Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer possibly infected


  • This topic is locked This topic is locked
22 replies to this topic

#1 ijones32

ijones32

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 03 January 2011 - 07:02 PM

Hi, my computer is constantly freezing and acting sluggish under various circumstances. Using internet browsers seems to give the most trouble but doing almost any operation makes the computer extremely slow and liable to freeze. As I write this message I have to wait for the computer to catch up with my typing. I have completed all the preliminary cleanup operations suggested by this site and still no improvement on performance.


DDS (Ver_10-12-12.02) - NTFSx86
Run by Cate at 17:18:30.54 on Mon 01/03/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.894.416 [GMT -5:00]

AV: Norton Internet Security 2006 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Worm Protection *Disabled*
FW: Norton Internet Security 2006 *Enabled*

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dldtcoms.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msfeedssync.exe
C:\Documents and Settings\Cate\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.facebook.com/
uSearch Page = hxxp://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
uSearch Bar = hxxp://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3070815
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3070815
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: CNisExtBho Class: {9ecb9560-04f9-4bbc-943d-298ddf1699e1} - c:\program files\common files\symantec shared\adblocking\NISShExt.dll
BHO: CNavExtBho Class: {a8f38d8d-e480-4d52-b7a2-731bb6995fdd} - c:\program files\norton internet security\norton antivirus\NavShExt.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: {c2a1c5cb-c0ef-4689-9436-f62cca1c5383} - c:\program files\video add-on\isfmdl.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Norton Internet Security 2006: {0b53eac3-8d69-4b9e-9b19-a37c9a5676a7} - c:\program files\common files\symantec shared\adblocking\NISShExt.dll
TB: Norton AntiVirus: {c4069e3a-68f1-403e-b40e-20066696354b} - c:\program files\norton internet security\norton antivirus\NavShExt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\CLIStart.exe"
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {02011FE3-C22B-451d-9A25-BF4DBB38B8E7} - {2A947D7C-8B9F-457d-95B6-5D76CC1B7804} - c:\windows\downloaded program files\fcplugin.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {9C196458-4145-46AF-8A77-1506878DFECA} - hxxp://www1.sdhc.k12.fl.us/ClientDownloads/fcplugin.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: fcp - {B3133379-8789-4d3c-9593-C205D7297501} - c:\windows\downloaded program files\fcplugin.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
STS: {7265100a-17e1-41bf-bd08-63b95a25a9c3} - No File

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\cate\applic~1\mozilla\firefox\profiles\xxzauwvx.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - plugin: c:\documents and settings\cate\application data\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\documents and settings\cate\application data\mozilla\firefox\profiles\xxzauwvx.default\extensions\devicedetection@logitech.com\plugins\npLogitechDeviceDetection.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmusicn.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Move Media Player: moveplayer@movenetworks.com - c:\documents and settings\cate\application data\Move Networks

============= SERVICES / DRIVERS ===============

R1 SAVRT;SAVRT;c:\program files\norton internet security\norton antivirus\savrt.sys [2005-11-17 334984]
R1 SAVRTPEL;SAVRTPEL;c:\program files\norton internet security\norton antivirus\Savrtpel.sys [2005-11-17 53896]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-1-1 102448]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20110103.001\NAVENG.Sys [2011-1-3 86008]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20110103.001\NavEx15.Sys [2011-1-3 1360760]

=============== Created Last 30 ================

2011-01-03 12:04:25 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2011-01-03 12:04:21 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2011-01-03 12:04:20 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
2011-01-03 12:04:13 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
2011-01-03 12:04:08 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
2011-01-03 12:04:02 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
2011-01-03 12:02:53 35871 ----a-w- c:\windows\system32\dllcache\wbfirdma.sys
2011-01-03 12:01:56 765884 ----a-w- c:\windows\system32\dllcache\usrti.sys
2011-01-03 12:00:59 22912 ----a-w- c:\windows\system32\dllcache\umaxpcls.sys
2011-01-03 11:59:56 31744 ----a-w- c:\windows\system32\dllcache\tp4.dll
2011-01-03 11:58:58 172768 ----a-w- c:\windows\system32\dllcache\t2r4disp.dll
2011-01-03 11:58:52 94293 ----a-w- c:\windows\system32\dllcache\sxports.dll
2011-01-03 11:58:48 103936 ----a-w- c:\windows\system32\dllcache\sx.sys
2011-01-03 11:58:45 3968 ----a-w- c:\windows\system32\dllcache\swusbflt.sys
2011-01-03 11:58:41 10240 ----a-w- c:\windows\system32\dllcache\swpidflt.dll
2011-01-03 11:58:38 10240 ----a-w- c:\windows\system32\dllcache\swpdflt2.dll
2011-01-03 11:58:34 53760 ----a-w- c:\windows\system32\dllcache\sw_wheel.dll
2011-01-03 11:58:30 41472 ----a-w- c:\windows\system32\dllcache\sw_effct.dll
2011-01-03 11:58:26 155648 ----a-w- c:\windows\system32\dllcache\stlnprop.dll
2011-01-03 11:58:23 53248 ----a-w- c:\windows\system32\dllcache\stlncoin.dll
2011-01-03 11:58:15 285760 ----a-w- c:\windows\system32\dllcache\stlnata.sys
2011-01-03 11:58:11 16896 ----a-w- c:\windows\system32\dllcache\stcusb.sys
2011-01-03 11:58:02 48736 ----a-w- c:\windows\system32\dllcache\srwlnd5.sys
2011-01-03 11:56:58 24576 ----a-w- c:\windows\system32\dllcache\smc8000n.sys
2011-01-03 11:55:56 252032 ----a-w- c:\windows\system32\dllcache\sis300iv.dll
2011-01-03 11:54:57 16640 ----a-w- c:\windows\system32\dllcache\scmstcs.sys
2011-01-03 11:53:57 65664 ----a-w- c:\windows\system32\dllcache\s3legacy.sys
2011-01-03 11:52:59 714762 ----a-w- c:\windows\system32\dllcache\r2mdmkxx.sys
2011-01-03 11:51:55 121344 ----a-w- c:\windows\system32\dllcache\phvfwext.dll
2011-01-03 11:50:58 44544 ----a-w- c:\windows\system32\dllcache\ovui2.dll
2011-01-03 11:49:57 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
2011-01-03 11:48:57 52255 ----a-w- c:\windows\system32\dllcache\n1000nt5.sys
2011-01-03 11:47:59 12160 ----a-w- c:\windows\system32\dllcache\mouhid.sys
2011-01-03 11:46:59 420992 ----a-w- c:\windows\system32\dllcache\ltmdmntt.sys
2011-01-03 11:45:56 6144 ----a-w- c:\windows\system32\dllcache\kbd106.dll
2011-01-03 11:44:58 372824 ----a-w- c:\windows\system32\dllcache\iconf32.dll
2011-01-03 11:43:58 44863 ----a-w- c:\windows\system32\dllcache\hsf_soar.sys
2011-01-03 11:42:56 123392 ----a-w- c:\windows\system32\dllcache\hpgt21tk.dll
2011-01-03 11:41:58 27165 ----a-w- c:\windows\system32\dllcache\fetnd5.sys
2011-01-03 11:40:59 114944 ----a-w- c:\windows\system32\dllcache\epstw2k.sys
2011-01-03 11:39:59 6216 ----a-w- c:\windows\system32\dllcache\divaci.dll
2011-01-03 11:38:58 28672 ----a-w- c:\windows\system32\dllcache\cyycoins.dll
2011-01-03 11:37:57 171264 ----a-w- c:\windows\system32\dllcache\camdrv30.sys
2011-01-03 11:36:56 26624 ----a-w- c:\windows\system32\dllcache\ativxbar.sys
2011-01-02 20:15:17 539160 ----a-r- c:\windows\system32\LVUI2RC.dll
2011-01-02 20:15:17 539160 ----a-r- c:\windows\system32\LVUI2.dll
2011-01-02 20:15:16 6756632 ----a-r- c:\windows\system32\drivers\lvuvc.sys
2011-01-02 20:15:16 416280 ----a-r- c:\windows\system32\lvcodec2.dll
2011-01-02 20:14:32 34068 ----a-r- c:\windows\system32\Repository.reg
2011-01-02 20:14:32 266008 ----a-r- c:\windows\system32\drivers\lvrs.sys
2011-01-02 20:14:32 199192 ----a-w- c:\windows\system32\lvci12101110.dll
2011-01-02 20:13:43 23832 ----a-r- c:\windows\system32\drivers\lvuvcflt.sys
2011-01-01 17:23:38 -------- d-----w- c:\docume~1\cate\locals~1\applic~1\LogiShrd
2011-01-01 16:09:14 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2011-01-01 16:09:14 60032 ----a-w- c:\windows\system32\dllcache\usbaudio.sys

==================== Find3M ====================

2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54 385024 ----a-w- c:\windows\system32\html.iec
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2009-05-08 01:45:29 284000 ----a-w- c:\program files\npmusicn.dll
2009-05-08 01:45:20 284000 ----a-w- c:\program files\hannah.dll

============= FINISH: 17:20:35.42 ===============

Sorry I forgot to attach the gmer log. So here it is

Merged posts. ~ OB

Attached Files


Edited by Orange Blossom, 09 January 2011 - 12:38 AM.


BC AdBot (Login to Remove)

 


#2 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:48 AM

Posted 09 January 2011 - 11:53 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#3 ijones32

ijones32
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 10 January 2011 - 10:16 PM

Here are the two DDS logs and the gmer log too.


