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dac960nt.sys
[2010/10/12 23:06:02 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2010/10/12 23:06:02 | 000,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2010/10/12 23:06:02 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2010/10/12 23:06:01 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2010/10/12 23:06:01 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2010/10/12 23:06:00 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2010/10/12 23:06:00 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2010/10/12 23:05:59 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2010/10/12 23:05:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2010/10/12 23:05:58 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2010/10/12 23:05:58 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2010/10/12 23:05:58 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2010/10/12 23:05:57 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2010/10/12 23:05:57 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2010/10/12 23:05:56 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2010/10/12 23:05:56 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2010/10/12 23:05:55 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll
[2010/10/12 23:05:54 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2010/10/12 23:05:54 | 000,096,256 | ---- | C] (Copyright © Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2010/10/12 23:05:53 | 000,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys
[2010/10/12 23:05:53 | 000,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2010/10/12 23:05:51 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll
[2010/10/12 23:05:51 | 000,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2010/10/12 23:05:50 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2010/10/12 23:05:49 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2010/10/12 23:05:49 | 000,021,533 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2010/10/12 23:05:48 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cpqarray.sys
[2010/10/12 23:05:44 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compbatt.sys
[2010/10/12 23:05:43 | 000,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2010/10/12 23:05:42 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2010/10/12 23:05:40 | 000,006,656 | ---- | C] (CMD Technology, Inc.) -- C:\WINDOWS\System32\dllcache\cmdide.sys
[2010/10/12 23:05:39 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2010/10/12 23:05:39 | 000,013,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmbatt.sys
[2010/10/12 23:05:37 | 000,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2010/10/12 23:05:37 | 000,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2010/10/12 23:05:36 | 000,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2010/10/12 23:05:36 | 000,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2010/10/12 23:05:35 | 000,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2010/10/12 23:05:34 | 000,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2010/10/12 23:05:33 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2010/10/12 23:05:32 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010/10/12 23:05:31 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010/10/12 23:05:29 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2010/10/12 23:05:27 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2010/10/12 23:05:26 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2010/10/12 23:05:26 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2010/10/12 23:05:26 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2010/10/12 23:05:25 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2010/10/12 23:05:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cd20xrnt.sys
[2010/10/12 23:05:22 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2010/10/12 23:05:22 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2010/10/12 23:05:21 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2010/10/12 23:05:21 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2010/10/12 23:05:20 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2010/10/12 23:05:19 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2010/10/12 23:05:18 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2010/10/12 23:05:17 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2010/10/12 23:05:17 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2010/10/12 23:05:16 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2010/10/12 23:05:16 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2010/10/12 23:05:15 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2010/10/12 23:05:15 | 000,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2010/10/12 23:05:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2010/10/12 23:05:14 | 000,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2010/10/12 23:04:49 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2010/10/12 23:04:47 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2010/10/12 23:04:47 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2010/10/12 23:04:46 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2010/10/12 23:04:46 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2010/10/12 23:04:45 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2010/10/12 23:04:45 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2010/10/12 23:04:44 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2010/10/12 23:04:42 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2010/10/12 23:04:41 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2010/10/12 23:04:40 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2010/10/12 23:04:40 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2010/10/12 23:04:39 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2010/10/12 23:04:39 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2010/10/12 23:04:38 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2010/10/12 23:04:37 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2010/10/12 23:04:37 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2010/10/12 23:04:36 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2010/10/12 23:04:36 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2010/10/12 23:04:35 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2010/10/12 23:04:33 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2010/10/12 23:04:32 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2010/10/12 23:04:32 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2010/10/12 23:04:31 | 000,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys
[2010/10/12 23:04:31 | 000,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys
[2010/10/12 23:04:29 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2010/10/12 23:04:29 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\battc.sys
[2010/10/12 23:04:28 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2010/10/12 23:04:27 | 000,096,640 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys
[2010/10/12 23:04:27 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2010/10/12 23:04:27 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2010/10/12 23:04:26 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2010/10/12 23:04:25 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2010/10/12 23:04:25 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2010/10/12 23:04:23 | 000,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2010/10/12 23:04:23 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2010/10/12 23:04:22 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2010/10/12 23:04:14 | 000,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll
[2010/10/12 23:04:14 | 000,070,528 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys
[2010/10/12 23:04:11 | 000,281,600 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys
[2010/10/12 23:04:11 | 000,075,136 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys
[2010/10/12 23:04:10 | 000,289,664 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys
[2010/10/12 23:04:10 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2010/10/12 23:04:09 | 000,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll
[2010/10/12 23:04:09 | 000,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll
[2010/10/12 23:04:08 | 000,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll
[2010/10/12 23:04:04 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2010/10/12 23:04:03 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2010/10/12 23:04:03 | 000,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2010/10/12 23:04:02 | 000,014,848 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc3550.sys
[2010/10/12 23:04:01 | 000,026,496 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc.sys
[2010/10/12 23:04:01 | 000,022,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asc3350p.sys
[2010/10/12 23:03:59 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2010/10/12 23:03:58 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2010/10/12 23:03:58 | 000,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\amsint.sys
[2010/10/12 23:03:57 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2010/10/12 23:03:56 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys
[2010/10/12 23:03:56 | 000,005,248 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\aliide.sys
[2010/10/12 23:03:55 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys
[2010/10/12 23:03:54 | 000,056,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78xx.sys
[2010/10/12 23:03:54 | 000,055,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78u2.sys
[2010/10/12 23:03:53 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aha154x.sys
[2010/10/12 23:03:46 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2010/10/12 23:03:43 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adpu160m.sys
[2010/10/12 23:03:42 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2010/10/12 23:03:42 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2010/10/12 23:03:41 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2010/10/12 23:03:41 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2010/10/12 23:03:40 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2010/10/12 23:03:40 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2010/10/12 23:03:39 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2010/10/12 23:03:38 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2010/10/12 23:03:37 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2010/10/12 23:03:36 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2010/10/12 23:03:36 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2010/10/12 23:03:35 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2010/10/12 23:03:35 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\abp480n5.sys
[2010/10/12 23:03:34 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2010/10/12 23:03:33 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2010/10/12 23:03:33 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2010/10/12 23:03:32 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2010/10/12 23:03:32 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2010/10/12 23:03:31 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2010/10/12 23:03:31 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2010/10/12 23:03:30 | 000,053,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394bus.sys
[2010/10/12 23:03:30 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2010/10/12 23:03:05 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2010/10/09 13:20:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
[2010/10/09 13:20:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/10/09 13:20:16 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/10/07 20:37:14 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/10/07 20:37:09 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/10/06 18:18:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\CallingID
[2010/10/06 18:18:40 | 000,000,000 | ---D | C] -- C:\Program Files\ISSThirdParty
[2010/10/06 18:18:08 | 000,201,968 | ---- | C] (CA, Inc.) -- C:\WINDOWS\System32\Isafprod.dll
[2010/10/06 18:18:08 | 000,128,240 | ---- | C] (Computer Associates International, Inc.) -- C:\WINDOWS\System32\Isafeif.dll
[2010/10/06 18:18:08 | 000,095,472 | ---- | C] (Computer Associates International, Inc.) -- C:\WINDOWS\System32\Vetredir.dll
[2010/10/06 18:11:45 | 000,000,000 | ---D | C] -- C:\Program Files\CleanUp!
[2010/10/06 18:03:29 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up
[2010/10/06 18:00:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/10/06 03:49:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/06 03:04:46 | 000,000,000 | ---D | C] -- C:\56c555895b0a84483b61a2eb84dc4f
[2010/10/05 17:47:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/10/05 16:36:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Downloads
[2010/10/05 16:06:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/10/05 16:05:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1053378324
[2010/10/05 16:05:39 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/10/04 16:33:37 | 000,000,000 | ---D | C] -- C:\RECYCLER(2)
[2010/10/04 14:39:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/10/04 13:37:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8(2)
[2010/10/04 10:27:42 | 000,272,888 | ---- | C] (CA) -- C:\WINDOWS\System32\UmxSbxw.dll
[2010/10/04 10:27:42 | 000,113,144 | ---- | C] (CA) -- C:\WINDOWS\System32\UmxSbxExw.dll
[2010/10/04 07:57:31 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/10/04 06:20:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2010/10/03 22:26:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware(2)
[2010/10/03 19:01:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/10/03 15:43:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010/10/01 09:34:34 | 000,000,000 | ---D | C] -- C:\Program Files\CA
[2010/10/01 09:07:14 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Owner\DesktopWinsockxpFix.exe
[2010/10/01 09:07:12 | 000,186,368 | ---- | C] (CEXX.ORG) -- C:\Documents and Settings\Owner\DesktopLSPFix.exe
[2010/10/01 09:07:12 | 000,036,864 | ---- | C] (Rock Systems & Development) -- C:\Documents and Settings\Owner\DesktopSafeMSI.exe
[2010/10/01 09:04:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winsflte.dl1
[2010/10/01 09:04:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winsflt.dl1
[2010/10/01 08:58:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge

========== Files - Modified Within 30 Days ==========

[2010/10/17 07:34:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/17 07:25:11 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1861399033-1312079479-937536695-1003.job
[2010/10/17 07:25:11 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1861399033-1312079479-937536695-1003.job
[2010/10/17 05:31:01 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/17 05:06:35 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/17 05:06:14 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-18.job
[2010/10/17 05:06:13 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1861399033-1312079479-937536695-500.job
[2010/10/17 05:06:10 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/10/17 05:05:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/17 05:05:41 | 1601,753,088 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/17 05:04:57 | 000,986,236 | ---- | M] () -- C:\WINDOWS\System32\drivers\KmxAgent.asc
[2010/10/17 05:04:57 | 000,895,465 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k1
[2010/10/17 05:04:57 | 000,010,433 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k0
[2010/10/17 05:04:57 | 000,000,289 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k2
[2010/10/17 05:04:57 | 000,000,277 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k2
[2010/10/17 05:04:57 | 000,000,277 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k1
[2010/10/17 05:04:57 | 000,000,277 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k0
[2010/10/17 05:04:57 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k7
[2010/10/17 05:04:57 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k6
[2010/10/17 05:04:57 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k5
[2010/10/17 05:04:57 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k4
[2010/10/17 05:04:57 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k3
[2010/10/17 05:04:57 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k7
[2010/10/17 05:04:57 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k6
[2010/10/17 05:04:57 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k5
[2010/10/17 05:04:57 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k4
[2010/10/17 05:04:57 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k3
[2010/10/17 00:12:02 | 000,313,176 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/15 22:24:46 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/10/15 22:10:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/10/14 19:59:57 | 000,000,832 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\mainhst.zgh
[2010/10/14 19:47:39 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\defogger_reenable
[2010/10/13 23:07:39 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/10/11 09:48:00 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1861399033-1312079479-937536695-500.job
[2010/10/11 08:38:37 | 000,000,384 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2010/10/10 22:02:28 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/10/10 13:11:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-18.job
[2010/10/09 20:34:30 | 000,000,589 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2010/10/07 20:37:19 | 000,000,704 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/07 19:50:57 | 000,001,588 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\LimeWire 5.5.16.lnk
[2010/10/07 17:46:00 | 000,000,249 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2010/10/05 17:12:10 | 000,475,506 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/05 17:12:10 | 000,084,944 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/04 15:19:52 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/10/04 07:10:26 | 000,001,600 | ---- | M] () -- C:\WINDOWS\System32\.crusader
[2010/10/01 09:07:14 | 001,445,888 | ---- | M] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Owner\DesktopWinsockxpFix.exe
[2010/10/01 09:07:12 | 000,186,368 | ---- | M] (CEXX.ORG) -- C:\Documents and Settings\Owner\DesktopLSPFix.exe
[2010/10/01 09:07:12 | 000,036,864 | ---- | M] (Rock Systems & Development) -- C:\Documents and Settings\Owner\DesktopSafeMSI.exe
[2010/10/01 09:03:17 | 000,000,227 | ---- | M] () -- C:\WINDOWS\SYSTEM.UNV
[2010/09/30 11:21:33 | 000,000,007 | ---- | M] () -- C:\WINDOWS\System32\mkghj.dll
[2010/09/18 12:23:26 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc42u.dll
[2010/09/18 12:23:26 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42u.dll
[2010/09/18 02:53:25 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc42.dll
[2010/09/18 02:53:25 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2010/09/18 02:53:25 | 000,954,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc40.dll
[2010/09/18 02:53:25 | 000,954,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40.dll
[2010/09/18 02:53:25 | 000,953,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc40u.dll
[2010/09/18 02:53:25 | 000,953,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll

========== Files Created - No Company Name ==========

[2010/10/17 02:44:37 | 1601,753,088 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/15 22:24:46 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/10/14 19:47:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\defogger_reenable
[2010/10/12 23:17:36 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2010/10/12 23:17:35 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2010/10/12 23:09:33 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/10/12 23:08:41 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/10/12 23:08:03 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2010/10/12 23:08:02 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2010/10/12 23:08:01 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2010/10/12 23:08:00 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2010/10/12 23:07:59 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2010/10/12 23:07:51 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/10/12 23:06:28 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2010/10/12 23:06:28 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2010/10/12 23:06:27 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2010/10/12 23:04:18 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2010/10/12 23:04:18 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2010/10/12 23:04:17 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2010/10/12 23:04:17 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2010/10/12 23:04:16 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2010/10/12 23:04:16 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2010/10/12 23:04:15 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2010/10/12 23:04:15 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2010/10/12 23:04:13 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2010/10/12 23:04:08 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2010/10/11 08:38:36 | 000,000,384 | ---- | C] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2010/10/07 20:37:19 | 000,000,704 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/07 19:50:57 | 000,001,588 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\LimeWire 5.5.16.lnk
[2010/10/06 18:22:39 | 000,895,465 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k1
[2010/10/06 18:22:39 | 000,010,433 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k0
[2010/10/06 18:22:39 | 000,000,289 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k2
[2010/10/06 18:22:39 | 000,000,277 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k2
[2010/10/06 18:22:39 | 000,000,277 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k1
[2010/10/06 18:22:39 | 000,000,277 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k0
[2010/10/06 18:22:39 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k7
[2010/10/06 18:22:39 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k6
[2010/10/06 18:22:39 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k5
[2010/10/06 18:22:39 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k4
[2010/10/06 18:22:39 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k3
[2010/10/06 18:22:39 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k7
[2010/10/06 18:22:39 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k6
[2010/10/06 18:22:39 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k5
[2010/10/06 18:22:39 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k4
[2010/10/06 18:22:39 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k3
[2010/10/06 06:30:45 | 000,000,195 | ---- | C] () -- C:\Documents and Settings\Owner\mbr.log
[2010/10/04 15:29:27 | 000,000,868 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/10/04 09:48:51 | 000,000,302 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1861399033-1312079479-937536695-500.job
[2010/10/04 09:48:51 | 000,000,294 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1861399033-1312079479-937536695-500.job
[2010/10/04 07:10:26 | 000,001,600 | ---- | C] () -- C:\WINDOWS\System32\.crusader
[2010/10/01 21:03:51 | 000,986,236 | ---- | C] () -- C:\WINDOWS\System32\drivers\KmxAgent.asc
[2010/09/30 11:21:33 | 000,000,007 | ---- | C] () -- C:\WINDOWS\System32\mkghj.dll
[2010/09/08 00:46:56 | 000,000,832 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\mainhst.zgh
[2009/06/23 05:59:19 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009/06/23 05:49:06 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009/05/10 19:03:59 | 000,005,077 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\vjgbkfiu.iik
[2008/08/04 08:57:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2008/07/22 12:14:03 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ZipDll.dll
[2008/07/22 12:14:03 | 000,115,712 | ---- | C] () -- C:\WINDOWS\System32\UnzDll.dll
[2008/07/22 12:14:03 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\UNRAR.DLL
[2008/04/19 09:17:11 | 000,000,110 | ---- | C] () -- C:\WINDOWS\System32\SDEarlyDelete.ini
[2007/11/25 18:23:51 | 000,000,070 | ---- | C] () -- C:\WINDOWS\mmpoly.ini
[2007/11/25 16:20:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MessageExe.INI
[2007/11/25 16:14:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PhoneBkExe.INI
[2007/11/25 16:10:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PanelExe.INI
[2007/11/24 21:29:48 | 000,000,019 | ---- | C] () -- C:\WINDOWS\info9.ini
[2007/11/24 21:29:48 | 000,000,019 | ---- | C] () -- C:\WINDOWS\info7.ini
[2007/11/24 21:29:48 | 000,000,019 | ---- | C] () -- C:\WINDOWS\info3.ini
[2007/06/15 19:09:15 | 000,001,152 | ---- | C] () -- C:\WINDOWS\System32\windrv.sys
[2007/06/15 18:52:09 | 000,003,694 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Svclog.log
[2007/06/12 19:42:59 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/01/14 05:39:59 | 000,000,060 | ---- | C] () -- C:\WINDOWS\System32\AURTDIONOCVE.DLL
[2007/01/14 03:41:07 | 000,000,086 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/01/14 01:25:44 | 000,000,037 | ---- | C] () -- C:\WINDOWS\System32\sysmwwod.dll
[2007/01/14 01:14:09 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2006/12/24 11:14:42 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini
[2006/12/24 11:14:26 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\mshrml.ini
[2006/12/24 11:12:41 | 000,001,184 | ---- | C] () -- C:\WINDOWS\System32\imbrmute.ini
[2006/12/22 22:32:22 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBMLCNP.DLL
[2006/12/22 22:32:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbmvs.dll
[2006/12/22 22:31:39 | 000,000,187 | ---- | C] () -- C:\WINDOWS\System32\lxbmcoin.ini
[2006/12/22 19:19:12 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/12/22 19:19:12 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/12/22 19:19:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/12/22 19:19:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/12/22 19:19:12 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/12/22 19:19:12 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/11/06 18:09:03 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll
[2006/11/06 18:09:02 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll
[2006/08/12 13:19:03 | 000,000,067 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\photoshow_deluxe_setup[1].txt
[2006/07/01 23:45:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pestpatrol5.INI
[2006/06/13 19:08:04 | 000,000,391 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2006/01/23 01:23:33 | 000,000,100 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/03/03 20:39:42 | 000,009,255 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2005/03/03 20:39:40 | 001,317,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\lvcm.sys
[2004/11/10 21:45:34 | 000,000,110 | ---- | C] () -- C:\WINDOWS\winhelp.ini
[2004/11/10 21:31:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2004/11/09 20:08:06 | 024,096,506 | ---- | C] () -- C:\Program Files\filesys.dat
[2004/10/25 21:06:59 | 000,000,098 | ---- | C] () -- C:\WINDOWS\7thlevel.ini
[2004/10/23 16:31:10 | 000,000,179 | ---- | C] () -- C:\WINDOWS\speakit.ini
[2004/10/13 20:38:24 | 000,000,205 | ---- | C] () -- C:\Program Files\install_wizard.log
[2004/10/13 19:30:41 | 000,009,982 | ---- | C] () -- C:\Program Files\install_status.log
[2004/10/01 15:18:54 | 000,000,235 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\devices.xml
[2004/10/01 15:18:54 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\settings.xml
[2004/09/22 17:00:15 | 000,001,628 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/09/22 16:59:05 | 000,000,045 | ---- | C] () -- C:\WINDOWS\FEGHMMN.ini
[2004/09/14 14:12:12 | 000,000,067 | ---- | C] () -- C:\WINDOWS\AVIConverter.INI
[2004/09/12 13:23:07 | 000,000,190 | ---- | C] () -- C:\WINDOWS\KA.INI
[2004/09/02 16:02:51 | 000,000,067 | ---- | C] () -- C:\WINDOWS\Smart DVD Ripper.INI
[2004/09/02 15:54:53 | 000,000,040 | ---- | C] () -- C:\WINDOWS\xdvdripper.ini
[2004/08/26 22:43:10 | 000,000,067 | ---- | C] () -- C:\WINDOWS\#1 DVD Ripper.INI
[2004/07/26 21:33:09 | 000,211,968 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/07/25 19:56:20 | 000,000,589 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2004/07/18 16:18:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSREGUSR.INI
[2004/07/18 14:44:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2004/04/03 02:35:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2004/04/03 02:35:48 | 000,000,451 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2004/04/02 22:57:39 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/04/02 19:08:49 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2004/04/02 19:08:20 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/04/02 19:08:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2004/04/02 19:06:34 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2004/04/02 19:03:06 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\PCDrJNI_1_1.dll
[2004/04/02 18:47:59 | 000,027,754 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2004/04/02 18:47:19 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2004/04/02 18:31:02 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/04/02 18:22:10 | 000,000,915 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2004/04/02 17:40:20 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/04/02 17:04:42 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/04/02 16:54:44 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2004/04/02 16:54:44 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2004/04/02 16:54:16 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2004/04/02 15:59:40 | 000,000,802 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/04/02 14:42:06 | 000,000,553 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/04/02 07:46:51 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2000/10/08 08:05:04 | 000,002,752 | ---- | C] () -- C:\Program Files\CLASS.NFO
[2000/10/08 08:04:48 | 000,000,335 | ---- | C] () -- C:\Program Files\FILE_ID.DIZ
[2000/10/08 08:02:44 | 001,274,407 | ---- | C] () -- C:\Program Files\CLS-BZLY.C24
[2000/10/08 08:02:42 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C23
[2000/10/08 08:02:32 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C22
[2000/10/08 08:02:12 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C21
[2000/10/08 08:01:44 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C20
[2000/10/08 08:01:08 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C19
[2000/10/08 08:00:34 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C18
[2000/10/08 07:59:54 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C17
[2000/10/08 07:59:28 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C16
[2000/10/08 07:59:20 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C15
[2000/10/08 07:59:12 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C14
[2000/10/08 07:59:06 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C13
[2000/10/08 07:59:00 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C12
[2000/10/08 07:58:54 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C11
[2000/10/08 07:58:48 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C10
[2000/10/08 07:58:44 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C09
[2000/10/08 07:58:38 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C08
[2000/10/08 07:58:30 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C07
[2000/10/08 07:58:24 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C06
[2000/10/08 07:58:20 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C05
[2000/10/08 07:58:14 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C04
[2000/10/08 07:58:08 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C03
[2000/10/08 07:58:00 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C02
[2000/10/08 07:57:54 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C01
[2000/10/08 07:57:48 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C00
[2000/10/08 07:57:40 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.ACE
[2000/10/08 02:50:24 | 000,653,471 | ---- | C] () -- C:\Program Files\INSTALL.EXE
[2000/10/07 13:50:02 | 000,003,237 | ---- | C] () -- C:\Program Files\dropzone.nfo
[2000/10/05 00:56:30 | 000,000,897 | ---- | C] () -- C:\Program Files\firesite.nfo
[1999/06/03 23:48:22 | 000,007,496 | ---- | C] () -- C:\Program Files\devotion.nfo
[1999/04/24 19:26:46 | 000,001,317 | ---- | C] () -- C:\Program Files\EchoBase.nfo
[1999/01/22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2006/12/24 01:19:05 | 021,822,168 | ---- | M] ( ) -- C:\AdbeRdr80_en_US.exe
[2006/12/24 01:17:02 | 000,811,560 | ---- | M] (Google) -- C:\GoogleToolbarInstaller_ADBx_en_401019_signed.exe
[2005/10/31 11:56:00 | 000,700,416 | ---- | M] (LimeWire) -- C:\StubInstaller.exe