DDS (Ver_10-12-12.02) - NTFSx86
Run by Cate at 20:54:00.25 on Mon 01/10/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.894.229 [GMT -5:00]

AV: Norton Internet Security 2006 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Worm Protection *Disabled*
FW: Norton Internet Security 2006 *Enabled*

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dldtcoms.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\SNDVOL32.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Cate\My Documents\Downloads\dds(2).scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.facebook.com/
uSearch Page = hxxp://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
uSearch Bar = hxxp://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3070815
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3070815
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: CNisExtBho Class: {9ecb9560-04f9-4bbc-943d-298ddf1699e1} - c:\program files\common files\symantec shared\adblocking\NISShExt.dll
BHO: CNavExtBho Class: {a8f38d8d-e480-4d52-b7a2-731bb6995fdd} - c:\program files\norton internet security\norton antivirus\NavShExt.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: {c2a1c5cb-c0ef-4689-9436-f62cca1c5383} - c:\program files\video add-on\isfmdl.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Norton Internet Security 2006: {0b53eac3-8d69-4b9e-9b19-a37c9a5676a7} - c:\program files\common files\symantec shared\adblocking\NISShExt.dll
TB: Norton AntiVirus: {c4069e3a-68f1-403e-b40e-20066696354b} - c:\program files\norton internet security\norton antivirus\NavShExt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\CLIStart.exe"
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {02011FE3-C22B-451d-9A25-BF4DBB38B8E7} - {2A947D7C-8B9F-457d-95B6-5D76CC1B7804} - c:\windows\downloaded program files\fcplugin.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {9C196458-4145-46AF-8A77-1506878DFECA} - hxxp://www1.sdhc.k12.fl.us/ClientDownloads/fcplugin.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: fcp - {B3133379-8789-4d3c-9593-C205D7297501} - c:\windows\downloaded program files\fcplugin.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
STS: {7265100a-17e1-41bf-bd08-63b95a25a9c3} - No File

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\cate\applic~1\mozilla\firefox\profiles\xxzauwvx.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - plugin: c:\documents and settings\cate\application data\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\documents and settings\cate\application data\mozilla\firefox\profiles\xxzauwvx.default\extensions\devicedetection@logitech.com\plugins\npLogitechDeviceDetection.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmusicn.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Move Media Player: moveplayer@movenetworks.com - c:\documents and settings\cate\application data\Move Networks

============= SERVICES / DRIVERS ===============

R1 SAVRT;SAVRT;c:\program files\norton internet security\norton antivirus\savrt.sys [2005-11-17 334984]
R1 SAVRTPEL;SAVRTPEL;c:\program files\norton internet security\norton antivirus\Savrtpel.sys [2005-11-17 53896]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\CCEVTMGR.EXE [2005-11-17 191848]
R2 ccProxy;Symantec Network Proxy;c:\program files\common files\symantec shared\CCPROXY.EXE [2005-11-17 202088]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\CCSETMGR.EXE [2005-11-17 169320]
R2 dldt_device;dldt_device;c:\windows\system32\dldtcoms.exe -service --> c:\windows\system32\dldtcoms.exe -service [?]
R2 navapsvc;Norton AntiVirus Auto-Protect Service;c:\program files\norton internet security\norton antivirus\NAVAPSVC.EXE [2005-11-17 139888]
R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2007-8-15 1251720]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-9-27 24652]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-1-1 102448]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20110110.004\NAVENG.Sys [2011-1-10 86008]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20110110.004\NavEx15.Sys [2011-1-10 1360760]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-13 135664]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 SAVScan;Symantec AVScan;c:\program files\norton internet security\norton antivirus\SAVScan.exe [2005-11-17 198368]

=============== Created Last 30 ================

2011-01-03 12:04:25 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2011-01-03 12:04:21 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2011-01-03 12:04:20 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
2011-01-03 12:04:13 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
2011-01-03 12:04:08 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
2011-01-03 12:04:02 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
2011-01-03 12:02:53 35871 ----a-w- c:\windows\system32\dllcache\wbfirdma.sys
2011-01-03 12:01:56 765884 ----a-w- c:\windows\system32\dllcache\usrti.sys
2011-01-03 12:00:59 22912 ----a-w- c:\windows\system32\dllcache\umaxpcls.sys
2011-01-03 11:59:56 31744 ----a-w- c:\windows\system32\dllcache\tp4.dll
2011-01-03 11:58:58 172768 ----a-w- c:\windows\system32\dllcache\t2r4disp.dll
2011-01-03 11:58:52 94293 ----a-w- c:\windows\system32\dllcache\sxports.dll
2011-01-03 11:58:48 103936 ----a-w- c:\windows\system32\dllcache\sx.sys
2011-01-03 11:58:45 3968 ----a-w- c:\windows\system32\dllcache\swusbflt.sys
2011-01-03 11:58:41 10240 ----a-w- c:\windows\system32\dllcache\swpidflt.dll
2011-01-03 11:58:38 10240 ----a-w- c:\windows\system32\dllcache\swpdflt2.dll
2011-01-03 11:58:34 53760 ----a-w- c:\windows\system32\dllcache\sw_wheel.dll
2011-01-03 11:58:30 41472 ----a-w- c:\windows\system32\dllcache\sw_effct.dll
2011-01-03 11:58:26 155648 ----a-w- c:\windows\system32\dllcache\stlnprop.dll
2011-01-03 11:58:23 53248 ----a-w- c:\windows\system32\dllcache\stlncoin.dll
2011-01-03 11:58:15 285760 ----a-w- c:\windows\system32\dllcache\stlnata.sys
2011-01-03 11:58:11 16896 ----a-w- c:\windows\system32\dllcache\stcusb.sys
2011-01-03 11:58:02 48736 ----a-w- c:\windows\system32\dllcache\srwlnd5.sys
2011-01-03 11:56:58 24576 ----a-w- c:\windows\system32\dllcache\smc8000n.sys
2011-01-03 11:55:56 252032 ----a-w- c:\windows\system32\dllcache\sis300iv.dll
2011-01-03 11:54:57 16640 ----a-w- c:\windows\system32\dllcache\scmstcs.sys
2011-01-03 11:53:57 65664 ----a-w- c:\windows\system32\dllcache\s3legacy.sys
2011-01-03 11:52:59 714762 ----a-w- c:\windows\system32\dllcache\r2mdmkxx.sys
2011-01-03 11:51:55 121344 ----a-w- c:\windows\system32\dllcache\phvfwext.dll
2011-01-03 11:50:58 44544 ----a-w- c:\windows\system32\dllcache\ovui2.dll
2011-01-03 11:49:57 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
2011-01-03 11:48:57 52255 ----a-w- c:\windows\system32\dllcache\n1000nt5.sys
2011-01-03 11:47:59 12160 ----a-w- c:\windows\system32\dllcache\mouhid.sys
2011-01-03 11:46:59 420992 ----a-w- c:\windows\system32\dllcache\ltmdmntt.sys
2011-01-03 11:45:56 6144 ----a-w- c:\windows\system32\dllcache\kbd106.dll
2011-01-03 11:44:58 372824 ----a-w- c:\windows\system32\dllcache\iconf32.dll
2011-01-03 11:43:58 44863 ----a-w- c:\windows\system32\dllcache\hsf_soar.sys
2011-01-03 11:42:56 123392 ----a-w- c:\windows\system32\dllcache\hpgt21tk.dll
2011-01-03 11:41:58 27165 ----a-w- c:\windows\system32\dllcache\fetnd5.sys
2011-01-03 11:40:59 114944 ----a-w- c:\windows\system32\dllcache\epstw2k.sys
2011-01-03 11:39:59 6216 ----a-w- c:\windows\system32\dllcache\divaci.dll
2011-01-03 11:38:58 28672 ----a-w- c:\windows\system32\dllcache\cyycoins.dll
2011-01-03 11:37:57 171264 ----a-w- c:\windows\system32\dllcache\camdrv30.sys
2011-01-03 11:36:56 26624 ----a-w- c:\windows\system32\dllcache\ativxbar.sys
2011-01-02 20:15:17 539160 ----a-r- c:\windows\system32\LVUI2RC.dll
2011-01-02 20:15:17 539160 ----a-r- c:\windows\system32\LVUI2.dll
2011-01-02 20:15:16 6756632 ----a-r- c:\windows\system32\drivers\lvuvc.sys
2011-01-02 20:15:16 416280 ----a-r- c:\windows\system32\lvcodec2.dll
2011-01-02 20:14:32 34068 ----a-r- c:\windows\system32\Repository.reg
2011-01-02 20:14:32 266008 ----a-r- c:\windows\system32\drivers\lvrs.sys
2011-01-02 20:14:32 199192 ----a-w- c:\windows\system32\lvci12101110.dll
2011-01-02 20:13:43 23832 ----a-r- c:\windows\system32\drivers\lvuvcflt.sys
2011-01-01 17:23:38 -------- d-----w- c:\docume~1\cate\locals~1\applic~1\LogiShrd
2011-01-01 16:09:14 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2011-01-01 16:09:14 60032 ----a-w- c:\windows\system32\dllcache\usbaudio.sys

==================== Find3M ====================

2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-06 00:26:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26:58 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26:58 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25:54 385024 ----a-w- c:\windows\system32\html.iec
2010-10-28 13:13:22 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2009-05-08 01:45:29 284000 ----a-w- c:\program files\npmusicn.dll
2009-05-08 01:45:20 284000 ----a-w- c:\program files\hannah.dll

============= FINISH: 20:55:28.03 ===============

Attached Files



#4 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:08:48 PM

Posted 11 January 2011 - 12:27 PM

Hi,

Welcome to Bleeping Computer.

My name is Shannon and I will be working with you to remove the malware that is on your machine.

I apologize for the delay in replying to your post, but this forum is extremely busy.

Please don't make any further changes or run any other tools unless instructed to. Additional changes may hinder the cleaning of your machine.

When asked to copy logs or reports into your reply, please copy them directly into your reply. Do not include them in quotes. Do not attach them unless asked to do so. In Notepad, please turn off Word Wrap under the Format menu.

Please Track this topic - On the top right on this tread, click on the Option button, and, in the drop-down list, click on 'Track this topic'. Under Subscription Information, click on 'Immediate Email Notification' and then click on the Proceed button at the bottom.