< MD5 for: EXPLORER.EXE >
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2007/06/13 07:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 06:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004/08/04 03:56:49 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2003/08/16 04:26:42 | 001,004,032 | ---- | M] (Microsoft Corporation) MD5=A82B28BFC2E4455FE43022A498C0EF0A -- C:\WINDOWS\$NtUninstallKB820291$\explorer.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 03:56:57 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2003/08/15 21:51:26 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=2246D8D8F4714A2CEDB21AB9B1849ABB -- C:\WINDOWS\$NtUninstallKB841533$\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/13 20:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2004/04/02 07:45:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/04/02 07:45:02 | 000,602,112 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/04/02 07:45:02 | 000,380,928 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\drivers\*.sys /90 >
[2010/08/26 09:39:50 | 000,357,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\srv.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5F1019FF
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CAAA7DD7

< End of report >

Log #2
OTL Extras logfile created on: 10/17/2010 7:36:59 AM - Run 1
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 59.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): C:\pagefile.sys 372 744 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.44 Gb Total Space | 48.67 Gb Free Space | 69.09% Space Free | Partition Type: NTFS
Drive D: | 4.07 Gb Total Space | 0.79 Gb Free Space | 19.39% Space Free | Partition Type: FAT32

Computer Name: YOUR-2S4KN5K0H3 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-1861399033-1312079479-937536695-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\CA Personal Firewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiMalware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Windows Shell -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"C:\Documents and Settings\Owner\Application Data\Facebook\facebook.exe" = C:\Documents and Settings\Owner\Application Data\Facebook\facebook.exe:127.0.0.1/255.255.255.255:Enabled:Facebook -- ()
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01A3E75B-54C0-407F-8B95-B77705C7DCC4}" = AMRT
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{11B569C2-4BF6-4ED0-9D17-A4273943CB24}" = Adobe Photoshop Album 2.0 Starter Edition
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"{14589F05-C658-4594-9429-D437BA688686}" = IntelliMover Data Transfer Demo
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D643CD7-4DD6-11D7-A4E0-000874180BB3}" = Microsoft Money 2004
"{1F7CCFA3-D926-4882-B2A5-A0217ED25597}" = PC-Doctor for Windows
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2681A52E-FCFA-4982-A030-7B652BDD346C}" = CA Personal Firewall
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java™ 6 Update 21
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2E819828-BC8D-4177-BEBB-425FAFF89E6B}" = Microsoft XML Parser SDK
"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38151262-FAF8-4778-9AAB-33E90B60D8E9}" = CA Anti-Virus Plus
"{3CE06D54-72B1-44B2-AB60-E4277EC80EF4}" = Microsoft XML Parser
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54DE0B75-6CD9-44C4-B10A-1F25DA9899D8}" = Quicken 2004
"{578596FF-7F65-4767-9F90-37920741148C}" = MSN Toolbar Platform
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6EECB283-E65F-40EF-86D3-D51BF02A8D43}" = Microsoft Office Converter Pack
"{7299052B-02A4-4627-81F2-1818DA5D550D}" = Microsoft Visual C++ 2005 Redistributable
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver
"{8C64E145-54BA-11D6-91B1-00500462BE80}" = Microsoft Money 2004 System Pack
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD Player
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{ADD72094-D289-4714-A62E-70574478A2BC}" = System Requirements Lab for Intel
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam Software
"{C6A7AF96-4EB1-4AAE-8318-1AB393C64F88}" = Microsoft Plus! Digital Media Edition
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CDB98E2F-7B2A-42C2-B718-F1F6B31586DF}" = CA Website Inspector
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0122362-6333-4DE4-93F6-A5A2F3CC101A}" = Compaq Organize
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1" = ZipGenius 6 (6.3.1.2612)
"{EEC2DAFD-5558-40AC-8E9C-5005C8F810E8}" = Microsoft Plus! for Windows XP
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}" = Acrobat.com
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"BackWeb-1940576 Uninstaller" = Compaq Connections
"CCleaner" = CCleaner
"CleanUp!" = CleanUp!
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Compaq Instant Support" = Compaq Instant Support
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"eTrust Suite Personal" = CA Internet Security Suite
"Facebook" = Facebook Desktop
"Google Updater" = Google Updater
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IEAK5" = Microsoft Internet Explorer Administration Kit 5
"InCD!UninstallKey" = InCD
"InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"InstallShield_{54DE0B75-6CD9-44C4-B10A-1F25DA9899D8}" = Quicken 2004
"Lexmark 4200 Series" = Lexmark 4200 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"MRW!UninstallKey" = Ahead InCD EasyWrite Reader
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NeroVision!UninstallKey" = NeroVision Express 2
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NMIX!UninstallKey" = NeroMIX
"NVIDIA" =
"PS2" = PS2
"Python 2.2 combined Win32 extensions" = Python 2.2 combined Win32 extensions
"Python 2.2.1" = Python 2.2.1
"QcDrv" = Logitech® Camera Driver
"RealArcade 1.2" = RealArcade
"RealPlayer 12.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.89
"SANYO Digital Camera Driver" = SANYO Digital Camera Driver
"Smart Defrag_is1" = Smart Defrag
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinPatrol" = WinPatrol
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1861399033-1312079479-937536695-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GoToMeeting" = GoToMeeting/GoToWebinar 3.0.0.198

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/7/2010 5:45:59 PM | Computer Name = YOUR-2S4KN5K0H3 | Source = UmxAgent | ID = 110
Description = Ask User application closed itself. Product: 2, Sess: 0

Error - 10/7/2010 5:45:59 PM | Computer Name = YOUR-2S4KN5K0H3 | Source = UmxAgent | ID = 99
Description = Sync event client C:\Program Files\CA\CA Internet Security Suite\ccEvtMgr.exe
registration timeout

Error - 10/7/2010 5:45:59 PM | Computer Name = YOUR-2S4KN5K0H3 | Source = UmxAgent | ID = 110
Description = Ask User application closed itself. Product: 2, Sess: 0

Error - 10/7/2010 5:45:59 PM | Computer Name = YOUR-2S4KN5K0H3 | Source = UmxAgent | ID = 99
Description = Sync event client C:\Program Files\CA\CA Internet Security Suite\ccEvtMgr.exe
registration timeout

Error - 10/7/2010 5:45:59 PM | Computer Name = YOUR-2S4KN5K0H3 | Source = UmxAgent | ID = 110
Description = Ask User application closed itself. Product: 2, Sess: 0

Error - 10/7/2010 5:45:59 PM | Computer Name = YOUR-2S4KN5K0H3 | Source = UmxAgent | ID = 99
Description = Sync event client C:\Program Files\CA\CA Internet Security Suite\ccEvtMgr.exe
registration timeout

Error - 10/7/2010 5:45:59 PM | Computer Name = YOUR-2S4KN5K0H3 | Source = UmxAgent | ID = 110
Description = Ask User application closed itself. Product: 2, Sess: 0

Error - 10/7/2010 5:45:59 PM | Computer Name = YOUR-2S4KN5K0H3 | Source = UmxAgent | ID = 99
Description = Sync event client C:\Program Files\CA\CA Internet Security Suite\ccEvtMgr.exe
registration timeout

Error - 10/7/2010 5:46:00 PM | Computer Name = YOUR-2S4KN5K0H3 | Source = UmxAgent | ID = 110
Description = Ask User application closed itself. Product: 2, Sess: 0

Error - 10/7/2010 5:46:00 PM | Computer Name = YOUR-2S4KN5K0H3 | Source = UmxAgent | ID = 99
Description = Sync event client C:\Program Files\CA\CA Internet Security Suite\ccEvtMgr.exe
registration timeout

[ System Events ]
Error - 10/17/2010 2:33:53 AM | Computer Name = YOUR-2S4KN5K0H3 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service wuauserv with
arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error - 10/17/2010 2:34:45 AM | Computer Name = YOUR-2S4KN5K0H3 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 10/17/2010 2:34:59 AM | Computer Name = YOUR-2S4KN5K0H3 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 10/17/2010 2:35:11 AM | Computer Name = YOUR-2S4KN5K0H3 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 10/17/2010 2:43:46 AM | Computer Name = YOUR-2S4KN5K0H3 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service UmxPol with
arguments "-Service" in order to run the server: {4C89C3FD-5F94-4678-BBB5-F64759C3C54A}

Error - 10/17/2010 2:43:46 AM | Computer Name = YOUR-2S4KN5K0H3 | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 10/17/2010 2:45:03 AM | Computer Name = YOUR-2S4KN5K0H3 | Source = Service Control Manager | ID = 7000
Description = The mrtRate service failed to start due to the following error: %%2

Error - 10/17/2010 2:45:07 AM | Computer Name = YOUR-2S4KN5K0H3 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
kl1

Error - 10/17/2010 5:06:06 AM | Computer Name = YOUR-2S4KN5K0H3 | Source = Service Control Manager | ID = 7000
Description = The mrtRate service failed to start due to the following error: %%2

Error - 10/17/2010 5:06:10 AM | Computer Name = YOUR-2S4KN5K0H3 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
kl1


< End of report >


#6 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:19 AM

Posted 17 October 2010 - 09:51 AM

Hi,

please run a scan with rootkit unhooker next:
Please download Rootkit Unhooker and save it to your Desktop
  • Double-click on RKUnhookerLE to run it
  • Click the Report tab, then click Scan
  • Check Drivers, Stealth, and uncheck the rest
  • Click OK
  • Wait until it's finished and then go to File > Save Report
  • Save the report to your Desktop
Copy the entire contents of the report and paste it in a reply here.

Note** you may get this warning it is ok, just ignore

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"


regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#7 lostkause

lostkause
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:19 PM

Posted 17 October 2010 - 03:49 PM

Thanks again for your assistance.
RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #1
==============================================
>Drivers
==============================================
0xB8D33000 C:\WINDOWS\system32\drivers\ALCXWDM.SYS 4124672 bytes (Realtek Semiconductor Corp., Realtek AC'97 Audio Driver (WDM))
0x804D7000 C:\WINDOWS\system32\ntoskrnl.exe 2260992 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2260992 bytes
0x804D7000 RAW 2260992 bytes
0x804D7000 WMIxWDM 2260992 bytes
0xBF800000 Win32k 1855488 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1855488 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xB919D000 C:\WINDOWS\System32\DRIVERS\AGRSM.sys 1204224 bytes (Agere Systems, SoftModem Device Driver)
0xBF06B000 C:\WINDOWS\System32\ialmdd5.DLL 905216 bytes (Intel Corporation, DirectDraw® Driver for Intel® Graphics Technology)
0xB92FB000 C:\WINDOWS\System32\DRIVERS\ialmnt5.sys 811008 bytes (Intel Corporation, Intel Graphics Miniport Driver)
0xF7B52000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xB026F000 C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xB8BD7000 C:\WINDOWS\System32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xB0376000 C:\WINDOWS\System32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xAD992000 C:\WINDOWS\System32\DRIVERS\srv.sys 360448 bytes (Microsoft Corporation, Server driver)
0xBFFA0000 C:\WINDOWS\System32\ATMFD.DLL 286720 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xADAB1000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xB8C93000 C:\WINDOWS\System32\DRIVERS\kmxcfg.sys 253952 bytes (CA, HIPS Kernel Configuration Cache)
0xF7422000 KmxAMRT.sys 200704 bytes (CA, CA Antivirus File System Filter Driver for XP/2003)
0xF75A8000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xADC82000 C:\WINDOWS\System32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xF7857000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xBF03F000 C:\WINDOWS\System32\ialmdev5.DLL 180224 bytes (Intel Corporation, Component GHAL Driver)
0xACD9A000 C:\WINDOWS\system32\drivers\kmixer.sys 176128 bytes (Microsoft Corporation, Kernel Mode Audio Mixer)
0xB02DF000 C:\WINDOWS\System32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xB034E000 C:\WINDOWS\System32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xADA12000 C:\WINDOWS\System32\DRIVERS\KmxCF.sys 159744 bytes (CA, HIPS Content Filter Driver)
0xB0249000 C:\WINDOWS\System32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xAE1C1000 C:\WINDOWS\System32\Drivers\Fastfat.SYS 147456 bytes (Microsoft Corporation, Fast FAT File System Driver)
0xB8D0F000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xB92C3000 C:\WINDOWS\System32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xF749D000 fasttx2k.sys 143360 bytes (Promise Technology, Inc., Promise FastTrak Series Driver for WindowsXP)
0xB9146000 C:\WINDOWS\System32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xB032C000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0xB030A000 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 139264 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASKUTIL.SYS)
0xF7966000 kmxstart.sys 135168 bytes (CA, HIPS Core Driver)
0x806FF000 ACPI_HAL 134400 bytes
0x806FF000 C:\WINDOWS\system32\hal.dll 134400 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xF7465000 fltmgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xB043F000 C:\WINDOWS\System32\DRIVERS\kmxfw.sys 131072 bytes (CA, HIPS Firewall Driver)
0xB917D000 C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys 131072 bytes (Realtek Semiconductor Corporation , Realtek 10/100/1000 NDIS 5.1 Driver )
0xF74D8000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xBF020000 C:\WINDOWS\System32\ialmdnt5.dll 126976 bytes (Intel Corporation, Controller Hub for Intel Graphics Driver)
0xF783D000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xF74C0000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xF7485000 C:\WINDOWS\System32\DRIVERS\SCSIPORT.SYS 98304 bytes (Microsoft Corporation, SCSI Port Driver)
0xF740B000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xB8CF8000 C:\WINDOWS\System32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xB8CD1000 C:\WINDOWS\System32\DRIVERS\kmxagent.sys 90112 bytes (CA, HIPS Agent Driver)
0xB040A000 C:\WINDOWS\System32\Drivers\InCDfs.SYS 86016 bytes (Ahead Software, InCD File System Driver)
0xAD5E5000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xB9169000 C:\WINDOWS\System32\DRIVERS\parport.sys 81920 bytes (Microsoft Corporation, Parallel Port Driver)
0xB92E7000 C:\WINDOWS\System32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xB03CF000 C:\WINDOWS\System32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xF7884000 WudfPf.sys 77824 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xAE15F000 C:\WINDOWS\System32\DRIVERS\KmxSbx.sys 73728 bytes (CA, HIPS Registry, Spawning and Devices Guard driver)
0xF7453000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xF7597000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xB8CE7000 C:\WINDOWS\System32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xAFFB7000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xBA0F3000 C:\WINDOWS\System32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xF7507000 C:\WINDOWS\System32\DRIVERS\KmxFile.sys 65536 bytes (CA, HIPS File Guard driver)
0xBA710000 C:\WINDOWS\System32\DRIVERS\serial.sys 65536 bytes (Microsoft Corporation, Serial Device Driver)
0xBA0C3000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xBA0E3000 C:\WINDOWS\System32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xAD6F2000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xF7527000 C:\WINDOWS\System32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xBF012000 C:\WINDOWS\System32\ialmrnt5.dll 57344 bytes (Intel Corporation, Controller Hub for Intel Graphics Driver)
0xF7637000 C:\WINDOWS\System32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xBA113000 C:\WINDOWS\System32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, i8042 Port Driver)
0xF7687000 C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xF7617000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xF76A7000 C:\WINDOWS\System32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xBA790000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xBA103000 C:\WINDOWS\System32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xBA730000 C:\WINDOWS\system32\drivers\lvusbsta.sys 45056 bytes (Logitech Inc., USB Statistic Driver)
0xF7607000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xF7697000 C:\WINDOWS\System32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xF75F7000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xF7557000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xF7647000 SISAGPX.sys 40960 bytes (Silicon Integrated Systems Corporation, SiS AGPv3.5 Filter)
0xF76E7000 C:\WINDOWS\System32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xF7627000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xBA0B3000 C:\WINDOWS\System32\DRIVERS\HIDCLASS.SYS 36864 bytes (Microsoft Corporation, Hid Class Library)
0xBA720000 C:\WINDOWS\System32\DRIVERS\intelppm.sys 36864 bytes (Microsoft Corporation, Processor Device Driver)
0xF76B7000 C:\WINDOWS\System32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xF74F7000 C:\WINDOWS\System32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xACE25000 C:\WINDOWS\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0xF7677000 C:\WINDOWS\System32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xF77EF000 C:\WINDOWS\System32\Drivers\Modem.SYS 32768 bytes (Microsoft Corporation, Modem Device Driver)
0xB93C9000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xF7817000 C:\WINDOWS\System32\DRIVERS\usbccgp.sys 32768 bytes (Microsoft Corporation, USB Common Class Generic Parent Driver)
0xF77E7000 C:\WINDOWS\System32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xF7757000 C:\WINDOWS\System32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0xF780F000 C:\WINDOWS\System32\DRIVERS\InCDPass.sys 28672 bytes (Ahead Software, Ahead RW Filter Driver)
0xF7707000 C:\WINDOWS\System32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xF774F000 C:\WINDOWS\System32\DRIVERS\usbprint.sys 28672 bytes (Microsoft Corporation, USB Printer driver)
0xF773F000 C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS 28672 bytes (Microsoft Corporation, USB Mass Storage Class Driver)
0xF771F000 viaagp1.sys 28672 bytes (VIA Technologies, Inc., VIA NT AGP Filter)
0xB9686000 C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0xB968E000 C:\WINDOWS\System32\Drivers\incdrm.SYS 24576 bytes (Ahead Software AG, Ahead MRW Filter Driver)
0xF7807000 C:\WINDOWS\System32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xF77F7000 C:\WINDOWS\System32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xF77FF000 C:\WINDOWS\System32\DRIVERS\PS2.sys 24576 bytes (Hewlett-Packard Company, PS2 SYS)
0xB93C1000 C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 24576 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASDIFSV.SYS)
0xF77DF000 C:\WINDOWS\System32\DRIVERS\usbuhci.sys 24576 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0xB93D9000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xB93D1000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xF770F000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xB965E000 C:\WINDOWS\System32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xF7717000 PxHelp20.sys 20480 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xB9656000 C:\WINDOWS\System32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel® mini-port/call-manager driver)
0xB967E000 C:\WINDOWS\System32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xB008A000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xF7947000 C:\WINDOWS\System32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xAE175000 C:\WINDOWS\System32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xBA6F4000 C:\WINDOWS\System32\DRIVERS\serenum.sys 16384 bytes (Microsoft Corporation, Serial Port Enumerator)
0xBA7B4000 C:\WINDOWS\System32\DRIVERS\usbscan.sys 16384 bytes (Microsoft Corporation, USB Scanner Driver)
0xF7897000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xB03EE000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xBA7B0000 C:\WINDOWS\System32\DRIVERS\hidusb.sys 12288 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0xADEEB000 C:\WINDOWS\system32\DRIVERS\MaVc2K.sys 12288 bytes (Mobile Action Technology Inc., Mobile Action Virtual Control)
0xF792F000 C:\WINDOWS\System32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xBA6F0000 C:\WINDOWS\system32\drivers\pfc.sys 12288 bytes (Padus, Inc., Padus® ASPI Shell)
0xB9421000 C:\WINDOWS\System32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xB9415000 C:\WINDOWS\System32\DRIVERS\srvkp.sys 12288 bytes (Silicon Integrated Systems Corporation, SiS VGA Driver Manager)
0xB9419000 C:\WINDOWS\System32\drivers\ws2ifsl.sys 12288 bytes (Microsoft Corporation, Winsock2 IFS Layer)
0xF79D9000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xF79D7000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xF79DF000 C:\WINDOWS\System32\Drivers\InCDrec.SYS 8192 bytes (Ahead Software AG, InCD File System Recognizer)
0xF798D000 intelide.sys 8192 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0xF7987000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xF79DB000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xF799D000 C:\WINDOWS\System32\Drivers\ParVdm.SYS 8192 bytes (Microsoft Corporation, VDM Parallel Driver)
0xF79DD000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xF79BD000 C:\WINDOWS\System32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xF79B7000 C:\WINDOWS\System32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xF798B000 viaide.sys 8192 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
0xF7989000 C:\WINDOWS\System32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xBA2D6000 C:\WINDOWS\System32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xF7A66000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xF7A9E000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xF7A4F000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
==============================================
>Stealth
==============================================
0x80562520 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x89EB0428 ] TID: 160
0x80562520 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x89B609A8 ] TID: 164
0x80562520 Faked ServiceTable-->incdsrv.exe [ ETHREAD 0x88BD9CA0 ] TID: 168
0x80562520 Faked ServiceTable-->LEXBCES.EXE [ ETHREAD 0x89564A38 ] TID: 200
0x80562520 Faked ServiceTable-->jqs.exe [ ETHREAD 0x88C0B768 ] TID: 204
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88A8A888 ] TID: 208
0x80562520 Faked ServiceTable-->jqs.exe [ ETHREAD 0x88AE8020 ] TID: 216
0x80562520 Faked ServiceTable-->Sup_SmartRAM.exe [ ETHREAD 0x8884E838 ] TID: 240
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89263900 ] TID: 264
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x89C37240 ] TID: 276
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x892485E8 ] TID: 280
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88207DA8 ] TID: 324, 1350992 bytes
0x80562520 Faked ServiceTable-->UmxAgent.exe [ ETHREAD 0x896F8248 ] TID: 332
0x80562520 Faked ServiceTable-->spoolsv.exe [ ETHREAD 0x8929A7A8 ] TID: 340, 8781839 bytes
0x80562520 Faked ServiceTable-->CAGlobalLight.exe [ ETHREAD 0x882AFCB8 ] TID: 344
0x80562520 Faked ServiceTable-->UmxAgent.exe [ ETHREAD 0x89693558 ] TID: 360, 8781840 bytes
0x80562520 Faked ServiceTable-->SeaPort.exe [ ETHREAD 0x88938770 ] TID: 400
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88933678 ] TID: 408
0x80562520 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x8927CDA8 ] TID: 420
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88A8C248 ] TID: 424, 8781865 bytes
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88AE2638 ] TID: 428
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x892A0DA8 ] TID: 432, 8781866 bytes
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88BC79E0 ] TID: 436
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x892CBDA8 ] TID: 448, 8781873 bytes
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x8930C1B8 ] TID: 452
0x80562520 Faked ServiceTable-->MDM.EXE [ ETHREAD 0x88AB6810 ] TID: 472
0x80562520 Faked ServiceTable-->msiexec.exe [ ETHREAD 0x889ACDA8 ] TID: 480
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x887B9A00 ] TID: 484
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x88AB7670 ] TID: 492
0x80562520 Faked ServiceTable-->isafe.exe [ ETHREAD 0x8920E118 ] TID: 500
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x89D37650 ] TID: 504
0x80562520 Faked ServiceTable-->spoolsv.exe [ ETHREAD 0x892868E0 ] TID: 524
0x80562520 Faked ServiceTable-->spoolsv.exe [ ETHREAD 0x8829C700 ] TID: 528
0x80562520 Faked ServiceTable-->spoolsv.exe [ ETHREAD 0x8829B300 ] TID: 532
0x80562520 Faked ServiceTable-->msiexec.exe [ ETHREAD 0x8899FBC8 ] TID: 540
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x88937618 ] TID: 568
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x8893A8F8 ] TID: 572
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x8893A478 ] TID: 576
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x8893A200 ] TID: 580
0x80562520 Faked ServiceTable-->SeaPort.exe [ ETHREAD 0x889389E8 ] TID: 584
0x80562520 Faked ServiceTable-->spoolsv.exe [ ETHREAD 0x88508DA8 ] TID: 596
0x80562520 Faked ServiceTable-->smss.exe [ ETHREAD 0x89EF7830 ] TID: 604
0x80562520 Faked ServiceTable-->smss.exe [ ETHREAD 0x89F47498 ] TID: 608
0x80562520 Faked ServiceTable-->smss.exe [ ETHREAD 0x89F47220 ] TID: 612
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89695188 ] TID: 620
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x896BE178 ] TID: 652
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88FC89D0 ] TID: 656
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89698738 ] TID: 664
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x896D06B0 ] TID: 672
0x80562520 Faked ServiceTable-->csrss.exe [ ETHREAD 0x89745DA8 ] TID: 688
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x896C6168 ] TID: 712
0x80562520 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x89678B30 ] TID: 720
0x80562520 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x89674DA8 ] TID: 724
0x80562520 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x8967B638 ] TID: 732
0x80562520 Faked ServiceTable-->services.exe [ ETHREAD 0x8959E9E8 ] TID: 760
0x80562520 Faked ServiceTable-->services.exe [ ETHREAD 0x89599020 ] TID: 764
0x80562520 Faked ServiceTable-->services.exe [ ETHREAD 0x89599DA8 ] TID: 768
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x8959A808 ] TID: 772
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x8959FDA8 ] TID: 776
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x8959FB30 ] TID: 780
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x8959F8B8 ] TID: 784
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x8959F640 ] TID: 788
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88930A08 ] TID: 792
0x80562520 Faked ServiceTable-->incdsrv.exe [ ETHREAD 0x88BE5DA8 ] TID: 796
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x895912C0 ] TID: 804
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x89585DA8 ] TID: 808
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x89595480 ] TID: 824
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x89582B80 ] TID: 828
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x89587648 ] TID: 832
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x89598958 ] TID: 836
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x89584DA8 ] TID: 840
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x8957E418 ] TID: 844
0x80562520 Faked ServiceTable-->services.exe [ ETHREAD 0x895A3828 ] TID: 852, 196611 bytes
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x89587DA8 ] TID: 856
0x80562520 Faked ServiceTable-->services.exe [ ETHREAD 0x8957C488 ] TID: 860, 196611 bytes
0x80562520 Faked ServiceTable-->services.exe [ ETHREAD 0x8957C210 ] TID: 864
0x80562520 Faked ServiceTable-->agrsmsvc.exe [ ETHREAD 0x88EC3278 ] TID: 884, 34209804 bytes
0x80562520 Faked ServiceTable-->services.exe [ ETHREAD 0x896064B8 ] TID: 888
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x895835B8 ] TID: 892
0x80562520 Faked ServiceTable-->services.exe [ ETHREAD 0x89589C10 ] TID: 896
0x80562520 Faked ServiceTable-->services.exe [ ETHREAD 0x89511020 ] TID: 912, 29628200 bytes
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88953BB8 ] TID: 916
0x80562520 Faked ServiceTable-->SeaPort.exe [ ETHREAD 0x88934020 ] TID: 932, 3801155 bytes
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x895135F8 ] TID: 936
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89522B30 ] TID: 944
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x895228B8 ] TID: 948
0x80562520 Faked ServiceTable-->AppleMobileDeviceService.exe [ ETHREAD 0x88E00020 ] TID: 952, 3801155 bytes
0x80562520 Faked ServiceTable-->services.exe [ ETHREAD 0x89515DA8 ] TID: 956
0x80562520 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x8951DDA8 ] TID: 960, 5439534 bytes
0x80562520 Faked ServiceTable-->firefox.exe [ ETHREAD 0x8813CDA8 ] TID: 964
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89507C60 ] TID: 976, 7536761 bytes
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x895052D0 ] TID: 980
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89506210 ] TID: 984
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89505A60 ] TID: 988
0x80562520 Faked ServiceTable-->AppleMobileDeviceService.exe [ ETHREAD 0x88E00380 ] TID: 1004
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88930020 ] TID: 1008
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8893CBA0 ] TID: 1012
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8893C928 ] TID: 1016
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88933DA8 ] TID: 1020
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8942C7D8 ] TID: 1072
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8942BBC8 ] TID: 1076
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8942B020 ] TID: 1096
0x80562520 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x8941C020 ] TID: 1140
0x80562520 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x8829BCF0 ] TID: 1144
0x80562520 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x8941E2C0 ] TID: 1148
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x888C6020 ] TID: 1156
0x80562520 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x893DC9F0 ] TID: 1160
0x80562520 Faked ServiceTable-->mDNSResponder.exe [ ETHREAD 0x88E64448 ] TID: 1168
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x894368D8 ] TID: 1176
0x80562520 Faked ServiceTable-->firefox.exe [ ETHREAD 0x882D7DA8 ] TID: 1200
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88935768 ] TID: 1208
0x80562520 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x89351020 ] TID: 1212
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x894148E0 ] TID: 1224
0x80562520 Faked ServiceTable-->isafe.exe [ ETHREAD 0x88D43608 ] TID: 1240
0x80562520 Faked ServiceTable-->isafe.exe [ ETHREAD 0x88D43118 ] TID: 1244
0x80562520 Faked ServiceTable-->isafe.exe [ ETHREAD 0x88D43390 ] TID: 1248
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x8829E150 ] TID: 1252
0x80562520 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x89357DA8 ] TID: 1256
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89331958 ] TID: 1264
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x893316E0 ] TID: 1268
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89331468 ] TID: 1272
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8932DDA8 ] TID: 1276, 7077998 bytes
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8932A020 ] TID: 1284
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88941858 ] TID: 1312
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x888BC9E8 ] TID: 1316
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x888BF9B8 ] TID: 1320
0x80562520 Faked ServiceTable-->ccschedulersvc.exe [ ETHREAD 0x88DC0DA8 ] TID: 1324
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89342AB0 ] TID: 1328
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89341DA8 ] TID: 1332
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x888519E8 ] TID: 1340
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88852BE8 ] TID: 1352
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8885C658 ] TID: 1356
0x80562520 Faked ServiceTable-->WLIDSVC.EXE [ ETHREAD 0x8884B628 ] TID: 1364
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88857020 ] TID: 1380
0x80562520 Faked ServiceTable-->WLIDSVC.EXE [ ETHREAD 0x88854B80 ] TID: 1388
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x89358BD0 ] TID: 1408
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89315488 ] TID: 1424
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x893148F0 ] TID: 1428
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x893196A0 ] TID: 1432
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x893217E8 ] TID: 1444
0x80562520 Faked ServiceTable-->WLIDSVC.EXE [ ETHREAD 0x88850C00 ] TID: 1448
0x80562520 Faked ServiceTable-->ccschedulersvc.exe [ ETHREAD 0x88CF2998 ] TID: 1452
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89263DA8 ] TID: 1460
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x893141B0 ] TID: 1464
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89272338 ] TID: 1468
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8931DBD8 ] TID: 1472, 7536686 bytes
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8932E4B8 ] TID: 1476
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89272DA8 ] TID: 1484
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89324630 ] TID: 1492
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89320BD0 ] TID: 1528
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x891F6DA8 ] TID: 1540
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x891F6950 ] TID: 1548
0x80562520 Faked ServiceTable-->LEXBCES.EXE [ ETHREAD 0x891EFBC8 ] TID: 1552
0x80562520 Faked ServiceTable-->LEXBCES.EXE [ ETHREAD 0x891EF638 ] TID: 1556, 7340147 bytes
0x80562520 Faked ServiceTable-->LEXBCES.EXE [ ETHREAD 0x891F7448 ] TID: 1560
0x80562520 Faked ServiceTable-->LEXBCES.EXE [ ETHREAD 0x89326538 ] TID: 1564
0x80562520 Faked ServiceTable-->LEXBCES.EXE [ ETHREAD 0x8931B990 ] TID: 1568
0x80562520 Faked ServiceTable-->UmxCfg.exe [ ETHREAD 0x891759B8 ] TID: 1604
0x80562520 Faked ServiceTable-->LEXPPS.EXE [ ETHREAD 0x8917A808 ] TID: 1608
0x80562520 Faked ServiceTable-->UmxFwHlp.exe [ ETHREAD 0x89178630 ] TID: 1616
0x80562520 Faked ServiceTable-->LEXPPS.EXE [ ETHREAD 0x8913BDA8 ] TID: 1624
0x80562520 Faked ServiceTable-->LEXPPS.EXE [ ETHREAD 0x8913BB30 ] TID: 1628
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88CE6BC8 ] TID: 1640
0x80562520 Faked ServiceTable-->UmxFwHlp.exe [ ETHREAD 0x89179BD0 ] TID: 1644
0x80562520 Faked ServiceTable-->ccschedulersvc.exe [ ETHREAD 0x88CF2540 ] TID: 1652
0x80562520 Faked ServiceTable-->LEXPPS.EXE [ ETHREAD 0x892D8428 ] TID: 1668
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89137020 ] TID: 1696
0x80562520 Faked ServiceTable-->LEXBCES.EXE [ ETHREAD 0x894B4978 ] TID: 1704
0x80562520 Faked ServiceTable-->LEXPPS.EXE [ ETHREAD 0x8914A810 ] TID: 1708
0x80562520 Faked ServiceTable-->spoolsv.exe [ ETHREAD 0x89264C68 ] TID: 1716, 3473463 bytes
0x80562520 Faked ServiceTable-->spoolsv.exe [ ETHREAD 0x890CEBD0 ] TID: 1720
0x80562520 Faked ServiceTable-->UmxFwHlp.exe [ ETHREAD 0x890CF7D8 ] TID: 1736
0x80562520 Faked ServiceTable-->UmxFwHlp.exe [ ETHREAD 0x890BF6D8 ] TID: 1760
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88C14DA8 ] TID: 1792
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8906E7F8 ] TID: 1824
0x80562520 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x890619B8 ] TID: 1828
0x80562520 Faked ServiceTable-->UmxFwHlp.exe [ ETHREAD 0x89074DA8 ] TID: 1864
0x80562520 Faked ServiceTable-->UmxFwHlp.exe [ ETHREAD 0x8905E778 ] TID: 1876
0x80562520 Faked ServiceTable-->incdsrv.exe [ ETHREAD 0x88B584B8 ] TID: 1896
0x80562520 Faked ServiceTable-->UmxAgent.exe [ ETHREAD 0x88C15B30 ] TID: 1904
0x80562520 Faked ServiceTable-->UmxAgent.exe [ ETHREAD 0x88B626C0 ] TID: 1912
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88C0E808 ] TID: 1920
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88B56BC8 ] TID: 1924
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88B5DDA8 ] TID: 1928
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88B4EBC8 ] TID: 1932
0x80562520 Faked ServiceTable-->firefox.exe [ ETHREAD 0x8958A858 ] TID: 1944
0x80562520 Faked ServiceTable-->firefox.exe [ ETHREAD 0x88936650 ] TID: 1948
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89069DA8 ] TID: 1964
0x80562520 Faked ServiceTable-->UmxAgent.exe [ ETHREAD 0x890CABF0 ] TID: 1968
0x80562520 Faked ServiceTable-->UmxAgent.exe [ ETHREAD 0x89029DA8 ] TID: 1972
0x80562520 Faked ServiceTable-->incdsrv.exe [ ETHREAD 0x88AF3BC8 ] TID: 1980
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x889305C8 ] TID: 1984
0x80562520 Faked ServiceTable-->LEXBCES.EXE [ ETHREAD 0x8A0B2C00 ] TID: 1988
0x80562520 Faked ServiceTable-->UmxAgent.exe [ ETHREAD 0x890218B8 ] TID: 1996, 7077998 bytes
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x89EAF020 ] TID: 2000
0x80562520 Faked ServiceTable-->incdsrv.exe [ ETHREAD 0x88BBD080 ] TID: 2024
0x80562520 Faked ServiceTable-->incdsrv.exe [ ETHREAD 0x88BC0288 ] TID: 2028
0x80562520 Faked ServiceTable-->incdsrv.exe [ ETHREAD 0x88BBEDA8 ] TID: 2032
0x80562520 Faked ServiceTable-->incdsrv.exe [ ETHREAD 0x88BE2020 ] TID: 2036
0x80562520 Faked ServiceTable-->incdsrv.exe [ ETHREAD 0x88BD9020 ] TID: 2040
0x80562520 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x89B711A0 ] TID: 2044
0x80562520 Faked ServiceTable-->WLIDSVC.EXE [ ETHREAD 0x88857A08 ] TID: 2052
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88847608 ] TID: 2064
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88842808 ] TID: 2072
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8883C020 ] TID: 2076
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x8906C9C8 ] TID: 2080
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89574790 ] TID: 2112
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89CC3B08 ] TID: 2116
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89552C00 ] TID: 2120
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89666CC0 ] TID: 2124, 3014764 bytes
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88834020 ] TID: 2140
0x80562520 Faked ServiceTable-->services.exe [ ETHREAD 0x88842590 ] TID: 2144
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8884CDA8 ] TID: 2148
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x888449F8 ] TID: 2152
0x80562520 Faked ServiceTable-->services.exe [ ETHREAD 0x888385B0 ] TID: 2156