Please give me some time to look over your log. I will post the reply as soon as possible.
Shannon

#5 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:08:48 PM

Posted 11 January 2011 - 03:55 PM

Hi-

Thank you for the logs. I can see some problems, but, before we tackle those, I would like to see what else is there.

First, I'd like for you to scan your machine with ESET OnlineScan
  • Hold down Control key and click on the following link to open ESET OnlineScan in a new window.
  • ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip the next two steps)
  • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image
Next, we need to create an OTL Report
  • Please download OTL from here:
  • Main Mirror
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Change the "Extra Registry" option to "Use SafeList"
  • Push the Posted Image button.
  • Two reports will open, copy and paste them into your reply:
  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized
In your reply, please copy in the contents of the ESET Online report and the two OTL reports. Also, let me know how your computer is running now.
Shannon

#6 ijones32

ijones32
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 14 January 2011 - 10:08 PM

I could not get the eset scanner to work for some reason. A couple of times it would say it was downloading the components and then skip to the end of the scan saying it was complete but showing it did not scan any files. Other times it would simply not load the scanner. I did happen to complete the other scans and don't know if they are of use without the first scan being complete but here they are anyways.

OTL logfile created on: 1/14/2011 9:51:50 PM - Run 1
OTL by OldTimer - Version 3.2.20.2 Folder = C:\Documents and Settings\Cate\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

894.00 Mb Total Physical Memory | 391.00 Mb Available Physical Memory | 44.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52.70 Gb Total Space | 31.47 Gb Free Space | 59.72% Space Free | Partition Type: NTFS

Computer Name: D4SDWGD1 | User Name: Cate | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/14 21:50:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cate\My Documents\Downloads\OTL.exe
PRC - [2010/12/11 21:03:54 | 000,910,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/03/04 14:08:20 | 000,099,720 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/25 15:38:12 | 000,595,184 | ---- | M] ( ) -- C:\WINDOWS\system32\dldtcoms.exe
PRC - [2008/01/29 16:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2007/08/23 19:17:07 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/05/23 12:13:40 | 000,173,680 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVW32.EXE
PRC - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/01/02 16:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe


========== Modules (SafeList) ==========

MOD - [2011/01/14 21:50:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cate\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/03/04 14:08:20 | 002,106,760 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate)
SRV - [2010/03/04 14:08:20 | 000,099,720 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/04/28 15:24:07 | 001,251,720 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/02/25 15:38:12 | 000,595,184 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\dldtcoms.exe -- (dldt_device)
SRV - [2008/02/11 16:22:14 | 000,191,848 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2008/02/11 16:22:14 | 000,169,320 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2008/01/29 16:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/10/01 13:50:08 | 000,214,408 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2007/09/13 16:49:48 | 000,202,088 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccProxy.exe -- (ccProxy)
SRV - [2007/05/23 12:13:38 | 000,139,888 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe -- (navapsvc)
SRV - [2007/03/19 12:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/16 13:52:26 | 000,072,328 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\ccPwdSvc.exe -- (ccISPwdSvc)
SRV - [2007/01/16 11:25:28 | 000,045,696 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\comHost.exe -- (comHost)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/12/15 13:36:28 | 000,750,720 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE -- (NSCService)
SRV - [2005/11/17 10:33:52 | 001,160,800 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2005/11/17 10:32:56 | 000,198,368 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe -- (SAVScan)


========== Driver Services (SafeList) ==========

DRV - [2010/12/17 04:00:00 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110114.009\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/12/17 04:00:00 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110114.009\NAVENG.SYS -- (NAVENG)
DRV - [2010/09/15 13:07:08 | 000,270,712 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\SymcData\idsdefs\20110114.003\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2010/07/15 03:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/27 03:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/10/07 03:49:50 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2009/10/07 03:49:38 | 006,756,632 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam 905(UVC)
DRV - [2009/10/07 03:47:55 | 000,266,008 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/10/07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/04/28 15:22:30 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/10/01 13:49:26 | 000,189,320 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2007/10/01 13:49:20 | 000,023,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2007/10/01 13:49:16 | 000,031,624 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2007/10/01 13:49:10 | 000,028,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2007/10/01 13:49:04 | 000,098,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2007/10/01 13:48:56 | 000,012,680 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2007/08/15 08:59:28 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2007/08/15 08:57:19 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/11 12:43:56 | 001,777,152 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/10/05 17:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/09/22 11:47:52 | 000,191,872 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/09/22 11:06:26 | 001,171,464 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/08/17 13:55:16 | 000,044,544 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/07/01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/12/19 15:08:40 | 000,033,664 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\BCMWLNPF.SYS -- (BCMWLNPF)
DRV - [2005/12/01 07:40:56 | 000,936,960 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2005/12/01 07:40:12 | 000,192,512 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2005/12/01 07:40:08 | 000,669,696 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2005/11/17 10:33:52 | 000,389,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2005/11/17 10:32:56 | 000,334,984 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\savrt.sys -- (SAVRT)
DRV - [2005/11/17 10:32:56 | 000,053,896 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton Internet Security\Norton AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2005/11/02 19:24:34 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005/07/14 23:58:14 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2004/08/03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2001/08/17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3070815
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3070815


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3070815
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3070815
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3070815
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3070815
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



IE - HKU\S-1-5-21-496621825-154740940-599731382-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3070815
IE - HKU\S-1-5-21-496621825-154740940-599731382-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
IE - HKU\S-1-5-21-496621825-154740940-599731382-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-496621825-154740940-599731382-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-496621825-154740940-599731382-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
IE - HKU\S-1-5-21-496621825-154740940-599731382-1006\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-496621825-154740940-599731382-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-496621825-154740940-599731382-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.20.0.66
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/11 21:04:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/11 21:04:00 | 000,000,000 | ---D | M]

[2008/08/27 22:57:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cate\Application Data\Mozilla\Extensions
[2011/01/14 07:54:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cate\Application Data\Mozilla\Firefox\Profiles\xxzauwvx.default\extensions
[2010/04/18 19:04:32 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Cate\Application Data\Mozilla\Firefox\Profiles\xxzauwvx.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/01/01 22:04:19 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Documents and Settings\Cate\Application Data\Mozilla\Firefox\Profiles\xxzauwvx.default\extensions\DeviceDetection@logitech.com
[2008/02/04 00:57:47 | 000,000,277 | ---- | M] () -- C:\Documents and Settings\Cate\Application Data\Mozilla\Firefox\Profiles\xxzauwvx.default\searchplugins\search.xml
[2011/01/14 07:54:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/31 19:34:15 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/05/27 19:56:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/11/03 18:00:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2009/09/24 07:05:09 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\CATE\APPLICATION DATA\MOVE NETWORKS
[2010/05/27 19:56:37 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2008/08/16 17:42:02 | 000,070,456 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\CgpCore.dll
[2008/08/16 17:42:12 | 000,091,448 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\confmgr.dll
[2008/08/16 17:42:08 | 000,020,800 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\ctxlogging.dll
[2008/05/21 08:41:08 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcm80.dll
[2008/05/21 08:41:08 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcp80.dll
[2008/05/21 08:41:08 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\msvcr80.dll
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2008/08/16 17:44:46 | 000,427,312 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npicaN.dll
[2009/05/07 20:45:02 | 000,284,000 | ---- | M] (Musicnotes, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npmusicn.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2008/08/16 17:42:04 | 000,023,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\TcpPServ.dll

O1 HOSTS File: ([2004/08/04 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - File not found
O2 - BHO: (CNisExtBho Class) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O2 - BHO: (CNavExtBho Class) - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (no name) - {C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} - File not found
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Norton Internet Security 2006) - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O3 - HKU\S-1-5-21-496621825-154740940-599731382-1006\..\Toolbar\WebBrowser: (Norton Internet Security 2006) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-496621825-154740940-599731382-1006\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-496621825-154740940-599731382-1006\..\Toolbar\WebBrowser: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL (Symantec Corporation)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKU\S-1-5-21-496621825-154740940-599731382-1006..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-496621825-154740940-599731382-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: FirstClass® - {02011FE3-C22B-451d-9A25-BF4DBB38B8E7} - C:\WINDOWS\Downloaded Program Files\fcplugin.dll ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-496621825-154740940-599731382-1006\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9C196458-4145-46AF-8A77-1506878DFECA} http://www1.sdhc.k12.fl.us/ClientDownloads/fcplugin.cab (FirstClass® Control)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.32.5.111 65.32.5.112
O18 - Protocol\Handler\fcp {B3133379-8789-4d3c-9593-C205D7297501} - C:\WINDOWS\Downloaded Program Files\fcplugin.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O22 - SharedTaskScheduler: {7265100a-17e1-41bf-bd08-63b95a25a9c3} - cured - Reg Error: Key error. File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Cate\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Cate\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/14 21:17:46 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/01/03 07:04:25 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2011/01/03 07:04:21 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2011/01/03 07:04:08 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2011/01/03 07:04:02 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2011/01/03 07:03:58 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2011/01/03 07:03:56 | 000,019,455 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys
[2011/01/03 07:03:54 | 000,012,063 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys
[2011/01/03 07:03:52 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2011/01/03 07:03:33 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2011/01/03 07:03:29 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2011/01/03 07:03:15 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2011/01/03 07:03:09 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2011/01/03 07:03:08 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2011/01/03 07:03:07 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2011/01/03 07:03:03 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys
[2011/01/03 07:03:02 | 000,023,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys
[2011/01/03 07:03:01 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys
[2011/01/03 07:02:53 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2011/01/03 07:02:50 | 000,033,599 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys
[2011/01/03 07:02:49 | 000,019,551 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys
[2011/01/03 07:02:48 | 000,029,311 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys
[2011/01/03 07:02:47 | 000,011,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys
[2011/01/03 07:02:46 | 000,012,127 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys
[2011/01/03 07:02:45 | 000,012,415 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys
[2011/01/03 07:02:40 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2011/01/03 07:02:37 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2011/01/03 07:02:33 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2011/01/03 07:02:32 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2011/01/03 07:02:28 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2011/01/03 07:02:22 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2011/01/03 07:02:17 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2011/01/03 07:02:13 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2011/01/03 07:02:06 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys
[2011/01/03 07:02:00 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2011/01/03 07:01:56 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2011/01/03 07:01:52 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2011/01/03 07:01:48 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2011/01/03 07:01:43 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2011/01/03 07:01:39 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2011/01/03 07:01:35 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2011/01/03 07:01:29 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2011/01/03 07:01:26 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2011/01/03 07:01:24 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2011/01/03 07:01:18 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll
[2011/01/03 07:01:14 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2011/01/03 07:01:10 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2011/01/03 07:01:07 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll
[2011/01/03 07:01:03 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2011/01/03 07:00:59 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2011/01/03 07:00:55 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2011/01/03 07:00:51 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2011/01/03 07:00:47 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2011/01/03 07:00:43 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2011/01/03 07:00:39 | 000,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys
[2011/01/03 07:00:38 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2011/01/03 07:00:32 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2011/01/03 07:00:29 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2011/01/03 07:00:25 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2011/01/03 07:00:21 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2011/01/03 07:00:17 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2011/01/03 07:00:13 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2011/01/03 07:00:09 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys
[2011/01/03 07:00:03 | 000,042,496 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll
[2011/01/03 07:00:00 | 000,082,944 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4mon.exe
[2011/01/03 06:59:56 | 000,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll
[2011/01/03 06:59:51 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys
[2011/01/03 06:59:46 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys
[2011/01/03 06:59:42 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys
[2011/01/03 06:59:38 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2011/01/03 06:59:36 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2011/01/03 06:59:32 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2011/01/03 06:59:29 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2011/01/03 06:59:26 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2011/01/03 06:59:25 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2011/01/03 06:59:22 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2011/01/03 06:59:18 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2011/01/03 06:59:18 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2011/01/03 06:59:17 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2011/01/03 06:59:13 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys
[2011/01/03 06:59:08 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2011/01/03 06:59:05 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2011/01/03 06:58:58 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2011/01/03 06:58:52 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2011/01/03 06:58:48 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2011/01/03 06:58:45 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2011/01/03 06:58:41 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2011/01/03 06:58:38 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2011/01/03 06:58:34 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2011/01/03 06:58:30 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2011/01/03 06:58:26 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2011/01/03 06:58:23 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2011/01/03 06:58:15 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2011/01/03 06:58:11 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2011/01/03 06:58:02 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2011/01/03 06:57:58 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2011/01/03 06:57:58 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2011/01/03 06:57:52 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2011/01/03 06:57:47 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2011/01/03 06:57:43 | 000,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2011/01/03 06:57:40 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2011/01/03 06:57:36 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys
[2011/01/03 06:57:33 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll
[2011/01/03 06:57:29 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys
[2011/01/03 06:57:26 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2011/01/03 06:57:25 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys
[2011/01/03 06:57:24 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2011/01/03 06:57:20 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2011/01/03 06:57:20 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2011/01/03 06:57:19 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2011/01/03 06:57:17 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2011/01/03 06:57:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2011/01/03 06:57:13 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2011/01/03 06:57:12 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2011/01/03 06:57:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2011/01/03 06:57:09 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2011/01/03 06:57:05 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2011/01/03 06:57:01 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2011/01/03 06:56:58 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2011/01/03 06:56:55 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys
[2011/01/03 06:56:54 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys
[2011/01/03 06:56:52 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2011/01/03 06:56:52 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys
[2011/01/03 06:56:48 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll
[2011/01/03 06:56:45 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll
[2011/01/03 06:56:45 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2011/01/03 06:56:41 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2011/01/03 06:56:41 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll
[2011/01/03 06:56:41 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2011/01/03 06:56:40 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2011/01/03 06:56:37 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll
[2011/01/03 06:56:36 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2011/01/03 06:56:36 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2011/01/03 06:56:36 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2011/01/03 06:56:36 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2011/01/03 06:56:35 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2011/01/03 06:56:35 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2011/01/03 06:56:35 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2011/01/03 06:56:35 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2011/01/03 06:56:32 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2011/01/03 06:56:28 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2011/01/03 06:56:24 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2011/01/03 06:56:21 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll
[2011/01/03 06:56:17 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys
[2011/01/03 06:56:16 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2011/01/03 06:56:13 | 000,238,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrv.dll
[2011/01/03 06:56:09 | 000,104,064 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrp.sys
[2011/01/03 06:56:06 | 000,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll
[2011/01/03 06:56:02 | 000,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys
[2011/01/03 06:55:56 | 000,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll
[2011/01/03 06:55:51 | 000,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys
[2011/01/03 06:55:51 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2011/01/03 06:55:36 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2011/01/03 06:55:33 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2011/01/03 06:55:29 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2011/01/03 06:55:25 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2011/01/03 06:55:22 | 000,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys
[2011/01/03 06:55:17 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2011/01/03 06:55:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2011/01/03 06:55:13 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys
[2011/01/03 06:55:09 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys
[2011/01/03 06:55:08 | 000,011,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiscan.sys
[2011/01/03 06:55:04 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2011/01/03 06:55:04 | 000,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys
[2011/01/03 06:55:00 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2011/01/03 06:54:57 | 000,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys
[2011/01/03 06:54:53 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2011/01/03 06:54:49 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2011/01/03 06:54:48 | 000,043,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbp2port.sys
[2011/01/03 06:54:40 | 000,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll
[2011/01/03 06:54:35 | 000,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys
[2011/01/03 06:54:31 | 000,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll
[2011/01/03 06:54:28 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2011/01/03 06:54:24 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2011/01/03 06:54:21 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2011/01/03 06:54:18 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2011/01/03 06:54:14 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2011/01/03 06:54:11 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2011/01/03 06:54:07 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2011/01/03 06:54:04 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2011/01/03 06:54:00 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2011/01/03 06:53:57 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2011/01/03 06:53:50 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2011/01/03 06:53:46 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2011/01/03 06:53:45 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/01/03 06:53:45 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/01/03 06:53:44 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2011/01/03 06:53:43 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2011/01/03 06:53:41 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8139.sys
[2011/01/03 06:53:37 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2011/01/03 06:53:34 | 000,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys
[2011/01/03 06:53:30 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2011/01/03 06:53:22 | 000,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys
[2011/01/03 06:53:20 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2011/01/03 06:53:15 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2011/01/03 06:53:11 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2011/01/03 06:53:10 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2011/01/03 06:53:10 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2011/01/03 06:53:03 | 000,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys
[2011/01/03 06:52:59 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2011/01/03 06:52:56 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2011/01/03 06:52:49 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2011/01/03 06:52:44 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2011/01/03 06:52:44 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[2011/01/03 06:52:43 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2011/01/03 06:52:38 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys
[2011/01/03 06:52:32 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2011/01/03 06:52:29 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2011/01/03 06:52:26 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2011/01/03 06:52:25 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll
[2011/01/03 06:52:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll
[2011/01/03 06:52:17 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll
[2011/01/03 06:52:12 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2011/01/03 06:52:09 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys
[2011/01/03 06:52:06 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys
[2011/01/03 06:52:05 | 000,008,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys
[2011/01/03 06:52:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys
[2011/01/03 06:52:00 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2011/01/03 06:52:00 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2011/01/03 06:52:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2011/01/03 06:51:55 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll
[2011/01/03 06:51:51 | 000,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys
[2011/01/03 06:51:48 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys
[2011/01/03 06:51:44 | 000,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys
[2011/01/03 06:51:41 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys
[2011/01/03 06:51:38 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll
[2011/01/03 06:51:35 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax
[2011/01/03 06:51:34 | 000,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll
[2011/01/03 06:51:33 | 000,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys
[2011/01/03 06:51:32 | 000,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll
[2011/01/03 06:51:31 | 000,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys
[2011/01/03 06:51:29 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2011/01/03 06:51:26 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2011/01/03 06:51:23 | 000,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys
[2011/01/03 06:51:20 | 000,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys
[2011/01/03 06:51:16 | 000,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[2011/01/03 06:51:13 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2011/01/03 06:51:11 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2011/01/03 06:51:07 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2011/01/03 06:51:06 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2011/01/03 06:51:06 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2011/01/03 06:51:02 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll
[2011/01/03 06:50:58 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll
[2011/01/03 06:50:55 | 000,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys
[2011/01/03 06:50:52 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe
[2011/01/03 06:50:49 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll
[2011/01/03 06:50:46 | 000,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys
[2011/01/03 06:50:42 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll
[2011/01/03 06:50:39 | 000,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys
[2011/01/03 06:50:36 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys
[2011/01/03 06:50:33 | 000,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys
[2011/01/03 06:50:29 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys
[2011/01/03 06:50:26 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2011/01/03 06:50:23 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2011/01/03 06:50:20 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2011/01/03 06:50:15 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2011/01/03 06:50:12 | 000,061,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ohci1394.sys
[2011/01/03 06:50:06 | 000,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys
[2011/01/03 06:50:03 | 000,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll
[2011/01/03 06:49:57 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2011/01/03 06:49:56 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2011/01/03 06:49:53 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys
[2011/01/03 06:49:49 | 000,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys
[2011/01/03 06:49:49 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys
[2011/01/03 06:49:45 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2011/01/03 06:49:41 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2011/01/03 06:49:38 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2011/01/03 06:49:37 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2011/01/03 06:49:32 | 000,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys
[2011/01/03 06:49:29 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2011/01/03 06:49:26 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2011/01/03 06:49:22 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys
[2011/01/03 06:49:18 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2011/01/03 06:49:15 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2011/01/03 06:49:12 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2011/01/03 06:49:09 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2011/01/03 06:49:06 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2011/01/03 06:49:03 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2011/01/03 06:49:00 | 000,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys
[2011/01/03 06:48:57 | 000,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys
[2011/01/03 06:48:53 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2011/01/03 06:48:50 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2011/01/03 06:48:47 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2011/01/03 06:48:44 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2011/01/03 06:48:41 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2011/01/03 06:48:40 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2011/01/03 06:48:36 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2011/01/03 06:48:31 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2011/01/03 06:48:27 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys
[2011/01/03 06:48:21 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmpu401.sys
[2011/01/03 06:48:20 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys
[2011/01/03 06:48:19 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2011/01/03 06:48:19 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2011/01/03 06:48:13 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys
[2011/01/03 06:48:09 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys
[2011/01/03 06:48:08 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2011/01/03 06:48:04 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2011/01/03 06:47:59 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2011/01/03 06:47:52 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys
[2011/01/03 06:47:45 | 000,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys
[2011/01/03 06:47:43 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migisol.exe
[2011/01/03 06:47:40 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys
[2011/01/03 06:47:37 | 000,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll
[2011/01/03 06:47:36 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2011/01/03 06:47:36 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2011/01/03 06:47:35 | 000,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys
[2011/01/03 06:47:32 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll
[2011/01/03 06:47:29 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys
[2011/01/03 06:47:25 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2011/01/03 06:47:21 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2011/01/03 06:47:21 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys
[2011/01/03 06:47:18 | 000,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys
[2011/01/03 06:47:15 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll
[2011/01/03 06:47:11 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll
[2011/01/03 06:47:08 | 000,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys
[2011/01/03 06:47:08 | 000,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys
[2011/01/03 06:47:03 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2011/01/03 06:47:00 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2011/01/03 06:47:00 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys
[2011/01/03 06:46:59 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2011/01/03 06:46:56 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2011/01/03 06:46:56 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2011/01/03 06:46:53 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2011/01/03 06:46:46 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys
[2011/01/03 06:46:41 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2011/01/03 06:46:38 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2011/01/03 06:46:36 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2011/01/03 06:46:32 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2011/01/03 06:46:31 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2011/01/03 06:46:25 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2011/01/03 06:46:22 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2011/01/03 06:46:18 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2011/01/03 06:46:17 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2011/01/03 06:46:16 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll
[2011/01/03 06:46:15 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll
[2011/01/03 06:46:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2011/01/03 06:46:12 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2011/01/03 06:46:11 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2011/01/03 06:46:11 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2011/01/03 06:46:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2011/01/03 06:46:04 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2011/01/03 06:46:01 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2011/01/03 06:45:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2011/01/03 06:45:53 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2011/01/03 06:45:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2011/01/03 06:45:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2011/01/03 06:45:47 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2011/01/03 06:45:46 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2011/01/03 06:45:43 | 000,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys
[2011/01/03 06:45:40 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2011/01/03 06:45:39 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irmon.dll
[2011/01/03 06:45:36 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2011/01/03 06:45:36 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2011/01/03 06:45:35 | 000,088,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys
[2011/01/03 06:45:29 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2011/01/03 06:45:26 | 000,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll
[2011/01/03 06:45:23 | 000,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys
[2011/01/03 06:45:17 | 000,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys
[2011/01/03 06:45:12 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2011/01/03 06:45:11 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2011/01/03 06:45:10 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2011/01/03 06:45:07 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2011/01/03 06:45:06 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2011/01/03 06:45:05 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2011/01/03 06:45:05 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2011/01/03 06:44:58 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2011/01/03 06:44:55 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys
[2011/01/03 06:44:52 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll
[2011/01/03 06:44:49 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll
[2011/01/03 06:44:47 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2011/01/03 06:44:44 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2011/01/03 06:44:41 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2011/01/03 06:44:39 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2011/01/03 06:44:36 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2011/01/03 06:44:33 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2011/01/03 06:44:31 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys
[2011/01/03 06:44:28 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys
[2011/01/03 06:44:25 | 000,009,216 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[2011/01/03 06:44:23 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys
[2011/01/03 06:44:22 | 000,161,020 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys
[2011/01/03 06:44:21 | 000,702,845 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll
[2011/01/03 06:44:18 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys
[2011/01/03 06:44:15 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll
[2011/01/03 06:44:14 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2011/01/03 06:44:10 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2011/01/03 06:44:06 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys
[2011/01/03 06:44:04 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys
[2011/01/03 06:44:01 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys
[2011/01/03 06:43:58 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys
[2011/01/03 06:43:56 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys
[2011/01/03 06:43:53 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys
[2011/01/03 06:43:51 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys
[2011/01/03 06:43:48 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll
[2011/01/03 06:43:45 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys
[2011/01/03 06:43:42 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys
[2011/01/03 06:43:40 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys
[2011/01/03 06:43:37 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys
[2011/01/03 06:43:34 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys
[2011/01/03 06:43:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2011/01/03 06:43:29 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2011/01/03 06:43:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2011/01/03 06:43:24 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2011/01/03 06:43:21 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2011/01/03 06:43:19 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2011/01/03 06:43:14 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2011/01/03 06:43:09 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2011/01/03 06:43:04 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2011/01/03 06:42:56 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2011/01/03 06:42:50 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2011/01/03 06:42:46 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2011/01/03 06:42:46 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2011/01/03 06:42:44 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2011/01/03 06:42:43 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2011/01/03 06:42:40 | 000,907,456 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys
[2011/01/03 06:42:40 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2011/01/03 06:42:38 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2011/01/03 06:42:36 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2011/01/03 06:42:34 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2011/01/03 06:42:32 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys
[2011/01/03 06:42:32 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2011/01/03 06:42:30 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys
[2011/01/03 06:42:27 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll
[2011/01/03 06:42:25 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys
[2011/01/03 06:42:23 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll
[2011/01/03 06:42:21 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2011/01/03 06:42:17 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2011/01/03 06:42:15 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2011/01/03 06:42:13 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2011/01/03 06:42:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2011/01/03 06:42:10 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2011/01/03 06:42:07 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2011/01/03 06:42:05 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2011/01/03 06:42:04 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2011/01/03 06:42:01 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2011/01/03 06:42:00 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2011/01/03 06:41:58 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2011/01/03 06:41:52 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2011/01/03 06:41:52 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys
[2011/01/03 06:41:49 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2011/01/03 06:41:47 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys
[2011/01/03 06:41:45 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2011/01/03 06:41:43 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2011/01/03 06:41:40 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2011/01/03 06:41:38 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys
[2011/01/03 06:41:37 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2011/01/03 06:41:36 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2011/01/03 06:41:34 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2011/01/03 06:41:32 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2011/01/03 06:41:32 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2011/01/03 06:41:30 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2011/01/03 06:41:30 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2011/01/03 06:41:27 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys
[2011/01/03 06:41:27 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2011/01/03 06:41:25 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2011/01/03 06:41:23 | 000,347,550 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2011/01/03 06:41:21 | 000,594,238 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys
[2011/01/03 06:41:19 | 000,595,647 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2011/01/03 06:41:17 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2011/01/03 06:41:14 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2011/01/03 06:41:12 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2011/01/03 06:41:10 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2011/01/03 06:41:07 | 000,061,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2011/01/03 06:41:05 | 000,051,200 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2011/01/03 06:41:03 | 000,053,248 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2011/01/03 06:41:01 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2011/01/03 06:40:59 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2011/01/03 06:40:56 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2011/01/03 06:40:55 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2011/01/03 06:40:53 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\enum1394.sys
[2011/01/03 06:40:52 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys
[2011/01/03 06:40:47 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2011/01/03 06:40:46 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2011/01/03 06:40:44 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2011/01/03 06:40:43 | 000,171,520 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2011/01/03 06:40:42 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2011/01/03 06:40:40 | 000,455,199 | ---- | C] (3Com Corporation.) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2011/01/03 06:40:39 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2011/01/03 06:40:37 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2011/01/03 06:40:36 | 000,241,206 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2011/01/03 06:40:34 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2011/01/03 06:40:33 | 000,634,134 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2011/01/03 06:40:32 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2011/01/03 06:40:30 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2011/01/03 06:40:29 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2011/01/03 06:40:28 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2011/01/03 06:40:26 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2011/01/03 06:40:25 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2011/01/03 06:40:24 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2011/01/03 06:40:22 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2011/01/03 06:40:21 | 000,050,719 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2011/01/03 06:40:17 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2011/01/03 06:40:13 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2011/01/03 06:40:12 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2011/01/03 06:40:11 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2011/01/03 06:40:10 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2011/01/03 06:40:09 | 000,206,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys
[2011/01/03 06:40:05 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2011/01/03 06:40:05 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2011/01/03 06:40:04 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2011/01/03 06:40:02 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2011/01/03 06:39:57 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2011/01/03 06:39:56 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2011/01/03 06:39:55 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2011/01/03 06:39:54 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2011/01/03 06:39:52 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2011/01/03 06:39:50 | 000,614,429 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2011/01/03 06:39:49 | 000,042,432 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2011/01/03 06:39:48 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2011/01/03 06:39:47 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2011/01/03 06:39:45 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2011/01/03 06:39:44 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2011/01/03 06:39:43 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2011/01/03 06:39:42 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2011/01/03 06:39:40 | 000,090,525 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2011/01/03 06:39:39 | 000,103,044 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2011/01/03 06:39:38 | 000,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2011/01/03 06:39:37 | 000,037,735 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2011/01/03 06:39:36 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2011/01/03 06:39:32 | 000,419,357 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2011/01/03 06:39:31 | 000,029,531 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2011/01/03 06:39:28 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2011/01/03 06:39:25 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2011/01/03 06:39:24 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe
[2011/01/03 06:39:22 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll
[2011/01/03 06:39:21 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2011/01/03 06:39:20 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2011/01/03 06:39:18 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2011/01/03 06:39:16 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2011/01/03 06:39:14 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2011/01/03 06:39:13 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2011/01/03 06:39:11 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2011/01/03 06:39:05 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2011/01/03 06:39:04 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2011/01/03 06:39:03 | 000,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2011/01/03 06:39:02 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2011/01/03 06:39:01 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2011/01/03 06:39:00 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2011/01/03 06:38:58 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2011/01/03 06:38:57 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2011/01/03 06:38:56 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2011/01/03 06:38:56 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2011/01/03 06:38:55 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2011/01/03 06:38:53 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2011/01/03 06:38:52 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2011/01/03 06:38:51 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2011/01/03 06:38:49 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2011/01/03 06:38:48 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2011/01/03 06:38:47 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll
[2011/01/03 06:38:46 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2011/01/03 06:38:45 | 000,096,256 | ---- | C] (Copyright © Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2011/01/03 06:38:44 | 000,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2011/01/03 06:38:43 | 000,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys
[2011/01/03 06:38:41 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll
[2011/01/03 06:38:39 | 000,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2011/01/03 06:38:38 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2011/01/03 06:38:38 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2011/01/03 06:38:37 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2011/01/03 06:38:36 | 000,021,533 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2011/01/03 06:38:31 | 000,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2011/01/03 06:38:30 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2011/01/03 06:38:28 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2011/01/03 06:38:27 | 000,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2011/01/03 06:38:26 | 000,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2011/01/03 06:38:25 | 000,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2011/01/03 06:38:24 | 000,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2011/01/03 06:38:23 | 000,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2011/01/03 06:38:22 | 000,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2011/01/03 06:38:20 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2011/01/03 06:38:19 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2011/01/03 06:38:19 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2011/01/03 06:38:18 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2011/01/03 06:38:18 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2011/01/03 06:38:17 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2011/01/03 06:38:17 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2011/01/03 06:38:16 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2011/01/03 06:38:15 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2011/01/03 06:38:14 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2011/01/03 06:38:13 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2011/01/03 06:38:13 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2011/01/03 06:38:12 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2011/01/03 06:38:10 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2011/01/03 06:38:09 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2011/01/03 06:38:08 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2011/01/03 06:38:07 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2011/01/03 06:38:06 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2011/01/03 06:38:04 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2011/01/03 06:38:04 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/01/03 06:38:03 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2011/01/03 06:38:03 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2011/01/03 06:38:02 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2011/01/03 06:38:01 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2011/01/03 06:38:00 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2011/01/03 06:37:59 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2011/01/03 06:37:57 | 000,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2011/01/03 06:37:56 | 000,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2011/01/03 06:37:56 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2011/01/03 06:37:55 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2011/01/03 06:37:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2011/01/03 06:37:31 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2011/01/03 06:37:30 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2011/01/03 06:37:29 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2011/01/03 06:37:28 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2011/01/03 06:37:27 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2011/01/03 06:37:26 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2011/01/03 06:37:25 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2011/01/03 06:37:24 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2011/01/03 06:37:23 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2011/01/03 06:37:21 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2011/01/03 06:37:20 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2011/01/03 06:37:19 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2011/01/03 06:37:19 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2011/01/03 06:37:18 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2011/01/03 06:37:17 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2011/01/03 06:37:17 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2011/01/03 06:37:16 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2011/01/03 06:37:15 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2011/01/03 06:37:15 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2011/01/03 06:37:14 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2011/01/03 06:37:13 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2011/01/03 06:37:12 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2011/01/03 06:37:12 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2011/01/03 06:37:11 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2011/01/03 06:37:10 | 000,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys
[2011/01/03 06:37:10 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2011/01/03 06:37:09 | 000,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys
[2011/01/03 06:37:08 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2011/01/03 06:37:08 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2011/01/03 06:37:07 | 000,096,640 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys
[2011/01/03 06:37:07 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2011/01/03 06:37:06 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2011/01/03 06:37:06 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2011/01/03 06:37:05 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2011/01/03 06:37:04 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2011/01/03 06:37:03 | 000,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2011/01/03 06:37:03 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2011/01/03 06:37:02 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avc.sys
[2011/01/03 06:36:52 | 000,070,528 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys
[2011/01/03 06:36:51 | 000,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll
[2011/01/03 06:36:49 | 000,281,600 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys
[2011/01/03 06:36:49 | 000,075,136 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys
[2011/01/03 06:36:48 | 000,289,664 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys
[2011/01/03 06:36:48 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2011/01/03 06:36:47 | 000,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll
[2011/01/03 06:36:47 | 000,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll
[2011/01/03 06:36:46 | 000,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll
[2011/01/03 06:36:44 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2011/01/03 06:36:43 | 000,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2011/01/03 06:36:42 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2011/01/03 06:36:41 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2011/01/03 06:36:41 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2011/01/03 06:36:40 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2011/01/03 06:36:40 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2011/01/03 06:36:39 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys
[2011/01/03 06:36:38 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys
[2011/01/03 06:36:35 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2011/01/03 06:36:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2011/01/03 06:36:33 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2011/01/03 06:36:32 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2011/01/03 06:36:32 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2011/01/03 06:36:31 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2011/01/03 06:36:31 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2011/01/03 06:36:31 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2011/01/03 06:36:30 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2011/01/03 06:36:29 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2011/01/03 06:36:29 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2011/01/03 06:36:28 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2011/01/03 06:36:28 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2011/01/03 06:36:28 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2011/01/03 06:36:26 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2011/01/03 06:36:26 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2011/01/03 06:36:25 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2011/01/03 06:36:25 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\61883.sys
[2011/01/03 06:36:25 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2011/01/03 06:36:25 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2011/01/03 06:36:24 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2011/01/03 06:36:24 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2011/01/03 06:36:23 | 000,053,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394bus.sys
[2011/01/03 06:36:23 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2011/01/03 06:36:06 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2011/01/02 15:56:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cate\Application Data\Logitech
[2011/01/02 15:15:17 | 000,539,160 | R--- | C] (Logitech Inc.) -- C:\WINDOWS\System32\LVUI2RC.dll
[2011/01/02 15:15:17 | 000,539,160 | R--- | C] (Logitech Inc.) -- C:\WINDOWS\System32\LVUI2.dll
[2011/01/02 15:15:16 | 006,756,632 | R--- | C] (Logitech Inc.) -- C:\WINDOWS\System32\drivers\lvuvc.sys
[2011/01/02 15:15:16 | 000,416,280 | R--- | C] (Logitech Inc.) -- C:\WINDOWS\System32\lvcodec2.dll
[2011/01/02 15:14:32 | 000,266,008 | R--- | C] (Logitech Inc.) -- C:\WINDOWS\System32\drivers\lvrs.sys
[2011/01/02 15:14:32 | 000,199,192 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\lvci12101110.dll
[2011/01/02 15:13:43 | 000,023,832 | R--- | C] (Logitech Inc.) -- C:\WINDOWS\System32\drivers\lvuvcflt.sys
[2011/01/02 15:12:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Logitech
[2011/01/02 15:12:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2011/01/02 15:11:48 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2011/01/01 12:23:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cate\Local Settings\Application Data\LogiShrd
[2011/01/01 12:22:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cate\Application Data\Leadertech
[2011/01/01 12:18:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
[2011/01/01 11:09:14 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\USBAUDIO.sys
[2011/01/01 11:09:14 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2010/12/16 19:56:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2010/12/16 19:53:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2009/05/07 20:45:29 | 000,284,000 | ---- | C] (Musicnotes, Inc.) -- C:\Program Files\npmusicn.dll
[2009/05/07 20:45:19 | 000,284,000 | ---- | C] (Musicnotes, Inc.) -- C:\Program Files\hannah.dll
[2008/01/30 15:02:30 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtpmui.dll
[2008/01/30 14:59:24 | 001,105,920 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtserv.dll
[2008/01/30 14:57:42 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\dldthbn3.dll
[2008/01/30 14:56:56 | 000,843,776 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtusb1.dll
[2008/01/30 14:55:14 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtlmpm.dll
[2008/01/30 14:54:56 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtiesc.dll
[2008/01/30 14:54:22 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtcomm.dll
[2008/01/30 14:53:32 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtcomc.dll
[2008/01/30 14:53:22 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtinpa.dll
[2008/01/30 14:52:16 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\dldtprox.dll
[2007/08/15 08:57:58 | 000,155,648 | ---- | C] (America Online, Inc.) -- C:\Documents and Settings\All Users\Application Data\gwseh.dat
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/14 21:56:18 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/14 21:29:36 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{6EB7F9B1-CBCF-42A9-9195-1232D3E5B641}.job
[2011/01/14 21:09:39 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/14 21:09:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/14 21:09:17 | 937,472,000 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/13 23:00:52 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2011/01/08 09:26:45 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/01/07 23:34:26 | 000,000,546 | ---- | M] () -- C:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - Cate.job
[2011/01/06 16:10:57 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011/01/06 16:10:55 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2011/01/03 16:33:45 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Cate\defogger_reenable
[2011/01/02 21:06:53 | 000,001,891 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/01/02 15:58:24 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011/01/02 15:55:45 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2011/01/02 15:12:11 | 000,001,850 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Logitech Webcam Software.lnk
[2011/01/01 22:33:12 | 000,000,127 | ---- | M] () -- C:\Documents and Settings\Cate\Local Settings\Application Data\fusioncache.dat
[2010/12/31 17:01:35 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/03 16:33:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Cate\defogger_reenable
[2011/01/03 07:04:20 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2011/01/03 07:04:13 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2011/01/03 06:52:20 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2011/01/03 06:52:16 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2011/01/03 06:48:09 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2011/01/03 06:46:17 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/01/03 06:45:04 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/01/03 06:43:16 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2011/01/03 06:43:11 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2011/01/03 06:43:06 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2011/01/03 06:43:01 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2011/01/03 06:42:53 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2011/01/03 06:42:39 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/01/03 06:40:01 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2011/01/03 06:40:00 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2011/01/03 06:39:59 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2011/01/03 06:36:56 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2011/01/03 06:36:56 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2011/01/03 06:36:55 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2011/01/03 06:36:54 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2011/01/03 06:36:54 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2011/01/03 06:36:53 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2011/01/03 06:36:53 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2011/01/03 06:36:52 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2011/01/03 06:36:51 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2011/01/03 06:36:46 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2011/01/03 06:33:28 | 937,472,000 | -HS- | C] () -- C:\hiberfil.sys
[2011/01/02 15:15:16 | 000,266,828 | R--- | C] () -- C:\WINDOWS\System32\drivers\LVAFT.cfg
[2011/01/02 15:14:32 | 000,082,289 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2011/01/02 15:14:32 | 000,034,068 | R--- | C] () -- C:\WINDOWS\System32\Repository.reg
[2011/01/02 15:12:11 | 000,001,850 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Logitech Webcam Software.lnk
[2011/01/01 22:33:12 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Cate\Local Settings\Application Data\fusioncache.dat
[2011/01/01 12:21:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2011/01/01 12:19:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2009/10/07 01:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/10/07 01:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009/08/14 16:17:54 | 000,002,528 | ---- | C] () -- C:\WINDOWS\FCIC.INI
[2008/11/15 22:06:10 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008/11/15 21:32:47 | 000,001,783 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2008/10/25 22:19:37 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/02/21 19:41:24 | 000,782,336 | ---- | C] () -- C:\WINDOWS\System32\dldtdrs.dll
[2008/02/19 21:25:56 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\dldtcaps.dll
[2008/01/31 08:41:56 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dldtinsr.dll
[2008/01/31 08:41:48 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dldtcur.dll
[2008/01/31 08:41:22 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\dldtjswr.dll
[2008/01/31 08:38:10 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\dldtinsb.dll
[2008/01/31 08:38:04 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dldtcub.dll
[2008/01/31 08:36:34 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\dldtcu.dll
[2008/01/31 08:36:30 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldtins.dll
[2008/01/31 08:35:02 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\dldtutil.dll
[2008/01/31 08:34:28 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\dldtgrd.dll
[2008/01/22 01:05:12 | 000,077,906 | ---- | C] () -- C:\WINDOWS\System32\dldtcfg.dll
[2007/12/12 20:32:40 | 000,360,448 | ---- | C] () -- C:\WINDOWS\System32\dldtcoin.dll
[2007/11/13 18:13:10 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dldtcnv4.dll
[2007/08/25 12:11:30 | 000,000,377 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/08/15 09:07:47 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/08/15 08:23:10 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2007/08/15 08:23:06 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2007/08/15 08:22:42 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/04/28 13:41:50 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dldtvs.dll
[2004/08/10 13:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 13:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 12:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EAD001CC