0x80562520 Faked ServiceTable-->services.exe [ ETHREAD 0x88832468 ] TID: 2160
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x892E72A0 ] TID: 2164
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x888329E8 ] TID: 2168, 3473461 bytes
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x887D2828 ] TID: 2172
0x80562520 Faked ServiceTable-->wuauclt.exe [ ETHREAD 0x887CF020 ] TID: 2176
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x88299520 ] TID: 2180
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x8829C3B0 ] TID: 2184
0x80562520 Faked ServiceTable-->wuauclt.exe [ ETHREAD 0x887C4DA8 ] TID: 2196
0x80562520 Faked ServiceTable-->wuauclt.exe [ ETHREAD 0x887C8828 ] TID: 2200
0x80562520 Faked ServiceTable-->wuauclt.exe [ ETHREAD 0x887C85B0 ] TID: 2204
0x80562520 Faked ServiceTable-->wuauclt.exe [ ETHREAD 0x887D25B0 ] TID: 2208
0x80562520 Faked ServiceTable-->wuauclt.exe [ ETHREAD 0x887C2020 ] TID: 2212
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89441058 ] TID: 2216
0x80562520 Faked ServiceTable-->jqs.exe [ ETHREAD 0x8829AC60 ] TID: 2220
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x887BC848 ] TID: 2224
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x887C3DA8 ] TID: 2244
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88195AA8 ] TID: 2252
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x887BADA8 ] TID: 2260
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x895733E0 ] TID: 2264
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x8829A910 ] TID: 2272
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x8829E810 ] TID: 2292
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x887B44C8 ] TID: 2296, 101 bytes
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x8829D750 ] TID: 2300
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x887B8808 ] TID: 2312, 29752120 bytes
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x8829B9A0 ] TID: 2320
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x8829EB60 ] TID: 2324
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x8930C560 ] TID: 2328
0x80562520 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x88786020 ] TID: 2368
0x80562520 Faked ServiceTable-->UmxAgent.exe [ ETHREAD 0x884F0020 ] TID: 2380
0x80562520 Faked ServiceTable-->firefox.exe [ ETHREAD 0x88C07020 ] TID: 2400
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x887A7DA8 ] TID: 2404
0x80562520 Faked ServiceTable-->firefox.exe [ ETHREAD 0x88F62020 ] TID: 2408
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88776020 ] TID: 2412
0x80562520 Faked ServiceTable-->firefox.exe [ ETHREAD 0x89C05020 ] TID: 2424
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x887A81A8 ] TID: 2428
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x887AA800 ] TID: 2432
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x887B66E8 ] TID: 2440
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x887A1DA8 ] TID: 2444
0x80562520 Faked ServiceTable-->firefox.exe [ ETHREAD 0x89321D98 ] TID: 2452
0x80562520 Faked ServiceTable-->firefox.exe [ ETHREAD 0x895F4570 ] TID: 2456
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8877DDA8 ] TID: 2460
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8877C020 ] TID: 2464
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x887B1DA8 ] TID: 2472, 130 bytes
0x80562520 Faked ServiceTable-->firefox.exe [ ETHREAD 0x89535090 ] TID: 2480
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x887A4490 ] TID: 2504
0x80562520 Faked ServiceTable-->csrss.exe [ ETHREAD 0x887A6370 ] TID: 2508
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x887A2DA8 ] TID: 2516
0x80562520 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x88766218 ] TID: 2544
0x80562520 Faked ServiceTable-->spoolsv.exe [ ETHREAD 0x89722220 ] TID: 2560
0x80562520 Faked ServiceTable-->AppleMobileDeviceService.exe [ ETHREAD 0x887697A8 ] TID: 2576, 467880 bytes
0x80562520 Faked ServiceTable-->spoolsv.exe [ ETHREAD 0x8929A2F8 ] TID: 2600
0x80562520 Faked ServiceTable-->SeaPort.exe [ ETHREAD 0x89B51850 ] TID: 2636
0x80562520 Faked ServiceTable-->SeaPort.exe [ ETHREAD 0x88766BF0 ] TID: 2640
0x80562520 Faked ServiceTable-->alg.exe [ ETHREAD 0x885A0978 ] TID: 2672
0x80562520 Faked ServiceTable-->firefox.exe [ ETHREAD 0x892A3070 ] TID: 2692
0x80562520 Faked ServiceTable-->spoolsv.exe [ ETHREAD 0x8827EDA8 ] TID: 2696
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x883EC5A0 ] TID: 2712
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88493DA8 ] TID: 2716
0x80562520 Faked ServiceTable-->firefox.exe [ ETHREAD 0x88140098 ] TID: 2732
0x80562520 Faked ServiceTable-->explorer.exe [ ETHREAD 0x883E57F8 ] TID: 2760
0x80562520 Faked ServiceTable-->explorer.exe [ ETHREAD 0x88444B60 ] TID: 2776
0x80562520 Faked ServiceTable-->firefox.exe [ ETHREAD 0x89553DA8 ] TID: 2784
0x80562520 Faked ServiceTable-->explorer.exe [ ETHREAD 0x88A2DDA8 ] TID: 2796
0x80562520 Faked ServiceTable-->explorer.exe [ ETHREAD 0x8847CDA8 ] TID: 2800
0x80562520 Faked ServiceTable-->explorer.exe [ ETHREAD 0x884C2538 ] TID: 2808
0x80562520 Faked ServiceTable-->explorer.exe [ ETHREAD 0x88446680 ] TID: 2816
0x80562520 Faked ServiceTable-->services.exe [ ETHREAD 0x882DE080 ] TID: 2836
0x80562520 Faked ServiceTable-->firefox.exe [ ETHREAD 0x882F28D8 ] TID: 2840
0x80562520 Faked ServiceTable-->services.exe [ ETHREAD 0x884EA200 ] TID: 2844
0x80562520 Faked ServiceTable-->alg.exe [ ETHREAD 0x895F98A0 ] TID: 2876
0x80562520 Faked ServiceTable-->WLIDSVC.EXE [ ETHREAD 0x895B5170 ] TID: 2908
0x80562520 Faked ServiceTable-->alg.exe [ ETHREAD 0x887B9598 ] TID: 2924
0x80562520 Faked ServiceTable-->alg.exe [ ETHREAD 0x89550140 ] TID: 2928
0x80562520 Faked ServiceTable-->alg.exe [ ETHREAD 0x895D3240 ] TID: 2936
0x80562520 Faked ServiceTable-->CAGlobalLight.exe [ ETHREAD 0x8922EDA8 ] TID: 2960
0x80562520 Faked ServiceTable-->SeaPort.exe [ ETHREAD 0x887C0BD0 ] TID: 2964
0x80562520 Faked ServiceTable-->SeaPort.exe [ ETHREAD 0x88FCC098 ] TID: 2968
0x80562520 Faked ServiceTable-->CAGlobalLight.exe [ ETHREAD 0x882C77E8 ] TID: 2972
0x80562520 Faked ServiceTable-->CAGlobalLight.exe [ ETHREAD 0x882B5CB8 ] TID: 2984
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x891AB2F8 ] TID: 2992
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89108D50 ] TID: 3004
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89424880 ] TID: 3008
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x896765F8 ] TID: 3012
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x885FD278 ] TID: 3024
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89694DA8 ] TID: 3036
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x890623D8 ] TID: 3052
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89434478 ] TID: 3056
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88FDE020 ] TID: 3060
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x895D8650 ] TID: 3068
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x891C0D38 ] TID: 3136
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89110558 ] TID: 3140
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8956F680 ] TID: 3156
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x8953DDA8 ] TID: 3160
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89450548 ] TID: 3172
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x89462BF0 ] TID: 3208
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x89464718 ] TID: 3216
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x894925E8 ] TID: 3220
0x80562520 Faked ServiceTable-->SeaPort.exe [ ETHREAD 0x89463650 ] TID: 3232
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x894628A0 ] TID: 3236
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89464A68 ] TID: 3240
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89463CF0 ] TID: 3244
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x894AB2F0 ] TID: 3248
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x88C14020 ] TID: 3256
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x894A6710 ] TID: 3260
0x80562520 Faked ServiceTable-->WLIDSVC.EXE [ ETHREAD 0x883AD8F0 ] TID: 3268
0x80562520 Faked ServiceTable-->MDM.EXE [ ETHREAD 0x88CF39F8 ] TID: 3276
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x883AE860 ] TID: 3280
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x8846F8C0 ] TID: 3284
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x88489A40 ] TID: 3296
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x889076A0 ] TID: 3300
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x884823D8 ] TID: 3312
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x88456B80 ] TID: 3320
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x89DCCDA8 ] TID: 3384
0x80562520 Faked ServiceTable-->CAGlobalLight.exe [ ETHREAD 0x881579C0 ] TID: 3388
0x80562520 Faked ServiceTable-->explorer.exe [ ETHREAD 0x88FD2020 ] TID: 3392
0x80562520 Faked ServiceTable-->winlogon.exe [ ETHREAD 0x897620D8 ] TID: 3412
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x895E4020 ] TID: 3432
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x89F6DBE8 ] TID: 3464
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x893A60B8 ] TID: 3484
0x80562520 Faked ServiceTable-->AppleMobileDeviceService.exe [ ETHREAD 0x89387DA8 ] TID: 3488
0x80562520 Faked ServiceTable-->explorer.exe [ ETHREAD 0x893AADA8 ] TID: 3492
0x80562520 Faked ServiceTable-->LEXPPS.EXE [ ETHREAD 0x890EEBE0 ] TID: 3504
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x8919A2B8 ] TID: 3508
0x80562520 Faked ServiceTable-->LEXPPS.EXE [ ETHREAD 0x88FD69C0 ] TID: 3512
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x8919F218 ] TID: 3540
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x887B6020 ] TID: 3544
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x890DC9A8 ] TID: 3556
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x89164308 ] TID: 3560
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x88698828 ] TID: 3572
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x890AE8B8 ] TID: 3576
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x89C52B30 ] TID: 3584
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x89C11DA8 ] TID: 3596
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x89C609F0 ] TID: 3620
0x80562520 Faked ServiceTable-->ccprovsp.exe [ ETHREAD 0x89661808 ] TID: 3636
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x88F80AD8 ] TID: 3680
0x80562520 Faked ServiceTable-->RKUnhookerLE(3).EXE [ ETHREAD 0x895C1320 ] TID: 3716
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x8866B9A0 ] TID: 3728
0x80562520 Faked ServiceTable-->igfxtray.exe [ ETHREAD 0x88F288D8 ] TID: 3736
0x80562520 Faked ServiceTable-->AGRSMMSG.exe [ ETHREAD 0x88359DA8 ] TID: 3740
0x80562520 Faked ServiceTable-->reader_sl.exe [ ETHREAD 0x88F19728 ] TID: 3744
0x80562520 Faked ServiceTable-->igfxtray.exe [ ETHREAD 0x886544B0 ] TID: 3748
0x80562520 Faked ServiceTable-->InCD.exe [ ETHREAD 0x8A0AF9E8 ] TID: 3756
0x80562520 Faked ServiceTable-->InCD.exe [ ETHREAD 0x88356AF8 ] TID: 3760
0x80562520 Faked ServiceTable-->InCD.exe [ ETHREAD 0x88356478 ] TID: 3772
0x80562520 Faked ServiceTable-->reader_sl.exe [ ETHREAD 0x88338020 ] TID: 3784
0x80562520 Faked ServiceTable-->InCD.exe [ ETHREAD 0x8A0AF770 ] TID: 3796
0x80562520 Faked ServiceTable-->reader_sl.exe [ ETHREAD 0x8828FA58 ] TID: 3808
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x882F0DA8 ] TID: 3840
0x80562520 Faked ServiceTable-->svchost.exe [ ETHREAD 0x895DDC80 ] TID: 3848
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x882139F8 ] TID: 3856
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x881A7020 ] TID: 3876
0x80562520 Faked ServiceTable-->WinPatrol.exe [ ETHREAD 0x88122800 ] TID: 3884
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x88119958 ] TID: 3892
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x88193DA8 ] TID: 3896
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x881AEDA8 ] TID: 3900
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x886B0960 ] TID: 3908
0x80562520 Faked ServiceTable-->casc.exe [ ETHREAD 0x8829E488 ] TID: 3928
0x80562520 Faked ServiceTable-->ctfmon.exe [ ETHREAD 0x882B8DA8 ] TID: 3932
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x88908200 ] TID: 3948
0x80562520 Faked ServiceTable-->ccEvtMgr.exe [ ETHREAD 0x89D66858 ] TID: 3952
0x80562520 Faked ServiceTable-->services.exe [ ETHREAD 0x882D0DA8 ] TID: 3960
0x80562520 Faked ServiceTable-->explorer.exe [ ETHREAD 0x88C7E830 ] TID: 3972
0x80562520 Faked ServiceTable-->spoolsv.exe [ ETHREAD 0x8964A308 ] TID: 3976
0x80562520 Faked ServiceTable-->spoolsv.exe [ ETHREAD 0x89DA5488 ] TID: 4000
0x80562520 Faked ServiceTable-->WLIDSVC.EXE [ ETHREAD 0x890DB7C0 ] TID: 4016
0x80562520 Faked ServiceTable-->ctfmon.exe [ ETHREAD 0x89623708 ] TID: 4020
0x80562520 Faked ServiceTable-->WLIDSVC.EXE [ ETHREAD 0x89163138 ] TID: 4028
0x80562520 Faked ServiceTable-->WLIDSVCM.EXE [ ETHREAD 0x884E7DA8 ] TID: 4048
0x80562520 Faked ServiceTable-->WLIDSVCM.EXE [ ETHREAD 0x89F80DA8 ] TID: 4052
0x80562520 Faked ServiceTable-->WLIDSVC.EXE [ ETHREAD 0x88E909E8 ] TID: 4056
0x80562520 Faked ServiceTable-->Sup_SmartRAM.exe [ ETHREAD 0x882D5DA8 ] TID: 4060
0x80562520 Faked ServiceTable-->lsass.exe [ ETHREAD 0x88C82020 ] TID: 4064
0x80562520 Faked ServiceTable-->WLIDSVCM.EXE [ ETHREAD 0x88EA3A78 ] TID: 4072
0x80562520 Faked ServiceTable-->WLIDSVCM.EXE [ ETHREAD 0x882576D8 ] TID: 4076
0x80562520 Faked ServiceTable-->spoolsv.exe [ ETHREAD 0x88C07820 ] TID: 4092
WARNING: Virus alike driver modification [ndistapi.sys]
WARNING: Virus alike driver modification [bthpan.sys]
WARNING: Virus alike driver modification [sffp_mmc.sys]
WARNING: Virus alike driver modification [hidusb.sys]
WARNING: Virus alike driver modification [pfc.sys]
WARNING: Virus alike driver modification [hsfdpsp2.sys]
WARNING: Virus alike driver modification [dxapi.sys]
WARNING: Virus alike driver modification [atinrvxx.sys]
WARNING: Virus alike driver modification [mup.sys]
WARNING: Virus alike driver modification [ndisip.sys]
WARNING: Virus alike driver modification [sffp_sd.sys]
WARNING: Virus alike driver modification [slip.sys]
WARNING: Virus alike driver modification [irenum.sys]
WARNING: Virus alike driver modification [wadv08nt.sys]
WARNING: Virus alike driver modification [imagesrv.sys]
WARNING: Virus alike driver modification [sfloppy.sys]
WARNING: Virus alike driver modification [srvkp.sys]
WARNING: Virus alike driver modification [ati1mdxx.sys]
WARNING: Virus alike driver modification [acpiec.sys]
WARNING: Virus alike driver modification [bdasup.sys]
WARNING: Virus alike driver modification [cpqdap01.sys]
WARNING: Virus alike driver modification [wadv07nt.sys]
WARNING: Virus alike driver modification [mdmxsdk.sys]
WARNING: Virus alike driver modification [wadv09nt.sys]
WARNING: Virus alike driver modification [sffdisk.sys]
WARNING: Virus alike driver modification [wadv11nt.sys]
WARNING: Virus alike driver modification [MaVc2K.sys]
WARNING: Virus alike driver modification [pcmcia.sys]
WARNING: Virus alike driver modification [nikedrv.sys]
WARNING: Virus alike driver modification [rio8drv.sys]
WARNING: Virus alike driver modification [riodrv.sys]
WARNING: Virus alike driver modification [ws2ifsl.sys]
WARNING: Virus alike driver modification [tdpipe.sys]
WARNING: Virus alike driver modification [AGRSM.sys]
WARNING: Virus alike driver modification [ati1pdxx.sys]
WARNING: Virus alike driver modification [fsvga.sys]
WARNING: Virus alike driver modification [usbvideo.sys]
WARNING: Virus alike driver modification [tunmp.sys]
WARNING: Virus alike driver modification [nwlnkflt.sys]
WARNING: Virus alike driver modification [ftdisk.sys]
WARNING: Virus alike driver modification [mtlmnt5.sys]
WARNING: Virus alike driver modification [mutohpen.sys]
WARNING: Virus alike driver modification [usb8023.sys]
WARNING: Virus alike driver modification [usb8023x.sys]
WARNING: Virus alike driver modification [slnt7554.sys]
WARNING: Virus alike driver modification [fltmgr.sys]
WARNING: Virus alike driver modification [Rtnicxp.sys]
WARNING: Virus alike driver modification [mtlstrm.sys]
WARNING: Virus alike driver modification [lvcm.sys]
WARNING: Virus alike driver modification [slwdmsup.sys]
WARNING: Virus alike driver modification [vtmini.sys]
WARNING: Virus alike driver modification [recagent.sys]
WARNING: Virus alike driver modification [atinmdxx.sys]
WARNING: Virus alike driver modification [atinttxx.sys]
WARNING: Virus alike driver modification [afd.sys]
WARNING: Virus alike driver modification [cbidf2k.sys]
WARNING: Virus alike driver modification [rdpwd.sys]
WARNING: Virus alike driver modification [ks.sys]
WARNING: Virus alike driver modification [diskdump.sys]
WARNING: Virus alike driver modification [wacompen.sys]
WARNING: Virus alike driver modification [Fasttx2k.sys]
WARNING: Virus alike driver modification [asyncmac.sys]
WARNING: Virus alike driver modification [atinpdxx.sys]
WARNING: Virus alike driver modification [fastfat.sys]
WARNING: Virus alike driver modification [usbport.sys]
WARNING: Virus alike driver modification [hdaudbus.sys]
WARNING: Virus alike driver modification [ndisuio.sys]
WARNING: Virus alike driver modification [smclib.sys]
WARNING: Virus alike driver modification [portcls.sys]
WARNING: Virus alike driver modification [tape.sys]
WARNING: Virus alike driver modification [usbscan.sys]
WARNING: Virus alike driver modification [mpe.sys]
WARNING: Virus alike driver modification [streamip.sys]
WARNING: Virus alike driver modification [ipnat.sys]
WARNING: Virus alike driver modification [dmio.sys]
WARNING: Virus alike driver modification [mssmbios.sys]
WARNING: Virus alike driver modification [serenum.sys]
WARNING: Virus alike driver modification [usbintel.sys]
WARNING: Virus alike driver modification [netbt.sys]
WARNING: Virus alike driver modification [raspti.sys]
WARNING: Virus alike driver modification [s3gnbm.sys]
WARNING: Virus alike driver modification [bthenum.sys]
WARNING: Virus alike driver modification [ccdecode.sys]
WARNING: Virus alike driver modification [usbohci.sys]
WARNING: Virus alike driver modification [pxhelp20.sys]
WARNING: Virus alike driver modification [kmixer.sys]
WARNING: Virus alike driver modification [rdbss.sys]
WARNING: Virus alike driver modification [ptilink.sys]
WARNING: Virus alike driver modification [ntmtlfax.sys]
WARNING: Virus alike driver modification [mrxdav.sys]
WARNING: Virus alike driver modification [ndis.sys]
WARNING: Virus alike driver modification [cdaudio.sys]
WARNING: Virus alike driver modification [acpi.sys]
WARNING: Virus alike driver modification [bthusb.sys]
WARNING: Virus alike driver modification [nv4_mini.sys]
WARNING: Virus alike driver modification [msfs.sys]
WARNING: Virus alike driver modification [tdi.sys]
WARNING: Virus alike driver modification [hidir.sys]
WARNING: Virus alike driver modification [wstcodec.sys]
WARNING: Virus alike driver modification [rdpdr.sys]
WARNING: Virus alike driver modification [partmgr.sys]
WARNING: Virus alike driver modification [rmcast.sys]
WARNING: Virus alike driver modification [flpydisk.sys]
WARNING: Virus alike driver modification [secdrv.sys]
WARNING: Virus alike driver modification [usbuhci.sys]
WARNING: Virus alike driver modification [ipinip.sys]
WARNING: Virus alike driver modification [rtl8139.sys]
WARNING: Virus alike driver modification [vga.sys]
WARNING: Virus alike driver modification [ati1ttxx.sys]
WARNING: Virus alike driver modification [tsbvcap.sys]
WARNING: Virus alike driver modification [lvsvf2.sys]
WARNING: Virus alike driver modification [tdtcp.sys]
WARNING: Virus alike driver modification [hsfbs2s2.sys]
WARNING: Virus alike driver modification [LVUSBSta.sys]
WARNING: Virus alike driver modification [watv06nt.sys]
WARNING: Virus alike driver modification [tcpip6.sys]
WARNING: Virus alike driver modification [usbsermpt.sys]
WARNING: Virus alike driver modification [mouclass.sys]
WARNING: Virus alike driver modification [PS2.sys]
WARNING: Virus alike driver modification [kbdclass.sys]
WARNING: Virus alike driver modification [hidparse.sys]
WARNING: Virus alike driver modification [pciidex.sys]
WARNING: Virus alike driver modification [MaVctrl.sys]
WARNING: Virus alike driver modification [sonydcam.sys]
WARNING: Virus alike driver modification [watv10nt.sys]
WARNING: Virus alike driver modification [incdrm.sys]
WARNING: Virus alike driver modification [hidbth.sys]
WARNING: Virus alike driver modification [usbcamd.sys]
WARNING: Virus alike driver modification [usbcamd2.sys]
WARNING: Virus alike driver modification [usbprint.sys]
WARNING: Virus alike driver modification [usbser.sys]
WARNING: Virus alike driver modification [cinemst2.sys]
WARNING: Virus alike driver modification [ati1snxx.sys]
WARNING: Virus alike driver modification [usbstor.sys]
WARNING: Virus alike driver modification [http.sys]
WARNING: Virus alike driver modification [GEARAspiWDM.sys]
WARNING: Virus alike driver modification [bthport.sys]
WARNING: Virus alike driver modification [fdc.sys]
WARNING: Virus alike driver modification [VIAAGP1.SYS]
WARNING: Virus alike driver modification [incdpass.sys]
WARNING: Virus alike driver modification [atinsnxx.sys]
WARNING: Virus alike driver modification [ati1xbxx.sys]
WARNING: Virus alike driver modification [modem.sys]
WARNING: Virus alike driver modification [usbehci.sys]
WARNING: Virus alike driver modification [rndismp.sys]
WARNING: Virus alike driver modification [rndismpx.sys]
WARNING: Virus alike driver modification [ati1raxx.sys]
WARNING: Virus alike driver modification [npfs.sys]
WARNING: Virus alike driver modification [atmepvc.sys]
WARNING: Virus alike driver modification [atinxbxx.sys]
WARNING: Virus alike driver modification [usbccgp.sys]
WARNING: Virus alike driver modification [nwlnkfwd.sys]
WARNING: Virus alike driver modification [ati2mtaa.sys]
WARNING: Virus alike driver modification [ipfltdrv.sys]
WARNING: Virus alike driver modification [rawwan.sys]
WARNING: Virus alike driver modification [wanarp.sys]
WARNING: Virus alike driver modification [netbios.sys]
WARNING: Virus alike driver modification [ati1xsxx.sys]
WARNING: Virus alike driver modification [msgpc.sys]
WARNING: Virus alike driver modification [atmuni.sys]
WARNING: Virus alike driver modification [processr.sys]
WARNING: Virus alike driver modification [tcpip.sys]
WARNING: Virus alike driver modification [disk.sys]
WARNING: Virus alike driver modification [intelppm.sys]
WARNING: Virus alike driver modification [ati1tuxx.sys]
WARNING: Virus alike driver modification [bthprint.sys]
WARNING: Virus alike driver modification [ip6fw.sys]
WARNING: Virus alike driver modification [crusoe.sys]
WARNING: Virus alike driver modification [hidclass.sys]
WARNING: Virus alike driver modification [SISAGPX.SYS]
WARNING: Virus alike driver modification [isapnp.sys]
WARNING: Virus alike driver modification [amdk6.sys]
WARNING: Virus alike driver modification [amdk7.sys]
WARNING: Virus alike driver modification [bthmodem.sys]
WARNING: Virus alike driver modification [update.sys]
WARNING: Virus alike driver modification [wpdusb.sys]
WARNING: Virus alike driver modification [ALCXSENS.SYS]
WARNING: Virus alike driver modification [nmnt.sys]
WARNING: Virus alike driver modification [slntamr.sys]
WARNING: Virus alike driver modification [ndproxy.sys]
WARNING: Virus alike driver modification [termdd.sys]
WARNING: Virus alike driver modification [P2k.sys]
WARNING: Virus alike driver modification [sisagp.sys]
WARNING: Virus alike driver modification [alcxwdm.sys]
WARNING: Virus alike driver modification [raspppoe.sys]
WARNING: Virus alike driver modification [imapi.sys]
WARNING: Virus alike driver modification [beep.sys]
WARNING: Virus alike driver modification [mnmdd.sys]
WARNING: Virus alike driver modification [rdpcdd.sys]
WARNING: Virus alike driver modification [viaagp.sys]
WARNING: Virus alike driver modification [agp440.sys]
WARNING: Virus alike driver modification [mountmgr.sys]
WARNING: Virus alike driver modification [alim1541.sys]
WARNING: Virus alike driver modification [p3.sys]
WARNING: Virus alike driver modification [amdagp.sys]
WARNING: Virus alike driver modification [sisgrp.sys]
WARNING: Virus alike driver modification [swenum.sys]
WARNING: Virus alike driver modification [wmilib.sys]
WARNING: Virus alike driver modification [CoachVc.sys]
WARNING: Virus alike driver modification [fips.sys]
WARNING: Virus alike driver modification [uagp35.sys]
WARNING: Virus alike driver modification [agpcpq.sys]
WARNING: Virus alike driver modification [mtxparhm.sys]
WARNING: Virus alike driver modification [mrxsmb.sys]
WARNING: Virus alike driver modification [gagp30kx.sys]
WARNING: Virus alike driver modification [CoachUsb.sys]
WARNING: Virus alike driver modification [R8139n51.sys]
WARNING: Virus alike driver modification [usbd.sys]
WARNING: Virus alike driver modification [raspptp.sys]
WARNING: Virus alike driver modification [mamotou.sys]
WARNING: Virus alike driver modification [stream.sys]
WARNING: Virus alike driver modification [mardpnp.sys]
WARNING: Virus alike driver modification [classpnp.sys]
WARNING: Virus alike driver modification [mardp2k.sys]
WARNING: Virus alike driver modification [mspqm.sys]
WARNING: Virus alike driver modification [msdv.sys]
WARNING: Virus alike driver modification [rasl2tp.sys]
WARNING: Virus alike driver modification [tosdvd.sys]
WARNING: Virus alike driver modification [usbu2a.sys]
WARNING: Virus alike driver modification [atinraxx.sys]
WARNING: Virus alike driver modification [volsnap.sys]
WARNING: Virus alike driver modification [i8042prt.sys]
WARNING: Virus alike driver modification [dmusic.sys]
WARNING: Virus alike driver modification [mspclock.sys]
WARNING: Virus alike driver modification [viaide.sys]
WARNING: Virus alike driver modification [intelide.sys]
WARNING: Virus alike driver modification [mstee.sys]
WARNING: Virus alike driver modification [atmlane.sys]
WARNING: Virus alike driver modification [nwlnkspx.sys]
WARNING: Virus alike driver modification [imagedrv.sys]
WARNING: Virus alike driver modification [motswch.sys]
WARNING: Virus alike driver modification [swmidi.sys]
WARNING: Virus alike driver modification [ati1btxx.sys]
WARNING: Virus alike driver modification [avgntflt.sys]
WARNING: Virus alike driver modification [ntfs.sys]
WARNING: Virus alike driver modification [redbook.sys]
WARNING: Virus alike driver modification [atinbtxx.sys]
WARNING: Virus alike driver modification [vdmindvd.sys]
WARNING: Virus alike driver modification [dmload.sys]
WARNING: Virus alike driver modification [rootmdm.sys]
WARNING: Virus alike driver modification [smbali.sys]
WARNING: Virus alike driver modification [rfcomm.sys]
WARNING: Virus alike driver modification [usbhub.sys]
WARNING: Virus alike driver modification [atmarpc.sys]
WARNING: Virus alike driver modification [usbaudio.sys]
WARNING: Virus alike driver modification [drmk.sys]
WARNING: Virus alike driver modification [arp1394.sys]
WARNING: Virus alike driver modification [sysaudio.sys]
WARNING: Virus alike driver modification [nic1394.sys]
WARNING: Virus alike driver modification [splitter.sys]
WARNING: Virus alike driver modification [cdrom.sys]
WARNING: Virus alike driver modification [nwlnknb.sys]
WARNING: Virus alike driver modification [atinxsxx.sys]
WARNING: Virus alike driver modification [ati1rvxx.sys]
WARNING: Virus alike driver modification [cdfs.sys]
WARNING: Virus alike driver modification [mf.sys]
WARNING: Virus alike driver modification [serial.sys]
WARNING: Virus alike driver modification [udfs.sys]
WARNING: Virus alike driver modification [parvdm.sys]
WARNING: Virus alike driver modification [pci.sys]
WARNING: Virus alike driver modification [hsfcxts2.sys]
WARNING: Virus alike driver modification [psched.sys]
WARNING: Virus alike driver modification [ati2mtag.sys]
WARNING: Virus alike driver modification [bridge.sys]
WARNING: Virus alike driver modification [atintuxx.sys]
WARNING: Virus alike driver modification [sr.sys]
WARNING: Virus alike driver modification [ipsec.sys]
WARNING: Virus alike driver modification [mskssrv.sys]
WARNING: Virus alike driver modification [mcd.sys]
WARNING: Virus alike driver modification [WudfPf.sys]
WARNING: Virus alike driver modification [sdbus.sys]
WARNING: Virus alike driver modification [fs_rec.sys]
WARNING: Virus alike driver modification [dmboot.sys]
WARNING: Virus alike driver modification [parport.sys]
WARNING: Virus alike driver modification [ialmnt5.sys]
WARNING: Virus alike driver modification [videoprt.sys]
WARNING: Virus alike driver modification [SYMEVENT.SYS]
WARNING: Virus alike driver modification [WudfRd.sys]
WARNING: Virus alike driver modification [wdmaud.sys]
WARNING: Virus alike driver modification [nabtsfec.sys]
WARNING: Virus alike driver modification [rasacd.sys]
WARNING: Virus alike driver modification [nwlnkipx.sys]
WARNING: Virus alike driver modification [incdfs.sys]
WARNING: Virus alike driver modification [ndiswan.sys]
WARNING: Virus alike driver modification [ksecdd.sys]
WARNING: Virus alike driver modification [incdrec.sys]
WARNING: Virus alike driver modification [slnthal.sys]
WARNING: Virus alike driver modification [scsiport.sys]
WARNING: Virus alike driver modification [atapi.sys]