< End of report >


OTL Extras logfile created on: 1/14/2011 9:51:50 PM - Run 1
OTL by OldTimer - Version 3.2.20.2 Folder = C:\Documents and Settings\Cate\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

894.00 Mb Total Physical Memory | 391.00 Mb Available Physical Memory | 44.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52.70 Gb Total Space | 31.47 Gb Free Space | 59.72% Space Free | Partition Type: NTFS

Computer Name: D4SDWGD1 | User Name: Cate | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-496621825-154740940-599731382-1006\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader
"C:\Program Files\MySpace\IM\MySpaceIM.exe" = C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpaceIM
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\WINDOWS\system32\dldtcoms.exe" = C:\WINDOWS\system32\dldtcoms.exe:*:Enabled:V305 Server -- ( )
"C:\WINDOWS\system32\spool\drivers\w32x86\3\dldtpswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\dldtpswx.exe:*:Enabled:Printer Status Window Interface -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\dldttime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\dldttime.exe:*:Enabled:Time Executable -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\dldtjswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\dldtjswx.exe:*:Enabled:Job Status Window Interface -- ()
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}" = Symantec KB-DocID:2003093015493306
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB}" = ccCommon
"{12E2B9E9-05B1-407d-B0FD-B5F350535125}" = Norton Internet Security
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 22
"{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}" = Dell DataSafe Online
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{2EBF25F1-F8A2-40EA-92BE-931C142A44E2}" = CC_ccProxyExt
"{30738666-9805-4926-A78F-91DA33B6C437}" = ccPxyCore
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B29A786-5803-4E9E-9B58-3014A5B4E519}" = Norton AntiSpam
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{449F3A9E-9903-4a0d-A209-08030D45A935}" = Norton Internet Security
"{48185814-A224-447a-81DA-71BD20580E1B}" = Norton Internet Security
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{5677563D-0CB1-485F-9E18-C5025306BB3F}" = Norton AntiSpam
"{5B35C417-2649-11D6-83D1-0050FC01225C}" = FirstClass® Client
"{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}" = EarthLink Setup Files
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{659B48CD-0608-4ED5-94C0-0B6C87114F10}" = Apple Mobile Device Support
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.7
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{82A5BF38-8461-4A5C-B2C9-24F5256D92A6}" = Norton Protection Center
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93C9E60-29B6-49da-BA21-F70AC6AADE20}" = Norton Internet Security
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}" = Dell Support Center
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C6F5B6CF-609C-428E-876F-CA83176C021B}" = Norton AntiVirus 2006
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC5702D7-86E2-45A8-99D7-E8B976ADCC56}" = iTunes
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E6963450-7577-4049-8793-2B66B85237C1}" = ATI Catalyst Control Center
"{E85FA9A1-C241-4698-893B-DD99509B8DB0}" = Norton WMI Update
"{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}" = Citrix XenApp Web Plugin
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F64306A5-4C32-41bb-B153-53986527FAB4}" = Norton WMI Update
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FB64BF25-3593-4E4E-AA85-84AEF1D1475F}" = Broadcom Management Programs
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FFB4DD53-28B7-4981-BFF0-9BD801F61095}" = Norton Internet Security
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ATI Display Driver" = ATI Display Driver
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"EphPod" = EphPod
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"LiveUpdate" = LiveUpdate 3.0 (Symantec Corporation)
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.5.16)" = Mozilla Firefox (3.5.16)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"RealPlayer 6.0" = RealPlayer Basic
"SearchAssist" = SearchAssist
"SymSetup.{A93C9E60-29B6-49da-BA21-F70AC6AADE20}" = Norton Internet Security 2006 (Symantec Corporation)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-496621825-154740940-599731382-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player
"Trader Workstation" = Trader Workstation

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/3/2011 6:26:02 PM | Computer Name = D4SDWGD1 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.1.3986, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 1/3/2011 6:26:10 PM | Computer Name = D4SDWGD1 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.1.3986, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 1/3/2011 6:26:11 PM | Computer Name = D4SDWGD1 | Source = Application Hang | ID = 1001
Description = Fault bucket -2087538432.

Error - 1/3/2011 6:26:12 PM | Computer Name = D4SDWGD1 | Source = Application Hang | ID = 1001
Description = Fault bucket -2087538432.

Error - 1/3/2011 6:26:31 PM | Computer Name = D4SDWGD1 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.1.3986, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 1/3/2011 6:26:34 PM | Computer Name = D4SDWGD1 | Source = Application Hang | ID = 1001
Description = Fault bucket -2087538432.

Error - 1/3/2011 9:43:34 PM | Computer Name = D4SDWGD1 | Source = Application Hang | ID = 1002
Description = Hanging application firefox.exe, version 1.9.1.3986, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 1/3/2011 9:43:39 PM | Computer Name = D4SDWGD1 | Source = Application Hang | ID = 1001
Description = Fault bucket -2087538432.

Error - 1/11/2011 7:47:17 AM | Computer Name = D4SDWGD1 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This operation returned because the timeout period expired.

Error - 1/14/2011 10:17:36 PM | Computer Name = D4SDWGD1 | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This operation returned because the timeout period expired.

[ System Events ]
Error - 1/14/2011 10:09:54 PM | Computer Name = D4SDWGD1 | Source = ati2mtag | ID = 43015
Description = I2c return failed

Error - 1/14/2011 10:09:54 PM | Computer Name = D4SDWGD1 | Source = ati2mtag | ID = 43016
Description = Not an EDID device

Error - 1/14/2011 10:09:54 PM | Computer Name = D4SDWGD1 | Source = ati2mtag | ID = 43015
Description = I2c return failed

Error - 1/14/2011 10:09:54 PM | Computer Name = D4SDWGD1 | Source = ati2mtag | ID = 43015
Description = I2c return failed

Error - 1/14/2011 10:09:54 PM | Computer Name = D4SDWGD1 | Source = ati2mtag | ID = 43016
Description = Not an EDID device

Error - 1/14/2011 10:09:54 PM | Computer Name = D4SDWGD1 | Source = ati2mtag | ID = 43016
Description = Not an EDID device

Error - 1/14/2011 10:09:54 PM | Computer Name = D4SDWGD1 | Source = ati2mtag | ID = 43015
Description = I2c return failed

Error - 1/14/2011 10:09:54 PM | Computer Name = D4SDWGD1 | Source = ati2mtag | ID = 43015
Description = I2c return failed

Error - 1/14/2011 10:34:16 PM | Computer Name = D4SDWGD1 | Source = Service Control Manager | ID = 7034
Description = The Symantec Core LC service terminated unexpectedly. It has done
this 1 time(s).

Error - 1/14/2011 10:49:19 PM | Computer Name = D4SDWGD1 | Source = Service Control Manager | ID = 7034
Description = The Symantec Core LC service terminated unexpectedly. It has done
this 2 time(s).


< End of report >

#7 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:08:48 PM

Posted 15 January 2011 - 09:20 AM

Hi-

The logs are not showing any real problems.

First, please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
  • If TDSSKiller does not run, try renaming it.

    To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.