#8 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:19 AM

Posted 17 October 2010 - 04:49 PM

Hi,

please run a scan with TDSSKiller next:
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.
  • Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.

    "%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt

  • If it says "Hidden service detected" DO NOT type anything in. Just press Enter on your keyboard to not do anything to the file.
  • When it is done, a log file should be created on your C: drive called "TDSSKiller.txt" please copy and paste the contents of that file here.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#9 lostkause

lostkause
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:19 PM

Posted 17 October 2010 - 04:58 PM

The Log you ask for...Thanks

2010/10/17 17:55:27.0500 TDSS rootkit removing tool 2.4.4.0 Oct 4 2010 09:06:59
2010/10/17 17:55:27.0500 ================================================================================
2010/10/17 17:55:27.0500 SystemInfo:
2010/10/17 17:55:27.0500
2010/10/17 17:55:27.0500 OS Version: 5.1.2600 ServicePack: 3.0
2010/10/17 17:55:27.0500 Product type: Workstation
2010/10/17 17:55:27.0500 ComputerName: YOUR-2S4KN5K0H3
2010/10/17 17:55:27.0500 UserName: Owner
2010/10/17 17:55:27.0500 Windows directory: C:\WINDOWS
2010/10/17 17:55:27.0500 System windows directory: C:\WINDOWS
2010/10/17 17:55:27.0500 Processor architecture: Intel x86
2010/10/17 17:55:27.0500 Number of processors: 1
2010/10/17 17:55:27.0500 Page size: 0x1000
2010/10/17 17:55:27.0500 Boot type: Normal boot
2010/10/17 17:55:27.0500 ================================================================================
2010/10/17 17:55:27.0781 Initialize success
2010/10/17 17:55:35.0062 ================================================================================
2010/10/17 17:55:35.0062 Scan started
2010/10/17 17:55:35.0062 Mode: Manual;
2010/10/17 17:55:35.0062 ================================================================================
2010/10/17 17:55:36.0015 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/10/17 17:55:36.0203 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/10/17 17:55:36.0562 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/10/17 17:55:36.0765 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2010/10/17 17:55:37.0078 AgereSoftModem (35c391e40471a0b479328fc7b1b5f40f) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
2010/10/17 17:55:37.0765 ALCXSENS (fbbcb95f677cbaa924140b6ea2d9a97b) C:\WINDOWS\system32\drivers\ALCXSENS.SYS
2010/10/17 17:55:38.0140 ALCXWDM (dd8520280304b6145a6be31008748c7c) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2010/10/17 17:55:39.0546 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/10/17 17:55:39.0734 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/10/17 17:55:40.0062 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/10/17 17:55:40.0265 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/10/17 17:55:40.0531 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/10/17 17:55:40.0921 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/10/17 17:55:41.0125 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2010/10/17 17:55:41.0421 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/10/17 17:55:41.0593 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/10/17 17:55:41.0781 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/10/17 17:55:42.0375 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys
2010/10/17 17:55:43.0078 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/10/17 17:55:43.0281 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2010/10/17 17:55:43.0531 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2010/10/17 17:55:43.0734 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/10/17 17:55:43.0937 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/10/17 17:55:44.0265 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/10/17 17:55:44.0515 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/10/17 17:55:44.0703 fasttx2k (1e580770bdece924494b368ac980749e) C:\WINDOWS\system32\DRIVERS\fasttx2k.sys
2010/10/17 17:55:44.0906 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/10/17 17:55:45.0093 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2010/10/17 17:55:45.0281 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/10/17 17:55:45.0484 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/10/17 17:55:45.0687 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/10/17 17:55:45.0906 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/10/17 17:55:46.0093 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2010/10/17 17:55:46.0328 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/10/17 17:55:46.0578 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/10/17 17:55:46.0906 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/10/17 17:55:47.0375 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/10/17 17:55:47.0609 ialm (44b7d5a4f2bd9fe21aea0bb0bace38c4) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2010/10/17 17:55:47.0921 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/10/17 17:55:48.0140 InCDfs (17c9b37058f9d15f2e1452026cf786a0) C:\WINDOWS\system32\drivers\InCDfs.sys
2010/10/17 17:55:48.0359 InCDPass (ee4e7dd592a96c9737e843a80322b30b) C:\WINDOWS\system32\DRIVERS\InCDPass.sys
2010/10/17 17:55:48.0562 InCDrec (963e6586da269fba565a9c2a7fcb7ed7) C:\WINDOWS\system32\drivers\InCDrec.sys
2010/10/17 17:55:48.0765 incdrm (c46e8cf2bf9688d5332dd14cf42acd61) C:\WINDOWS\system32\drivers\incdrm.sys
2010/10/17 17:55:49.0125 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2010/10/17 17:55:49.0328 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2010/10/17 17:55:49.0531 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/10/17 17:55:49.0687 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/10/17 17:55:49.0906 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/10/17 17:55:50.0125 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/10/17 17:55:50.0343 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/10/17 17:55:50.0546 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/10/17 17:55:50.0750 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/10/17 17:55:50.0968 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/10/17 17:55:51.0328 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/10/17 17:55:51.0500 KmxAgent (45ab8298ffb922fb36ba52f7dc956de4) C:\WINDOWS\system32\DRIVERS\kmxagent.sys
2010/10/17 17:55:51.0703 KmxAMRT (88c521675724bd9d9eced840112279ab) C:\WINDOWS\system32\DRIVERS\KmxAMRT.sys
2010/10/17 17:55:51.0921 KmxAMVet (041b29c8e3bed6e833ade367ecfa51f9) C:\WINDOWS\system32\Drivers\KmxAMVet.sys
2010/10/17 17:55:52.0234 KmxCF (8fb8170faf3c9aa585e976979d9c17df) C:\WINDOWS\system32\DRIVERS\KmxCF.sys
2010/10/17 17:55:52.0468 KmxCfg (0c14fc849eebb15ea4de6a62ccdd34e0) C:\WINDOWS\system32\DRIVERS\kmxcfg.sys
2010/10/17 17:55:52.0703 KmxFile (c69b4a3bc8d2c7b6398ad38aacff98c9) C:\WINDOWS\system32\DRIVERS\KmxFile.sys
2010/10/17 17:55:52.0906 KmxFw (db5fbf6efd78a1718cd040df23bd7d96) C:\WINDOWS\system32\DRIVERS\kmxfw.sys
2010/10/17 17:55:53.0125 KmxSbx (cb390a8aee3a142b1662f1115bc02394) C:\WINDOWS\system32\DRIVERS\KmxSbx.sys
2010/10/17 17:55:53.0343 KmxStart (9e0891eb24ff3e01a5802cc6e2219e98) C:\WINDOWS\system32\DRIVERS\kmxstart.sys
2010/10/17 17:55:53.0546 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/10/17 17:55:53.0921 LVUSBSta (c5efbd05a5195402121711a6ebbb271f) C:\WINDOWS\system32\drivers\lvusbsta.sys
2010/10/17 17:55:54.0125 mamotou (bc5dc4e94494d72acf20f4fa64ea44bf) C:\WINDOWS\system32\DRIVERS\mamotou.sys
2010/10/17 17:55:54.0296 MaVctrl (8181ceb341cbb2f7f893f85b915d5e15) C:\WINDOWS\system32\DRIVERS\MaVc2K.sys
2010/10/17 17:55:54.0515 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/10/17 17:55:54.0734 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2010/10/17 17:55:54.0937 MotoSwitchService (30a769086bb94c7c6af71c0d3fcad20d) C:\WINDOWS\system32\DRIVERS\motswch.sys
2010/10/17 17:55:55.0140 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/10/17 17:55:55.0359 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/10/17 17:55:55.0796 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/10/17 17:55:56.0000 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/10/17 17:55:56.0218 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/10/17 17:55:56.0421 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/10/17 17:55:56.0609 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/10/17 17:55:56.0812 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/10/17 17:55:57.0031 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/10/17 17:55:57.0234 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2010/10/17 17:55:57.0437 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/10/17 17:55:57.0765 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2010/10/17 17:55:58.0000 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/10/17 17:55:58.0187 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2010/10/17 17:55:58.0375 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/10/17 17:55:58.0578 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/10/17 17:55:58.0796 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/10/17 17:55:58.0984 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/10/17 17:55:59.0187 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/10/17 17:55:59.0390 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/10/17 17:55:59.0687 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/10/17 17:55:59.0906 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/10/17 17:56:00.0140 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/10/17 17:56:00.0437 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2010/10/17 17:56:00.0734 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/10/17 17:56:00.0921 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/10/17 17:56:01.0140 P2k (7f171cf250e10b0af2643b6c125520a9) C:\WINDOWS\system32\DRIVERS\P2k.sys
2010/10/17 17:56:01.0359 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/10/17 17:56:01.0562 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/10/17 17:56:01.0734 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/10/17 17:56:01.0953 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/10/17 17:56:02.0234 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/10/17 17:56:02.0437 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/10/17 17:56:03.0437 Pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys
2010/10/17 17:56:03.0687 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/10/17 17:56:03.0890 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2010/10/17 17:56:04.0093 Ps2 (9b793a1ffd480155fe9ee5261153f21b) C:\WINDOWS\system32\DRIVERS\PS2.sys
2010/10/17 17:56:04.0312 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/10/17 17:56:04.0531 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/10/17 17:56:04.0750 PxHelp20 (352cf968df88760fef225c3fbe7184a7) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
2010/10/17 17:56:05.0000 QCMerced (9a155d31b8e52f41b258282092cc93a7) C:\WINDOWS\system32\DRIVERS\LVCM.sys
2010/10/17 17:56:05.0890 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/10/17 17:56:06.0109 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/10/17 17:56:06.0312 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/10/17 17:56:06.0531 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/10/17 17:56:06.0750 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/10/17 17:56:06.0953 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/10/17 17:56:07.0156 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/10/17 17:56:07.0390 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/10/17 17:56:07.0671 RTL8023xp (cf84b1f0e8b14d4120aaf9cf35cbb265) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
2010/10/17 17:56:07.0921 rtl8139 (2ef9c0dc26b30b2318b1fc3faa1f0ae7) C:\WINDOWS\system32\DRIVERS\R8139n51.SYS
2010/10/17 17:56:08.0078 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2010/10/17 17:56:08.0140 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
2010/10/17 17:56:08.0343 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/10/17 17:56:08.0562 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/10/17 17:56:08.0765 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/10/17 17:56:09.0000 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/10/17 17:56:09.0343 SiS315 (94f6eea8a688a37f71bf9c9aeaa42666) C:\WINDOWS\system32\DRIVERS\sisgrp.sys
2010/10/17 17:56:09.0578 SISAGP (61ca562def09a782d26b3e7edec5369a) C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
2010/10/17 17:56:09.0781 SiSkp (837d26f79a1647066d75c5c811887475) C:\WINDOWS\system32\DRIVERS\srvkp.sys
2010/10/17 17:56:10.0000 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2010/10/17 17:56:10.0343 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/10/17 17:56:10.0562 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/10/17 17:56:10.0781 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/10/17 17:56:11.0015 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2010/10/17 17:56:11.0218 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/10/17 17:56:11.0421 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/10/17 17:56:12.0265 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/10/17 17:56:12.0500 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/10/17 17:56:12.0781 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/10/17 17:56:13.0125 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/10/17 17:56:13.0578 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/10/17 17:56:13.0984 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/10/17 17:56:14.0312 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/10/17 17:56:14.0578 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2010/10/17 17:56:14.0796 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/10/17 17:56:14.0984 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/10/17 17:56:15.0187 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/10/17 17:56:15.0375 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2010/10/17 17:56:15.0578 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/10/17 17:56:15.0765 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2010/10/17 17:56:15.0968 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\DRIVERS\usbser.sys
2010/10/17 17:56:16.0171 usbsermpt (caad3467fbfae8a380f67e9c7150a85e) C:\WINDOWS\system32\DRIVERS\usbsermpt.sys
2010/10/17 17:56:16.0375 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/10/17 17:56:16.0593 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/10/17 17:56:16.0796 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/10/17 17:56:17.0015 viaagp1 (4b039bbd037b01f5db5a144c837f283a) C:\WINDOWS\system32\DRIVERS\viaagp1.sys
2010/10/17 17:56:17.0203 viagfx (0cc705db634a3bc355887e3d478dd386) C:\WINDOWS\system32\DRIVERS\vtmini.sys
2010/10/17 17:56:17.0437 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2010/10/17 17:56:17.0640 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/10/17 17:56:17.0875 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/10/17 17:56:18.0218 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/10/17 17:56:18.0578 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2010/10/17 17:56:18.0781 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2010/10/17 17:56:18.0968 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2010/10/17 17:56:19.0171 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/10/17 17:56:19.0359 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/10/17 17:56:19.0609 ================================================================================
2010/10/17 17:56:19.0609 Scan finished
2010/10/17 17:56:19.0609 ================================================================================


#10 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:19 AM

Posted 18 October 2010 - 01:53 AM

Hi,

if you did a reformat and ran fixmbr there is not much that can be left over from the previous infection.

Let's remove what is left of the search bar:
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    CODE
    :otl
    FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
    FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search"
    FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=99&q="
    FF - prefs.js..browser.search.order.1: "Fast Browser Search"
    FF - prefs.js..browser.search.selectedEngine: "Fast Browser Search"
    FF - prefs.js..keyword.URL: "http://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=99&tid={70CCD33E-A4D0-2C89-8DB6-BDF2817AA545}&q="
    [2010/10/05 16:05:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions\{3a4336e3-ca32-44df-9d3e-46c65d58bb62}
    [2010/10/17 01:34:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
    O4 - HKU\S-1-5-21-1861399033-1312079479-937536695-1003..\Run: [capfupgrade] File not found
    O33 - MountPoints2\{2659ce04-324d-11dc-a1da-0011090fc19a}\Shell\1\Command - "" = .\RECYCLER\RECYCLER\autorun.exe
    O33 - MountPoints2\{2659ce04-324d-11dc-a1da-0011090fc19a}\Shell\2\Command - "" = .\RECYCLER\RECYCLER\autorun.exe
    :files
    C:\Windows\tasks\at*.job
  • Then click the Run Fix button at the top
  • Let the program run unhindered, when done it will say "Fix Complete press ok to open the log"
  • Please post that log in your next reply.

    Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process.
    If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
================================Follow up scan=================================
  • Double click on OTL to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open one notepad window. OTL.Txt a This is saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of this file and post it with your next reply.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#11 lostkause

lostkause
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:19 PM

Posted 18 October 2010 - 08:24 AM

I did not reformat in the way I call reformat.I only put the recovery CD for XP in and went to repair.
Then I did the mbrfix and bootfix.Unless you are referring to that as a reformat.Here are the next logs.THANKS

========== OTL ==========
Prefs.js: "Fast Browser Search" removed from browser.search.defaultenginename
Prefs.js: "Fast Browser Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=99&q=" removed from browser.search.defaulturl
Prefs.js: "Fast Browser Search" removed from browser.search.order.1
Prefs.js: "Fast Browser Search" removed from browser.search.selectedEngine
Prefs.js: "http://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=99&tid={70CCD33E-A4D0-2C89-8DB6-BDF2817AA545}&q=" removed from keyword.URL
Folder C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions\{3a4336e3-ca32-44df-9d3e-46c65d58bb62}\ not found.
Folder C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}\ not found.
Registry value HKEY_USERS\S-1-5-21-1861399033-1312079479-937536695-1003\Software\Microsoft\Windows\CurrentVersion\Run\\capfupgrade not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2659ce04-324d-11dc-a1da-0011090fc19a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2659ce04-324d-11dc-a1da-0011090fc19a}\ not found.
File .\RECYCLER\RECYCLER\autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2659ce04-324d-11dc-a1da-0011090fc19a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2659ce04-324d-11dc-a1da-0011090fc19a}\ not found.
File .\RECYCLER\RECYCLER\autorun.exe not found.
========== FILES ==========
File\Folder C:\Windows\tasks\at*.job not found.

OTL by OldTimer - Version 3.2.15.2 log created on 10182010_080512


Next log will be on second reply (File to big)

#12 lostkause

lostkause
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:19 PM

Posted 18 October 2010 - 08:26 AM

OTL logfile created on: 10/18/2010 8:34:39 AM - Run 2
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Documents and Settings\Owner\My Documents\Adams Folder
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 70.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): C:\pagefile.sys 372 744 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.44 Gb Total Space | 48.71 Gb Free Space | 69.16% Space Free | Partition Type: NTFS
Drive D: | 4.07 Gb Total Space | 0.79 Gb Free Space | 19.39% Space Free | Partition Type: FAT32

Computer Name: YOUR-2S4KN5K0H3 | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Owner\My Documents\Adams Folder\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
PRC - C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe (IObit)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe (Computer Associates International, Inc.)
PRC - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe (CA, Inc.)
PRC - C:\Program Files\CA\CA Internet Security Suite\ccEvtMgr.exe (CA, Inc.)
PRC - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe (Computer Associates International, Inc.)
PRC - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe (CA)
PRC - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe (CA)
PRC - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe (CA)
PRC - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe (CA)
PRC - C:\Program Files\LSI SoftModem\agrsmsvc.exe (Agere Systems)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Ahead\InCD\InCD.exe (Ahead Software AG)
PRC - C:\Program Files\Ahead\InCD\incdsrv.exe (AHEAD Software)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Owner\My Documents\Adams Folder\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01542859\LinkAdvisor\CIDLinkAdvisor.dll (CallingID Ltd.)
MOD - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-8.0.0.264\QOEHook.dll (CA)
MOD - C:\WINDOWS\system32\UmxSbxExw.dll (CA)
MOD - C:\WINDOWS\system32\UmxSbxw.dll (CA)
MOD - C:\WINDOWS\system32\msvcp60.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll (BillP Studios)


========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (ccSchedulerSVC) -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe (Computer Associates International, Inc.)
SRV - (CaCCProvSP) -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe (CA, Inc.)
SRV - (CAISafe) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe (Computer Associates International, Inc.)
SRV - (UmxAgent) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe (CA)
SRV - (UmxFwHlp) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe (CA)
SRV - (UmxPol) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe (CA)
SRV - (UmxCfg) -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe (CA)
SRV - (AgereModemAudio) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe (Agere Systems)
SRV - (InCDsrv) -- C:\Program Files\Ahead\InCD\incdsrv.exe (AHEAD Software)


========== Driver Services (SafeList) ==========

DRV - (SymEvent) -- C:\Program Files\Symantec\SYMEVENT.SYS File not found
DRV - (kl1) -- C:\WINDOWS\System32\DRIVERS\kl1.sys File not found
DRV - (cpuz132) -- C:\DOCUME~1\Owner\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (BDRsDrv) -- C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys File not found
DRV - (BDFsDrv) -- C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys File not found
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (KmxAMRT) -- C:\WINDOWS\system32\DRIVERS\KmxAMRT.sys (CA)
DRV - (KmxAgent) -- C:\WINDOWS\system32\drivers\KmxAgent.sys (CA)
DRV - (cpudrv) -- C:\Program Files\SystemRequirementsLab\cpudrv.sys ()
DRV - (KmxCfg) -- C:\WINDOWS\system32\drivers\KmxCfg.sys (CA)
DRV - (KmxSbx) -- C:\WINDOWS\system32\drivers\KmxSbx.sys (CA)
DRV - (KmxFile) -- C:\WINDOWS\system32\drivers\KmxFile.sys (CA)
DRV - (KmxCF) -- C:\WINDOWS\system32\drivers\KmxCF.sys (CA)
DRV - (KmxFw) -- C:\WINDOWS\system32\drivers\KmxFw.sys (CA)
DRV - (KmxStart) -- C:\WINDOWS\System32\DRIVERS\kmxstart.sys (CA)
DRV - (KmxAMVet) -- C:\WINDOWS\system32\drivers\KmxAMVet.sys (Computer Associates International, Inc.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (mamotou) -- C:\WINDOWS\system32\drivers\mamotou.sys (Mobile Action Technology Inc.)
DRV - (MaVctrl) -- C:\WINDOWS\system32\drivers\MaVc2K.sys (Mobile Action Technology Inc.)
DRV - (usbsermpt) -- C:\WINDOWS\system32\drivers\usbsermpt.sys (Microsoft Corporation)
DRV - (P2k) -- C:\WINDOWS\system32\drivers\P2k.sys (Motorola Inc)
DRV - (MotoSwitchService) -- C:\WINDOWS\system32\drivers\motswch.sys (Motorola INC.)
DRV - (QCMerced) -- C:\WINDOWS\system32\drivers\lvcm.sys ()
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (SiSkp) -- C:\WINDOWS\system32\drivers\srvkp.sys (Silicon Integrated Systems Corporation)
DRV - (SiS315) -- C:\WINDOWS\system32\drivers\sisgrp.sys (Silicon Integrated Systems Corporation)
DRV - (ALCXSENS) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura Ltd)
DRV - (InCDPass) -- C:\WINDOWS\system32\drivers\incdpass.sys (Ahead Software)
DRV - (InCDfs) -- C:\WINDOWS\System32\drivers\incdfs.sys (Ahead Software)
DRV - (fasttx2k) -- C:\WINDOWS\System32\DRIVERS\fasttx2k.sys (Promise Technology, Inc.)
DRV - (Pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (incdrm) -- C:\WINDOWS\System32\drivers\incdrm.sys (Ahead Software AG)
DRV - (SISAGP) -- C:\WINDOWS\System32\DRIVERS\SISAGPX.sys (Silicon Integrated Systems Corporation)
DRV - (viaagp1) -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\R8139n51.sys (Realtek Semiconductor Corporation )
DRV - (Ps2) -- C:\WINDOWS\system32\drivers\PS2.sys (Hewlett-Packard Company)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DE 2D B7 32 13 DF CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 01 98 3A 02 8F A6 CF 4C 8E 79 7E 7E 18 58 77 B0 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.48.3
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.3
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: {e4878b45-e2c0-4307-b6e8-734922f92f5b}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91
FF - prefs.js..extensions.enabledItems: {8b02914c-4e6b-4410-90e1-1a2b1b69b12d}:1.2.1.24
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.10
FF - prefs.js..network.proxy.no_proxies_on: "localhost"


FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/02 00:53:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/04/18 12:36:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010/04/18 13:07:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{e9259cba-e7ad-4f74-863f-ef9fe935394d}: C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01542859\Toolbar\Firefox [2010/10/06 18:18:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{8b02914c-4e6b-4410-90e1-1a2b1b69b12d}: C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01542859\LinkAdvisor\Firefox [2010/10/06 18:18:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\4.0.0417.0\Firefox
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/10/13 22:56:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/26 20:30:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/06 17:21:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{8b02914c-4e6b-4410-90e1-1a2b1b69b12d}: C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01542859\LinkAdvisor\Firefox [2010/10/06 18:18:53 | 000,000,000 | ---D | M]

[2009/04/08 22:44:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2008/12/06 13:45:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/04/08 22:44:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/10/18 08:19:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions
[2010/09/04 16:43:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2010/09/04 16:44:03 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/09/04 16:41:14 | 000,000,000 | ---D | M] (Free Radio TV Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions\{9dbb9aeb-5a16-4989-a66f-c0f1c909d647}
[2010/09/13 01:12:38 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/09/04 16:43:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2010/09/04 16:44:01 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010/10/06 17:57:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/09/13 01:12:37 | 000,000,000 | ---D | M] (Road Runner Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\extensions\{e4878b45-e2c0-4307-b6e8-734922f92f5b}
[2010/10/13 20:00:53 | 000,001,832 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\searchplugins\bing.xml
[2010/08/19 21:37:56 | 000,000,929 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\iw5n5xq2.default\searchplugins\conduit.xml
[2010/10/18 08:19:05 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/16 00:58:40 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/09/11 06:09:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/09/16 00:58:31 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010/09/16 00:58:31 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2008/06/18 02:43:04 | 000,086,016 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/09/16 00:58:35 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2007/03/22 19:23:30 | 000,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
[2010/09/22 18:10:52 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2010/04/18 12:36:36 | 000,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2010/09/24 22:25:40 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2010/09/24 22:25:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2010/09/24 22:25:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2010/09/24 22:25:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2010/09/24 22:25:42 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2010/09/24 22:25:42 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2010/09/24 22:25:42 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2010/04/18 12:37:10 | 000,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
[2010/04/18 12:36:15 | 000,098,304 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2009/05/22 21:28:48 | 000,221,184 | ---- | M] (CNN) -- C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
[2010/07/28 18:50:47 | 000,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2010/07/28 18:50:47 | 000,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2010/07/28 18:50:47 | 000,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2010/07/28 18:50:47 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2010/07/28 18:50:47 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010/07/28 18:50:47 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2010/07/28 18:50:47 | 000,001,096 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2010/10/04 15:19:52 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (7c887026) - {6D5E2DF5-CFC8-D565-5AF9-82E825CEA0F4} - Reg Error: Value error. File not found
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (CA Toolbar Helper) - {FBF2401B-7447-4727-BE5D-C19B2075CA84} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01542859\Toolbar\CallingIDIE.dll (CallingID Ltd.)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (CA Toolbar) - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01542859\Toolbar\CallingIDIE.dll (CallingID Ltd.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (CA Toolbar) - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01542859\Toolbar\CallingIDIE.dll (CallingID Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGRSMMSG] C:\WINDOWS\AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [AlcxMonitor] C:\WINDOWS\ALCXMNTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe (CA, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe (Ahead Software AG)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SmartRAM] C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe (IObit)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [TkBellExe] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O16 - DPF: {01010200-5E80-11D8-9E86-0007E96C65AE} http://supportcenter.rr.com/sdccommon/download/tgctlins.cab (SupportSoft Installer)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://supportcenter.rr.com/sdccommon/download/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/...9074.9135532407 (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\callingid {086D03BA-57AC-4C8E-A33D-0BAABF742411} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01542859\Toolbar\CallingIDToolbar.dll (CallingID Ltd.)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (CA)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {1869181A-9F50-4FCF-8BFF-1B8588ECB85C} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01542859\LinkAdvisor\CIDLinkAdvisor.dll (CallingID Ltd.)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/04/02 15:55:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 14:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2002/09/10 11:02:32 | 000,000,045 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{39afd58a-93e0-11db-a134-0011090fc19a}\Shell - "" = AutoRun
O33 - MountPoints2\{39afd58a-93e0-11db-a134-0011090fc19a}\Shell\1\Command - "" = C:\hp\bin\autorun.exe -- [1999/10/28 22:40:04 | 000,237,568 | ---- | M] (Hewlett-Packard Company)
O33 - MountPoints2\{39afd58a-93e0-11db-a134-0011090fc19a}\Shell\2\Command - "" = C:\hp\bin\autorun.exe -- [1999/10/28 22:40:04 | 000,237,568 | ---- | M] (Hewlett-Packard Company)
O33 - MountPoints2\{39afd58a-93e0-11db-a134-0011090fc19a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{81737ec2-a384-11db-a161-0011090fc19a}\Shell - "" = AutoRun
O33 - MountPoints2\{81737ec2-a384-11db-a161-0011090fc19a}\Shell\1\Command - "" = C:\hp\bin\autorun.exe -- [1999/10/28 22:40:04 | 000,237,568 | ---- | M] (Hewlett-Packard Company)
O33 - MountPoints2\{81737ec2-a384-11db-a161-0011090fc19a}\Shell\2\Command - "" = C:\hp\bin\autorun.exe -- [1999/10/28 22:40:04 | 000,237,568 | ---- | M] (Hewlett-Packard Company)
O33 - MountPoints2\{81737ec2-a384-11db-a161-0011090fc19a}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (SDEarlyDelete) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/10/17 20:14:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\isthere reason to believe in God,,,_files
[2010/10/17 17:54:34 | 001,325,656 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\TDSSKiller.exe
[2010/10/17 07:22:58 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2010/10/17 07:05:05 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/10/16 23:31:28 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2010/10/15 03:06:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\Bleeping Computers Logs
[2010/10/13 21:52:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\WinPatrol
[2010/10/13 21:51:50 | 000,000,000 | ---D | C] -- C:\Program Files\BillP Studios
[2010/10/12 23:57:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/10/12 23:17:38 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2010/10/12 23:17:37 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2010/10/12 23:17:35 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2010/10/12 23:17:28 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2010/10/12 23:17:27 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2010/10/12 23:17:25 | 000,019,455 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys
[2010/10/12 23:17:17 | 000,012,063 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys
[2010/10/12 23:17:14 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2010/10/12 23:16:34 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiacpi.sys
[2010/10/12 23:16:28 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2010/10/12 23:16:27 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2010/10/12 23:16:13 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2010/10/12 23:16:08 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2010/10/12 23:16:03 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys
[2010/10/12 23:16:01 | 000,023,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys
[2010/10/12 23:16:00 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2010/10/12 23:16:00 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys
[2010/10/12 23:15:54 | 000,033,599 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys
[2010/10/12 23:15:53 | 000,019,551 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys
[2010/10/12 23:15:51 | 000,029,311 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys
[2010/10/12 23:15:49 | 000,011,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys
[2010/10/12 23:15:47 | 000,012,127 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys
[2010/10/12 23:15:46 | 000,012,415 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys
[2010/10/12 23:15:44 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2010/10/12 23:15:43 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2010/10/12 23:15:43 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2010/10/12 23:15:41 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2010/10/12 23:15:39 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2010/10/12 23:15:37 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2010/10/12 23:15:35 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2010/10/12 23:15:34 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys
[2010/10/12 23:15:26 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2010/10/12 23:15:24 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2010/10/12 23:15:22 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2010/10/12 23:15:21 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2010/10/12 23:15:18 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2010/10/12 23:15:18 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2010/10/12 23:15:17 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2010/10/12 23:15:16 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2010/10/12 23:15:08 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2010/10/12 23:15:04 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll
[2010/10/12 23:15:04 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2010/10/12 23:15:04 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2010/10/12 23:15:03 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll
[2010/10/12 23:15:03 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2010/10/12 23:15:02 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2010/10/12 23:15:02 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2010/10/12 23:15:01 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2010/10/12 23:15:01 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2010/10/12 23:15:00 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2010/10/12 23:14:59 | 000,036,736 | ---- | C] (Promise Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ultra.sys
[2010/10/12 23:14:58 | 000,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys
[2010/10/12 23:14:54 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2010/10/12 23:14:54 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2010/10/12 23:14:53 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2010/10/12 23:14:53 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2010/10/12 23:14:52 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2010/10/12 23:14:52 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2010/10/12 23:14:50 | 000,042,496 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll
[2010/10/12 23:14:50 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys
[2010/10/12 23:14:49 | 000,082,944 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4mon.exe
[2010/10/12 23:14:48 | 000,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll
[2010/10/12 23:14:47 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\toside.sys
[2010/10/12 23:14:46 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys
[2010/10/12 23:14:46 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys
[2010/10/12 23:14:45 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys
[2010/10/12 23:14:44 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2010/10/12 23:14:42 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2010/10/12 23:14:42 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2010/10/12 23:14:40 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2010/10/12 23:14:38 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2010/10/12 23:14:38 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2010/10/12 23:14:35 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys
[2010/10/12 23:14:33 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2010/10/12 23:14:33 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2010/10/12 23:14:32 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2010/10/12 23:14:28 | 000,032,640 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\symc8xx.sys
[2010/10/12 23:14:27 | 000,030,688 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_u3.sys
[2010/10/12 23:14:27 | 000,016,256 | ---- | C] (Symbios Logic Inc.) -- C:\WINDOWS\System32\dllcache\symc810.sys
[2010/10/12 23:14:26 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2010/10/12 23:14:26 | 000,028,384 | ---- | C] (LSI Logic) -- C:\WINDOWS\System32\dllcache\sym_hi.sys
[2010/10/12 23:14:25 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2010/10/12 23:14:25 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2010/10/12 23:14:25 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2010/10/12 23:14:24 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2010/10/12 23:14:24 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2010/10/12 23:14:23 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2010/10/12 23:14:21 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2010/10/12 23:14:21 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2010/10/12 23:14:20 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2010/10/12 23:14:19 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2010/10/12 23:14:16 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2010/10/12 23:14:15 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2010/10/12 23:14:12 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2010/10/12 23:14:09 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2010/10/12 23:14:08 | 000,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2010/10/12 23:14:08 | 000,019,072 | ---- | C] (Adaptec, Inc.) -- C:\WINDOWS\System32\dllcache\sparrow.sys
[2010/10/12 23:14:07 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2010/10/12 23:14:06 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll
[2010/10/12 23:14:06 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys
[2010/10/12 23:14:05 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys
[2010/10/12 23:14:05 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2010/10/12 23:14:03 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys
[2010/10/12 23:14:02 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2010/10/12 23:13:55 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2010/10/12 23:13:54 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2010/10/12 23:13:53 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2010/10/12 23:13:53 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2010/10/12 23:13:52 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2010/10/12 23:13:52 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys
[2010/10/12 23:13:50 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys
[2010/10/12 23:13:49 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys
[2010/10/12 23:13:48 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll
[2010/10/12 23:13:47 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll
[2010/10/12 23:13:47 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll
[2010/10/12 23:13:45 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll
[2010/10/12 23:13:38 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2010/10/12 23:13:37 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2010/10/12 23:13:37 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2010/10/12 23:13:36 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll
[2010/10/12 23:13:35 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys
[2010/10/12 23:13:34 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2010/10/12 23:13:32 | 000,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll
[2010/10/12 23:13:32 | 000,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll
[2010/10/12 23:13:32 | 000,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys
[2010/10/12 23:13:31 | 000,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys
[2010/10/12 23:13:24 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2010/10/12 23:13:23 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2010/10/12 23:13:23 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2010/10/12 23:13:22 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2010/10/12 23:13:22 | 000,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys
[2010/10/12 23:13:19 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2010/10/12 23:13:18 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys
[2010/10/12 23:13:16 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys
[2010/10/12 23:13:15 | 000,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys
[2010/10/12 23:13:14 | 000,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys
[2010/10/12 23:13:12 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2010/10/12 23:13:12 | 000,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys
[2010/10/12 23:13:11 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2010/10/12 23:13:10 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2010/10/12 23:13:08 | 000,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll
[2010/10/12 23:13:08 | 000,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys
[2010/10/12 23:13:05 | 000,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll
[2010/10/12 23:13:05 | 000,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys
[2010/10/12 23:13:04 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2010/10/12 23:13:04 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2010/10/12 23:13:03 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2010/10/12 23:13:03 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2010/10/12 23:13:02 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2010/10/12 23:13:02 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2010/10/12 23:13:01 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2010/10/12 23:13:01 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2010/10/12 23:13:00 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2010/10/12 23:13:00 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2010/10/12 23:12:59 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2010/10/12 23:12:58 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2010/10/12 23:12:56 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2010/10/12 23:12:55 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2010/10/12 23:12:52 | 000,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys
[2010/10/12 23:12:52 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2010/10/12 23:12:49 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2010/10/12 23:12:48 | 000,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys
[2010/10/12 23:12:45 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2010/10/12 23:12:44 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2010/10/12 23:12:43 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2010/10/12 23:12:34 | 000,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys
[2010/10/12 23:12:32 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2010/10/12 23:12:31 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2010/10/12 23:12:31 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2010/10/12 23:12:30 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[2010/10/12 23:12:26 | 000,049,024 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1280.sys
[2010/10/12 23:12:26 | 000,045,312 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql12160.sys
[2010/10/12 23:12:26 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql1240.sys
[2010/10/12 23:12:25 | 000,040,320 | ---- | C] (QLogic Corporation) -- C:\WINDOWS\System32\dllcache\ql1080.sys
[2010/10/12 23:12:25 | 000,033,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ql10wnt.sys
[2010/10/12 23:12:23 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys
[2010/10/12 23:12:21 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2010/10/12 23:12:21 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2010/10/12 23:12:20 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2010/10/12 23:12:19 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll
[2010/10/12 23:12:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll
[2010/10/12 23:12:18 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll
[2010/10/12 23:12:17 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2010/10/12 23:12:13 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys
[2010/10/12 23:12:12 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys
[2010/10/12 23:12:11 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys
[2010/10/12 23:12:10 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys
[2010/10/12 23:12:06 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll
[2010/10/12 23:12:05 | 000,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys
[2010/10/12 23:12:04 | 000,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys
[2010/10/12 23:12:04 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys
[2010/10/12 23:12:04 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys
[2010/10/12 23:12:03 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax
[2010/10/12 23:12:03 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll
[2010/10/12 23:12:02 | 000,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll
[2010/10/12 23:12:00 | 000,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys
[2010/10/12 23:11:59 | 000,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll
[2010/10/12 23:11:58 | 000,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys
[2010/10/12 23:11:57 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2hib.sys
[2010/10/12 23:11:56 | 000,027,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perc2.sys
[2010/10/12 23:11:54 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2010/10/12 23:11:54 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2010/10/12 23:11:54 | 000,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys

#13 lostkause

lostkause
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:19 PM

Posted 18 October 2010 - 08:27 AM

[2010/10/12 23:11:53 | 000,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[2010/10/12 23:11:53 | 000,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys
[2010/10/12 23:11:52 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2010/10/12 23:11:50 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2010/10/12 23:11:49 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2010/10/12 23:11:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2010/10/12 23:11:46 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll
[2010/10/12 23:11:45 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll
[2010/10/12 23:11:45 | 000,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys
[2010/10/12 23:11:44 | 000,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys
[2010/10/12 23:11:44 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe
[2010/10/12 23:11:44 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll
[2010/10/12 23:11:43 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll
[2010/10/12 23:11:43 | 000,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys
[2010/10/12 23:11:42 | 000,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys
[2010/10/12 23:11:42 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys
[2010/10/12 23:11:41 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2010/10/12 23:11:41 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys
[2010/10/12 23:11:40 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2010/10/12 23:11:40 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2010/10/12 23:11:39 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2010/10/12 23:11:35 | 000,061,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ohci1394.sys
[2010/10/12 23:11:29 | 000,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys
[2010/10/12 23:11:29 | 000,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll
[2010/10/12 23:11:22 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2010/10/12 23:11:21 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys
[2010/10/12 23:11:20 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys
[2010/10/12 23:11:19 | 000,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys
[2010/10/12 23:11:16 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2010/10/12 23:11:16 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2010/10/12 23:11:14 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2010/10/12 23:11:13 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2010/10/12 23:11:10 | 000,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys
[2010/10/12 23:11:08 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2010/10/12 23:11:08 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2010/10/12 23:11:07 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys
[2010/10/12 23:11:03 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2010/10/12 23:11:02 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2010/10/12 23:11:02 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2010/10/12 23:11:01 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2010/10/12 23:11:01 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2010/10/12 23:11:00 | 000,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys
[2010/10/12 23:11:00 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2010/10/12 23:10:59 | 000,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys
[2010/10/12 23:10:58 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2010/10/12 23:10:58 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2010/10/12 23:10:57 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2010/10/12 23:10:57 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2010/10/12 23:10:56 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2010/10/12 23:10:55 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2010/10/12 23:10:44 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2010/10/12 23:10:41 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys
[2010/10/12 23:10:35 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmpu401.sys
[2010/10/12 23:10:32 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys
[2010/10/12 23:10:31 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2010/10/12 23:10:31 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2010/10/12 23:10:24 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys
[2010/10/12 23:10:23 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys
[2010/10/12 23:10:16 | 000,017,280 | ---- | C] (American Megatrends Inc.) -- C:\WINDOWS\System32\dllcache\mraid35x.sys
[2010/10/12 23:10:12 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2010/10/12 23:10:11 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys
[2010/10/12 23:10:06 | 000,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys
[2010/10/12 23:10:02 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys
[2010/10/12 23:10:02 | 000,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll
[2010/10/12 23:10:00 | 000,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys
[2010/10/12 23:09:59 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll
[2010/10/12 23:09:59 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys
[2010/10/12 23:09:58 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2010/10/12 23:09:55 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys
[2010/10/12 23:09:54 | 000,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys
[2010/10/12 23:09:53 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll
[2010/10/12 23:09:53 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll
[2010/10/12 23:09:52 | 000,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys
[2010/10/12 23:09:51 | 000,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys
[2010/10/12 23:09:50 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2010/10/12 23:09:49 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2010/10/12 23:09:48 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys
[2010/10/12 23:09:47 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2010/10/12 23:09:47 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2010/10/12 23:09:46 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2010/10/12 23:09:45 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2010/10/12 23:09:43 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys
[2010/10/12 23:09:40 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2010/10/12 23:09:40 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2010/10/12 23:09:39 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2010/10/12 23:09:38 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2010/10/12 23:09:37 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2010/10/12 23:09:36 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2010/10/12 23:09:35 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2010/10/12 23:09:33 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2010/10/12 23:09:32 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2010/10/12 23:09:30 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll
[2010/10/12 23:09:30 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll
[2010/10/12 23:09:14 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2010/10/12 23:09:01 | 000,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys
[2010/10/12 23:09:01 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2010/10/12 23:09:00 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll
[2010/10/12 23:08:59 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2010/10/12 23:08:59 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2010/10/12 23:08:58 | 000,088,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys
[2010/10/12 23:08:53 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2010/10/12 23:08:52 | 000,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll
[2010/10/12 23:08:52 | 000,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys
[2010/10/12 23:08:50 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ini910u.sys
[2010/10/12 23:08:50 | 000,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys
[2010/10/12 23:08:46 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2010/10/12 23:08:42 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2010/10/12 23:08:34 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2010/10/12 23:08:33 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys
[2010/10/12 23:08:33 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll
[2010/10/12 23:08:32 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2010/10/12 23:08:32 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll
[2010/10/12 23:08:31 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2010/10/12 23:08:31 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2010/10/12 23:08:30 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2010/10/12 23:08:30 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2010/10/12 23:08:29 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys
[2010/10/12 23:08:29 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2010/10/12 23:08:28 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys
[2010/10/12 23:08:28 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys
[2010/10/12 23:08:28 | 000,009,216 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[2010/10/12 23:08:25 | 000,702,845 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll
[2010/10/12 23:08:25 | 000,161,020 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys
[2010/10/12 23:08:24 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll
[2010/10/12 23:08:24 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys
[2010/10/12 23:08:23 | 000,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omp.sys
[2010/10/12 23:08:22 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\i2omgmt.sys
[2010/10/12 23:08:21 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2010/10/12 23:08:15 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2010/10/12 23:08:13 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys
[2010/10/12 23:08:13 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys
[2010/10/12 23:08:12 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys
[2010/10/12 23:08:12 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys
[2010/10/12 23:08:11 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys
[2010/10/12 23:08:11 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys
[2010/10/12 23:08:10 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys
[2010/10/12 23:08:10 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll
[2010/10/12 23:08:09 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys
[2010/10/12 23:08:09 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys
[2010/10/12 23:08:08 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys
[2010/10/12 23:08:08 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys
[2010/10/12 23:08:07 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys
[2010/10/12 23:08:06 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2010/10/12 23:08:06 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2010/10/12 23:08:05 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2010/10/12 23:08:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2010/10/12 23:08:04 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2010/10/12 23:08:04 | 000,025,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpn.sys
[2010/10/12 23:08:03 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2010/10/12 23:08:03 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2010/10/12 23:08:02 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2010/10/12 23:08:01 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2010/10/12 23:08:00 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2010/10/12 23:07:59 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2010/10/12 23:07:56 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2010/10/12 23:07:56 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2010/10/12 23:07:55 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2010/10/12 23:07:54 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2010/10/12 23:07:52 | 000,907,456 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys
[2010/10/12 23:07:51 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2010/10/12 23:07:49 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2010/10/12 23:07:48 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2010/10/12 23:07:48 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2010/10/12 23:07:45 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys
[2010/10/12 23:07:44 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys
[2010/10/12 23:07:44 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2010/10/12 23:07:43 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll
[2010/10/12 23:07:42 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll
[2010/10/12 23:07:42 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys
[2010/10/12 23:07:41 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2010/10/12 23:07:37 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2010/10/12 23:07:37 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2010/10/12 23:07:36 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2010/10/12 23:07:34 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2010/10/12 23:07:33 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2010/10/12 23:07:33 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2010/10/12 23:07:30 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2010/10/12 23:07:29 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2010/10/12 23:07:26 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2010/10/12 23:07:25 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys
[2010/10/12 23:07:23 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2010/10/12 23:07:23 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys
[2010/10/12 23:07:22 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2010/10/12 23:07:21 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2010/10/12 23:07:19 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys
[2010/10/12 23:07:19 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2010/10/12 23:07:16 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2010/10/12 23:07:15 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2010/10/12 23:07:14 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2010/10/12 23:07:13 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys
[2010/10/12 23:07:13 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2010/10/12 23:07:12 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2010/10/12 23:07:11 | 000,347,550 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2010/10/12 23:07:10 | 000,595,647 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2010/10/12 23:07:10 | 000,594,238 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys
[2010/10/12 23:07:09 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2010/10/12 23:07:09 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2010/10/12 23:07:09 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2010/10/12 23:07:08 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2010/10/12 23:07:07 | 000,061,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2010/10/12 23:07:07 | 000,051,200 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2010/10/12 23:07:06 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2010/10/12 23:07:06 | 000,053,248 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2010/10/12 23:07:05 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2010/10/12 23:07:05 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2010/10/12 23:07:04 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2010/10/12 23:07:04 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\enum1394.sys
[2010/10/12 23:07:03 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys
[2010/10/12 23:07:02 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2010/10/12 23:07:01 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2010/10/12 23:07:01 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2010/10/12 23:07:00 | 000,171,520 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2010/10/12 23:07:00 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2010/10/12 23:06:59 | 000,455,199 | ---- | C] (3Com Corporation.) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2010/10/12 23:06:59 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2010/10/12 23:06:58 | 000,241,206 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2010/10/12 23:06:58 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2010/10/12 23:06:57 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2010/10/12 23:06:56 | 000,634,134 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2010/10/12 23:06:56 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2010/10/12 23:06:55 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2010/10/12 23:06:54 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2010/10/12 23:06:54 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2010/10/12 23:06:53 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2010/10/12 23:06:53 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2010/10/12 23:06:51 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2010/10/12 23:06:50 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100b325.sys
[2010/10/12 23:06:50 | 000,050,719 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2010/10/12 23:06:44 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2010/10/12 23:06:43 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2010/10/12 23:06:41 | 000,020,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpti2o.sys
[2010/10/12 23:06:38 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2010/10/12 23:06:37 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2010/10/12 23:06:37 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2010/10/12 23:06:37 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2010/10/12 23:06:36 | 000,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys
[2010/10/12 23:06:30 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2010/10/12 23:06:30 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2010/10/12 23:06:29 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2010/10/12 23:06:29 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2010/10/12 23:06:27 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2010/10/12 23:06:26 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2010/10/12 23:06:26 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2010/10/12 23:06:25 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2010/10/12 23:06:23 | 000,614,429 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2010/10/12 23:06:23 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2010/10/12 23:06:22 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2010/10/12 23:06:22 | 000,042,432 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2010/10/12 23:06:22 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2010/10/12 23:06:21 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2010/10/12 23:06:21 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2010/10/12 23:06:20 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2010/10/12 23:06:20 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2010/10/12 23:06:19 | 000,103,044 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2010/10/12 23:06:19 | 000,090,525 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2010/10/12 23:06:18 | 000,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2010/10/12 23:06:18 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2010/10/12 23:06:18 | 000,037,735 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2010/10/12 23:06:15 | 000,419,357 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2010/10/12 23:06:15 | 000,029,531 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2010/10/12 23:06:14 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2010/10/12 23:06:13 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2010/10/12 23:06:12 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll
[2010/10/12 23:06:12 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe
[2010/10/12 23:06:11 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2010/10/12 23:06:10 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2010/10/12 23:06:09 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2010/10/12 23:06:08 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2010/10/12 23:06:08 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2010/10/12 23:06:08 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2010/10/12 23:06:07 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2010/10/12 23:06:05 | 000,179,584 | ---- | C] (Mylex Corporation) -- C:\WINDOWS\System32\dllcache\dac2w2k.sys
[2010/10/12 23:06:05 | 000,014,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dac960nt.sys
[2010/10/12 23:06:02 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2010/10/12 23:06:02 | 000,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2010/10/12 23:06:02 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2010/10/12 23:06:01 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2010/10/12 23:06:01 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2010/10/12 23:06:00 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2010/10/12 23:06:00 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2010/10/12 23:05:59 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2010/10/12 23:05:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2010/10/12 23:05:58 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2010/10/12 23:05:58 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2010/10/12 23:05:58 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2010/10/12 23:05:57 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2010/10/12 23:05:57 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2010/10/12 23:05:56 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2010/10/12 23:05:56 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2010/10/12 23:05:55 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll
[2010/10/12 23:05:54 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2010/10/12 23:05:54 | 000,096,256 | ---- | C] (Copyright © Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2010/10/12 23:05:53 | 000,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys
[2010/10/12 23:05:53 | 000,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2010/10/12 23:05:51 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll
[2010/10/12 23:05:51 | 000,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2010/10/12 23:05:50 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2010/10/12 23:05:49 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2010/10/12 23:05:49 | 000,021,533 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2010/10/12 23:05:48 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cpqarray.sys
[2010/10/12 23:05:44 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compbatt.sys
[2010/10/12 23:05:43 | 000,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2010/10/12 23:05:42 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2010/10/12 23:05:40 | 000,006,656 | ---- | C] (CMD Technology, Inc.) -- C:\WINDOWS\System32\dllcache\cmdide.sys
[2010/10/12 23:05:39 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2010/10/12 23:05:39 | 000,013,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmbatt.sys
[2010/10/12 23:05:37 | 000,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2010/10/12 23:05:37 | 000,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2010/10/12 23:05:36 | 000,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2010/10/12 23:05:36 | 000,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2010/10/12 23:05:35 | 000,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2010/10/12 23:05:34 | 000,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2010/10/12 23:05:33 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2010/10/12 23:05:32 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2010/10/12 23:05:31 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2010/10/12 23:05:29 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2010/10/12 23:05:27 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2010/10/12 23:05:26 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2010/10/12 23:05:26 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2010/10/12 23:05:26 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2010/10/12 23:05:25 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2010/10/12 23:05:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cd20xrnt.sys
[2010/10/12 23:05:22 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2010/10/12 23:05:22 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2010/10/12 23:05:21 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2010/10/12 23:05:21 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2010/10/12 23:05:20 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2010/10/12 23:05:19 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2010/10/12 23:05:18 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2010/10/12 23:05:17 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2010/10/12 23:05:17 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2010/10/12 23:05:16 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2010/10/12 23:05:16 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2010/10/12 23:05:15 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2010/10/12 23:05:15 | 000,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2010/10/12 23:05:15 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2010/10/12 23:05:14 | 000,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2010/10/12 23:04:49 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2010/10/12 23:04:47 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2010/10/12 23:04:47 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2010/10/12 23:04:46 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2010/10/12 23:04:46 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2010/10/12 23:04:45 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2010/10/12 23:04:45 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2010/10/12 23:04:44 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2010/10/12 23:04:42 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2010/10/12 23:04:41 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2010/10/12 23:04:40 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2010/10/12 23:04:40 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2010/10/12 23:04:39 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2010/10/12 23:04:39 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2010/10/12 23:04:38 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2010/10/12 23:04:37 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2010/10/12 23:04:37 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2010/10/12 23:04:36 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2010/10/12 23:04:36 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2010/10/12 23:04:35 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2010/10/12 23:04:33 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2010/10/12 23:04:32 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2010/10/12 23:04:32 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2010/10/12 23:04:31 | 000,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys
[2010/10/12 23:04:31 | 000,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys
[2010/10/12 23:04:29 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2010/10/12 23:04:29 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\battc.sys
[2010/10/12 23:04:28 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2010/10/12 23:04:27 | 000,096,640 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys
[2010/10/12 23:04:27 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2010/10/12 23:04:27 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2010/10/12 23:04:26 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2010/10/12 23:04:25 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2010/10/12 23:04:25 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2010/10/12 23:04:23 | 000,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2010/10/12 23:04:23 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2010/10/12 23:04:22 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2010/10/12 23:04:14 | 000,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll
[2010/10/12 23:04:14 | 000,070,528 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys
[2010/10/12 23:04:11 | 000,281,600 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys
[2010/10/12 23:04:11 | 000,075,136 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys
[2010/10/12 23:04:10 | 000,289,664 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys
[2010/10/12 23:04:10 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2010/10/12 23:04:09 | 000,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll
[2010/10/12 23:04:09 | 000,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll
[2010/10/12 23:04:08 | 000,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll
[2010/10/12 23:04:04 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2010/10/12 23:04:03 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2010/10/12 23:04:03 | 000,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2010/10/12 23:04:02 | 000,014,848 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc3550.sys
[2010/10/12 23:04:01 | 000,026,496 | ---- | C] (Advanced System Products, Inc.) -- C:\WINDOWS\System32\dllcache\asc.sys
[2010/10/12 23:04:01 | 000,022,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asc3350p.sys
[2010/10/12 23:03:59 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2010/10/12 23:03:58 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2010/10/12 23:03:58 | 000,012,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\amsint.sys
[2010/10/12 23:03:57 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2010/10/12 23:03:56 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys
[2010/10/12 23:03:56 | 000,005,248 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\aliide.sys
[2010/10/12 23:03:55 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys
[2010/10/12 23:03:54 | 000,056,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78xx.sys
[2010/10/12 23:03:54 | 000,055,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aic78u2.sys
[2010/10/12 23:03:53 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aha154x.sys
[2010/10/12 23:03:46 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2010/10/12 23:03:43 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adpu160m.sys
[2010/10/12 23:03:42 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2010/10/12 23:03:42 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2010/10/12 23:03:41 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2010/10/12 23:03:41 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2010/10/12 23:03:40 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2010/10/12 23:03:40 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2010/10/12 23:03:39 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2010/10/12 23:03:38 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2010/10/12 23:03:37 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2010/10/12 23:03:36 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2010/10/12 23:03:36 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2010/10/12 23:03:35 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2010/10/12 23:03:35 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\abp480n5.sys
[2010/10/12 23:03:34 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2010/10/12 23:03:33 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2010/10/12 23:03:33 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2010/10/12 23:03:32 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2010/10/12 23:03:32 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2010/10/12 23:03:31 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2010/10/12 23:03:31 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2010/10/12 23:03:30 | 000,053,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394bus.sys
[2010/10/12 23:03:30 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2010/10/12 23:03:05 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2010/10/09 13:20:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
[2010/10/09 13:20:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/10/09 13:20:16 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/10/07 20:37:14 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/10/07 20:37:09 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/10/06 18:18:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\CallingID
[2010/10/06 18:18:40 | 000,000,000 | ---D | C] -- C:\Program Files\ISSThirdParty
[2010/10/06 18:18:08 | 000,201,968 | ---- | C] (CA, Inc.) -- C:\WINDOWS\System32\Isafprod.dll
[2010/10/06 18:18:08 | 000,128,240 | ---- | C] (Computer Associates International, Inc.) -- C:\WINDOWS\System32\Isafeif.dll
[2010/10/06 18:18:08 | 000,095,472 | ---- | C] (Computer Associates International, Inc.) -- C:\WINDOWS\System32\Vetredir.dll
[2010/10/06 18:11:45 | 000,000,000 | ---D | C] -- C:\Program Files\CleanUp!
[2010/10/06 18:03:29 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Installer Clean Up
[2010/10/06 18:00:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/10/06 03:49:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/06 03:04:46 | 000,000,000 | ---D | C] -- C:\56c555895b0a84483b61a2eb84dc4f
[2010/10/05 17:47:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/10/05 16:36:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Downloads
[2010/10/05 16:06:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/10/05 16:05:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1053378324
[2010/10/05 16:05:39 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/10/04 16:33:37 | 000,000,000 | ---D | C] -- C:\RECYCLER(2)
[2010/10/04 14:39:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/10/04 13:37:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8(2)
[2010/10/04 10:27:42 | 000,272,888 | ---- | C] (CA) -- C:\WINDOWS\System32\UmxSbxw.dll
[2010/10/04 10:27:42 | 000,113,144 | ---- | C] (CA) -- C:\WINDOWS\System32\UmxSbxExw.dll
[2010/10/04 07:57:31 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/10/04 06:20:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2010/10/03 22:26:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware(2)
[2010/10/03 19:01:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/10/03 15:43:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010/10/01 09:34:34 | 000,000,000 | ---D | C] -- C:\Program Files\CA
[2010/10/01 09:07:14 | 001,445,888 | ---- | C] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Owner\DesktopWinsockxpFix.exe
[2010/10/01 09:07:12 | 000,186,368 | ---- | C] (CEXX.ORG) -- C:\Documents and Settings\Owner\DesktopLSPFix.exe
[2010/10/01 09:07:12 | 000,036,864 | ---- | C] (Rock Systems & Development) -- C:\Documents and Settings\Owner\DesktopSafeMSI.exe
[2010/10/01 09:04:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winsflte.dl1
[2010/10/01 09:04:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winsflt.dl1
[2010/10/01 08:58:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge

========== Files - Modified Within 30 Days ==========

[2010/10/18 08:34:01 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/18 08:33:32 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1861399033-1312079479-937536695-1003.job
[2010/10/18 08:33:31 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1861399033-1312079479-937536695-1003.job
[2010/10/18 08:26:36 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/18 08:26:32 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/18 08:26:18 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-18.job
[2010/10/18 08:26:16 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1861399033-1312079479-937536695-500.job
[2010/10/18 08:26:12 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/10/18 08:25:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/18 08:25:42 | 1601,753,088 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/18 08:24:58 | 000,971,356 | ---- | M] () -- C:\WINDOWS\System32\drivers\KmxAgent.asc
[2010/10/18 08:24:58 | 000,897,881 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k1
[2010/10/18 08:24:58 | 000,010,433 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k0
[2010/10/18 08:24:58 | 000,000,289 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k2
[2010/10/18 08:24:58 | 000,000,277 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k2
[2010/10/18 08:24:58 | 000,000,277 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k1
[2010/10/18 08:24:58 | 000,000,277 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k0
[2010/10/18 08:24:58 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k7
[2010/10/18 08:24:58 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k6
[2010/10/18 08:24:58 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k5
[2010/10/18 08:24:58 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k4
[2010/10/18 08:24:58 | 000,000,081 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k3
[2010/10/18 08:24:58 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k7
[2010/10/18 08:24:58 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k6
[2010/10/18 08:24:58 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k5
[2010/10/18 08:24:58 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k4
[2010/10/18 08:24:58 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k3
[2010/10/17 20:14:33 | 000,040,277 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\isthere reason to believe in God,,,.htm
[2010/10/17 17:53:40 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\mainhst.zgh
[2010/10/17 15:17:22 | 000,000,589 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2010/10/17 00:12:02 | 000,313,176 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/15 22:24:46 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/10/15 22:10:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/10/14 19:47:39 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Owner\defogger_reenable
[2010/10/13 23:07:39 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/10/11 09:48:00 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1861399033-1312079479-937536695-500.job
[2010/10/11 08:38:37 | 000,000,384 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2010/10/10 22:02:28 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/10/10 13:11:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-18.job
[2010/10/07 20:37:19 | 000,000,704 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/07 19:50:57 | 000,001,588 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\LimeWire 5.5.16.lnk
[2010/10/07 17:46:00 | 000,000,249 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2010/10/05 17:12:10 | 000,475,506 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/05 17:12:10 | 000,084,944 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/04 15:19:52 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/10/04 09:08:00 | 001,325,656 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\TDSSKiller.exe
[2010/10/04 07:10:26 | 000,001,600 | ---- | M] () -- C:\WINDOWS\System32\.crusader
[2010/10/01 09:07:14 | 001,445,888 | ---- | M] (Option^Explicit Software Solutions) -- C:\Documents and Settings\Owner\DesktopWinsockxpFix.exe
[2010/10/01 09:07:12 | 000,186,368 | ---- | M] (CEXX.ORG) -- C:\Documents and Settings\Owner\DesktopLSPFix.exe
[2010/10/01 09:07:12 | 000,036,864 | ---- | M] (Rock Systems & Development) -- C:\Documents and Settings\Owner\DesktopSafeMSI.exe
[2010/10/01 09:03:17 | 000,000,227 | ---- | M] () -- C:\WINDOWS\SYSTEM.UNV
[2010/09/30 11:21:33 | 000,000,007 | ---- | M] () -- C:\WINDOWS\System32\mkghj.dll
[2010/09/18 12:23:26 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc42u.dll
[2010/09/18 12:23:26 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42u.dll

========== Files Created - No Company Name ==========

[2010/10/17 20:14:30 | 000,040,277 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\isthere reason to believe in God,,,.htm
[2010/10/17 02:44:37 | 1601,753,088 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/15 22:24:46 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/10/14 19:47:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Owner\defogger_reenable
[2010/10/12 23:17:36 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2010/10/12 23:17:35 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2010/10/12 23:09:33 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010/10/12 23:08:41 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010/10/12 23:08:03 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2010/10/12 23:08:02 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2010/10/12 23:08:01 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2010/10/12 23:08:00 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2010/10/12 23:07:59 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2010/10/12 23:07:51 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010/10/12 23:06:28 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2010/10/12 23:06:28 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2010/10/12 23:06:27 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2010/10/12 23:04:18 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2010/10/12 23:04:18 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2010/10/12 23:04:17 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2010/10/12 23:04:17 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2010/10/12 23:04:16 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2010/10/12 23:04:16 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2010/10/12 23:04:15 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2010/10/12 23:04:15 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2010/10/12 23:04:13 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2010/10/12 23:04:08 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2010/10/11 08:38:36 | 000,000,384 | ---- | C] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2010/10/07 20:37:19 | 000,000,704 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/07 19:50:57 | 000,001,588 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\LimeWire 5.5.16.lnk
[2010/10/06 18:22:39 | 000,897,881 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k1
[2010/10/06 18:22:39 | 000,010,433 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k0
[2010/10/06 18:22:39 | 000,000,289 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k2
[2010/10/06 18:22:39 | 000,000,277 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k2
[2010/10/06 18:22:39 | 000,000,277 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k1
[2010/10/06 18:22:39 | 000,000,277 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k0
[2010/10/06 18:22:39 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k7
[2010/10/06 18:22:39 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k6
[2010/10/06 18:22:39 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k5
[2010/10/06 18:22:39 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k4
[2010/10/06 18:22:39 | 000,000,081 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k3
[2010/10/06 18:22:39 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k7
[2010/10/06 18:22:39 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k6
[2010/10/06 18:22:39 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k5
[2010/10/06 18:22:39 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k4
[2010/10/06 18:22:39 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k3
[2010/10/06 06:30:45 | 000,000,195 | ---- | C] () -- C:\Documents and Settings\Owner\mbr.log
[2010/10/04 15:29:27 | 000,000,868 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/10/04 09:48:51 | 000,000,302 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1861399033-1312079479-937536695-500.job
[2010/10/04 09:48:51 | 000,000,294 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1861399033-1312079479-937536695-500.job
[2010/10/04 07:10:26 | 000,001,600 | ---- | C] () -- C:\WINDOWS\System32\.crusader
[2010/10/01 21:03:51 | 000,971,356 | ---- | C] () -- C:\WINDOWS\System32\drivers\KmxAgent.asc
[2010/09/30 11:21:33 | 000,000,007 | ---- | C] () -- C:\WINDOWS\System32\mkghj.dll
[2010/09/08 00:46:56 | 000,000,917 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\mainhst.zgh
[2009/06/23 05:59:19 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009/06/23 05:49:06 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009/05/10 19:03:59 | 000,005,077 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\vjgbkfiu.iik
[2008/08/04 08:57:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2008/07/22 12:14:03 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ZipDll.dll
[2008/07/22 12:14:03 | 000,115,712 | ---- | C] () -- C:\WINDOWS\System32\UnzDll.dll
[2008/07/22 12:14:03 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\UNRAR.DLL
[2008/04/19 09:17:11 | 000,000,110 | ---- | C] () -- C:\WINDOWS\System32\SDEarlyDelete.ini
[2007/11/25 18:23:51 | 000,000,070 | ---- | C] () -- C:\WINDOWS\mmpoly.ini
[2007/11/25 16:20:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MessageExe.INI
[2007/11/25 16:14:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PhoneBkExe.INI
[2007/11/25 16:10:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PanelExe.INI
[2007/11/24 21:29:48 | 000,000,019 | ---- | C] () -- C:\WINDOWS\info9.ini
[2007/11/24 21:29:48 | 000,000,019 | ---- | C] () -- C:\WINDOWS\info7.ini
[2007/11/24 21:29:48 | 000,000,019 | ---- | C] () -- C:\WINDOWS\info3.ini
[2007/06/15 19:09:15 | 000,001,152 | ---- | C] () -- C:\WINDOWS\System32\windrv.sys
[2007/06/15 18:52:09 | 000,003,694 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Svclog.log
[2007/06/12 19:42:59 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/01/14 05:39:59 | 000,000,060 | ---- | C] () -- C:\WINDOWS\System32\AURTDIONOCVE.DLL
[2007/01/14 03:41:07 | 000,000,086 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/01/14 01:25:44 | 000,000,037 | ---- | C] () -- C:\WINDOWS\System32\sysmwwod.dll
[2007/01/14 01:14:09 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2006/12/24 11:14:42 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini
[2006/12/24 11:14:26 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\mshrml.ini
[2006/12/24 11:12:41 | 000,001,184 | ---- | C] () -- C:\WINDOWS\System32\imbrmute.ini
[2006/12/22 22:32:22 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBMLCNP.DLL
[2006/12/22 22:32:22 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbmvs.dll
[2006/12/22 22:31:39 | 000,000,187 | ---- | C] () -- C:\WINDOWS\System32\lxbmcoin.ini
[2006/12/22 19:19:12 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/12/22 19:19:12 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/12/22 19:19:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/12/22 19:19:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/12/22 19:19:12 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/12/22 19:19:12 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/11/06 18:09:03 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll
[2006/11/06 18:09:02 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll
[2006/08/12 13:19:03 | 000,000,067 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\photoshow_deluxe_setup[1].txt
[2006/07/01 23:45:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pestpatrol5.INI
[2006/06/13 19:08:04 | 000,000,391 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2006/01/23 01:23:33 | 000,000,100 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/03/03 20:39:42 | 000,009,255 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2005/03/03 20:39:40 | 001,317,152 | ---- | C] () -- C:\WINDOWS\System32\drivers\lvcm.sys
[2004/11/10 21:45:34 | 000,000,110 | ---- | C] () -- C:\WINDOWS\winhelp.ini
[2004/11/10 21:31:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2004/11/09 20:08:06 | 024,096,506 | ---- | C] () -- C:\Program Files\filesys.dat
[2004/10/25 21:06:59 | 000,000,098 | ---- | C] () -- C:\WINDOWS\7thlevel.ini
[2004/10/23 16:31:10 | 000,000,179 | ---- | C] () -- C:\WINDOWS\speakit.ini
[2004/10/13 20:38:24 | 000,000,205 | ---- | C] () -- C:\Program Files\install_wizard.log
[2004/10/13 19:30:41 | 000,009,982 | ---- | C] () -- C:\Program Files\install_status.log
[2004/10/01 15:18:54 | 000,000,235 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\devices.xml
[2004/10/01 15:18:54 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\settings.xml
[2004/09/22 17:00:15 | 000,001,628 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/09/22 16:59:05 | 000,000,045 | ---- | C] () -- C:\WINDOWS\FEGHMMN.ini
[2004/09/14 14:12:12 | 000,000,067 | ---- | C] () -- C:\WINDOWS\AVIConverter.INI
[2004/09/12 13:23:07 | 000,000,190 | ---- | C] () -- C:\WINDOWS\KA.INI
[2004/09/02 16:02:51 | 000,000,067 | ---- | C] () -- C:\WINDOWS\Smart DVD Ripper.INI
[2004/09/02 15:54:53 | 000,000,040 | ---- | C] () -- C:\WINDOWS\xdvdripper.ini
[2004/08/26 22:43:10 | 000,000,067 | ---- | C] () -- C:\WINDOWS\#1 DVD Ripper.INI
[2004/07/26 21:33:09 | 000,211,968 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/07/25 19:56:20 | 000,000,589 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2004/07/18 16:18:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSREGUSR.INI
[2004/07/18 14:44:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2004/04/03 02:35:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2004/04/03 02:35:48 | 000,000,451 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2004/04/02 22:57:39 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/04/02 19:08:49 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2004/04/02 19:08:20 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/04/02 19:08:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2004/04/02 19:06:34 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2004/04/02 19:03:06 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\PCDrJNI_1_1.dll
[2004/04/02 18:47:59 | 000,027,754 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2004/04/02 18:47:19 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2004/04/02 18:31:02 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/04/02 18:22:10 | 000,000,915 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2004/04/02 17:40:20 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/04/02 17:04:42 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/04/02 16:54:44 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2004/04/02 16:54:44 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2004/04/02 16:54:16 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2004/04/02 15:59:40 | 000,000,802 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/04/02 14:42:06 | 000,000,553 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/04/02 07:46:51 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2000/10/08 08:05:04 | 000,002,752 | ---- | C] () -- C:\Program Files\CLASS.NFO
[2000/10/08 08:04:48 | 000,000,335 | ---- | C] () -- C:\Program Files\FILE_ID.DIZ
[2000/10/08 08:02:44 | 001,274,407 | ---- | C] () -- C:\Program Files\CLS-BZLY.C24
[2000/10/08 08:02:42 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C23
[2000/10/08 08:02:32 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C22
[2000/10/08 08:02:12 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C21
[2000/10/08 08:01:44 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C20
[2000/10/08 08:01:08 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C19
[2000/10/08 08:00:34 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C18
[2000/10/08 07:59:54 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C17
[2000/10/08 07:59:28 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C16
[2000/10/08 07:59:20 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C15
[2000/10/08 07:59:12 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C14
[2000/10/08 07:59:06 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C13
[2000/10/08 07:59:00 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C12
[2000/10/08 07:58:54 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C11
[2000/10/08 07:58:48 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C10
[2000/10/08 07:58:44 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C09
[2000/10/08 07:58:38 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C08
[2000/10/08 07:58:30 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C07
[2000/10/08 07:58:24 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C06
[2000/10/08 07:58:20 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C05
[2000/10/08 07:58:14 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C04
[2000/10/08 07:58:08 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C03
[2000/10/08 07:58:00 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C02
[2000/10/08 07:57:54 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C01
[2000/10/08 07:57:48 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.C00
[2000/10/08 07:57:40 | 002,912,968 | ---- | C] () -- C:\Program Files\CLS-BZLY.ACE
[2000/10/08 02:50:24 | 000,653,471 | ---- | C] () -- C:\Program Files\INSTALL.EXE
[2000/10/07 13:50:02 | 000,003,237 | ---- | C] () -- C:\Program Files\dropzone.nfo
[2000/10/05 00:56:30 | 000,000,897 | ---- | C] () -- C:\Program Files\firesite.nfo
[1999/06/03 23:48:22 | 000,007,496 | ---- | C] () -- C:\Program Files\devotion.nfo
[1999/04/24 19:26:46 | 000,001,317 | ---- | C] () -- C:\Program Files\EchoBase.nfo
[1999/01/22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5F1019FF
@Alternate Data Stream - 106 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CAAA7DD7

< End of report >


#14 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:19 AM

Posted 20 October 2010 - 08:01 AM

Hi,

no, reinstall and reformat is not the same. However in this case the MBR fix is the most important part as the infection is based there. The previous logs showed that it was gone.
The current log is looking good as well. Please run a check with Kaspersky to look for leftovers:
Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#15 lostkause

lostkause
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:19 PM

Posted 20 October 2010 - 11:43 AM

I used kasperskp online scanner 7.0 last week and it worked fine.
Today cannot get it to start in either browser. (Firefox / IE8 )
Java platform error. I am loged in as admin. (WEIRD)
Got my AV disabled.
Any way just wanted to check with you first on what to use next.
I am thinking Eset. ( Your Thoughts )

Edited by lostkause, 20 October 2010 - 11:44 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users