  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

Next, please download MBRCheck by clicking here and save it to your desktop.
  • Be sure to disable your security programs.
  • Double click on the file to run it (Vista and Windows 7 users will have to confirm the UAC prompt).
  • A window will open on your desktop.
  • If an unknown bootcode is found you will have further options available to you, at this time press N then press Enter twice.
  • If nothing unusual is found just press Enter.
  • A .txt file named MBRCheck_mm.dd.yy_hh.mm.txt should appear on your desktop.
  • Please post the contents of that file in your next reply.

In your reply, please copy in the TDSSKiller and the MBRCheck reports. Also, let me know how your computer is doing now.
Shannon

#8 ijones32

ijones32
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 18 January 2011 - 06:46 PM

Here are the TDSS and MBRcheck logs. The computer is running the same and still displaying the same problems.

2011/01/18 18:43:38.0546 TDSS rootkit removing tool 2.4.14.0 Jan 18 2011 09:33:51
2011/01/18 18:43:38.0546 ================================================================================
2011/01/18 18:43:38.0546 SystemInfo:
2011/01/18 18:43:38.0546
2011/01/18 18:43:38.0546 OS Version: 5.1.2600 ServicePack: 3.0
2011/01/18 18:43:38.0546 Product type: Workstation
2011/01/18 18:43:38.0546 ComputerName: D4SDWGD1
2011/01/18 18:43:38.0546 UserName: Cate
2011/01/18 18:43:38.0546 Windows directory: C:\WINDOWS
2011/01/18 18:43:38.0546 System windows directory: C:\WINDOWS
2011/01/18 18:43:38.0546 Processor architecture: Intel x86
2011/01/18 18:43:38.0546 Number of processors: 1
2011/01/18 18:43:38.0546 Page size: 0x1000
2011/01/18 18:43:38.0546 Boot type: Normal boot
2011/01/18 18:43:38.0546 ================================================================================
2011/01/18 18:43:38.0750 Initialize success
2011/01/18 18:43:41.0718 ================================================================================
2011/01/18 18:43:41.0718 Scan started
2011/01/18 18:43:41.0718 Mode: Manual;
2011/01/18 18:43:41.0718 ================================================================================
2011/01/18 18:43:43.0046 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2011/01/18 18:43:43.0109 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/01/18 18:43:43.0171 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/01/18 18:43:43.0234 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/01/18 18:43:43.0359 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/01/18 18:43:43.0437 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/01/18 18:43:43.0484 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/01/18 18:43:43.0625 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2011/01/18 18:43:43.0906 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2011/01/18 18:43:44.0000 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/01/18 18:43:44.0031 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/01/18 18:43:44.0093 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2011/01/18 18:43:44.0187 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2011/01/18 18:43:44.0296 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2011/01/18 18:43:44.0359 AmdK8 (efbb0956baed786e137351b5ca272aef) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2011/01/18 18:43:44.0406 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2011/01/18 18:43:44.0453 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2011/01/18 18:43:44.0500 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2011/01/18 18:43:44.0546 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2011/01/18 18:43:44.0625 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
2011/01/18 18:43:44.0781 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/01/18 18:43:44.0828 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/01/18 18:43:44.0968 ati2mtag (e78b73eb84c257d0d940e041742d2699) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/01/18 18:43:45.0171 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/01/18 18:43:45.0234 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/01/18 18:43:45.0328 BCM43XX (30d20fc98bcfd52e1da778cf19b223d4) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2011/01/18 18:43:45.0468 bcm4sbxp (6489310d11971f6ba6c7f49be0baf6e0) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
2011/01/18 18:43:45.0515 BCMWLNPF (8c31c9db77ed6143ad09dc5fd2c9d9cc) C:\WINDOWS\system32\drivers\bcmwlnpf.sys
2011/01/18 18:43:45.0562 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/01/18 18:43:45.0640 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2011/01/18 18:43:45.0671 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/01/18 18:43:45.0750 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/01/18 18:43:45.0890 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2011/01/18 18:43:45.0937 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/01/18 18:43:45.0984 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/01/18 18:43:46.0031 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/01/18 18:43:46.0140 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/01/18 18:43:46.0187 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2011/01/18 18:43:46.0312 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/01/18 18:43:46.0375 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2011/01/18 18:43:46.0437 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2011/01/18 18:43:46.0484 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2011/01/18 18:43:46.0562 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/01/18 18:43:46.0640 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/01/18 18:43:46.0796 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/01/18 18:43:46.0843 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/01/18 18:43:46.0984 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/01/18 18:43:47.0046 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/01/18 18:43:47.0171 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/01/18 18:43:47.0343 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
2011/01/18 18:43:47.0406 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
2011/01/18 18:43:47.0546 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/01/18 18:43:47.0703 eeCtrl (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
2011/01/18 18:43:47.0750 EraserUtilRebootDrv (850259334652d392e33ee3412562e583) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
2011/01/18 18:43:47.0921 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/01/18 18:43:47.0984 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/01/18 18:43:48.0078 FilterService (b73ec688c29f81f9da0fcf63682b3ecb) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
2011/01/18 18:43:48.0125 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/01/18 18:43:48.0281 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/01/18 18:43:48.0328 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/01/18 18:43:48.0406 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/01/18 18:43:48.0437 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/01/18 18:43:48.0484 GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2011/01/18 18:43:48.0656 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/01/18 18:43:48.0718 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/01/18 18:43:48.0796 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/01/18 18:43:48.0875 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2011/01/18 18:43:49.0046 HSF_DPV (e8ec1767ea315a39a0dd8989952ca0e9) C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
2011/01/18 18:43:49.0125 HSXHWAZL (61478fa42ee04562e7f11f4dca87e9c8) C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
2011/01/18 18:43:49.0250 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/01/18 18:43:49.0328 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2011/01/18 18:43:49.0375 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2011/01/18 18:43:49.0453 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/01/18 18:43:49.0609 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/01/18 18:43:49.0671 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2011/01/18 18:43:49.0718 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/01/18 18:43:49.0765 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/01/18 18:43:49.0843 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/01/18 18:43:49.0953 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/01/18 18:43:50.0031 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/01/18 18:43:50.0062 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/01/18 18:43:50.0156 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/01/18 18:43:50.0296 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/01/18 18:43:50.0359 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/01/18 18:43:50.0421 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/01/18 18:43:50.0515 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/01/18 18:43:50.0640 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/01/18 18:43:50.0781 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
2011/01/18 18:43:50.0859 LVRS (37072ec9299e825f4335cc554b6fac6a) C:\WINDOWS\system32\DRIVERS\lvrs.sys
2011/01/18 18:43:51.0218 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
2011/01/18 18:43:51.0453 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/01/18 18:43:51.0515 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/01/18 18:43:51.0609 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/01/18 18:43:51.0656 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/01/18 18:43:51.0781 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/01/18 18:43:51.0828 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2011/01/18 18:43:51.0890 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/01/18 18:43:51.0984 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/01/18 18:43:52.0125 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/01/18 18:43:52.0171 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/01/18 18:43:52.0203 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/01/18 18:43:52.0250 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/01/18 18:43:52.0312 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/01/18 18:43:52.0390 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/01/18 18:43:52.0796 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/01/18 18:43:52.0937 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/01/18 18:43:53.0234 NAVENG (c8ef74e4d8105b1d02d58ea4734cf616) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20110118.003\NAVENG.Sys
2011/01/18 18:43:53.0390 NAVEX15 (94b3164055d821a62944d9fe84036470) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20110118.003\NavEx15.Sys
2011/01/18 18:43:53.0609 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/01/18 18:43:53.0671 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/01/18 18:43:53.0718 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/01/18 18:43:53.0765 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/01/18 18:43:53.0828 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/01/18 18:43:53.0906 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/01/18 18:43:54.0000 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/01/18 18:43:54.0046 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/01/18 18:43:54.0109 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/01/18 18:43:54.0171 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/01/18 18:43:54.0328 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/01/18 18:43:54.0468 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/01/18 18:43:54.0656 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/01/18 18:43:54.0687 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/01/18 18:43:54.0765 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/01/18 18:43:54.0812 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/01/18 18:43:54.0875 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/01/18 18:43:55.0000 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/01/18 18:43:55.0078 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/01/18 18:43:55.0125 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/01/18 18:43:55.0281 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2011/01/18 18:43:55.0328 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2011/01/18 18:43:55.0421 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/01/18 18:43:55.0546 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/01/18 18:43:55.0578 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/01/18 18:43:55.0609 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/01/18 18:43:55.0671 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/01/18 18:43:55.0734 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2011/01/18 18:43:55.0781 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2011/01/18 18:43:55.0859 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2011/01/18 18:43:55.0968 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2011/01/18 18:43:56.0015 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2011/01/18 18:43:56.0062 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/01/18 18:43:56.0140 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/01/18 18:43:56.0234 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/01/18 18:43:56.0265 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/01/18 18:43:56.0359 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/01/18 18:43:56.0437 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/01/18 18:43:56.0515 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/01/18 18:43:56.0640 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/01/18 18:43:56.0703 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/01/18 18:43:56.0812 rimmptsk (24ed7af20651f9fa1f249482e7c1f165) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
2011/01/18 18:43:57.0031 SAVRT (21ba125b956a513f85f6ab1dd603f917) C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRT.SYS
2011/01/18 18:43:57.0046 SAVRTPEL (0f8e1c05fc1298f8e7cea935429f66ff) C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS
2011/01/18 18:43:57.0234 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/01/18 18:43:57.0296 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/01/18 18:43:57.0359 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/01/18 18:43:57.0406 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/01/18 18:43:57.0546 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
2011/01/18 18:43:57.0593 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
2011/01/18 18:43:57.0640 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/01/18 18:43:57.0734 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2011/01/18 18:43:57.0812 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/01/18 18:43:58.0000 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2011/01/18 18:43:58.0156 SPBBCDrv (16aa4657806e3ea423d7e9286e763016) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
2011/01/18 18:43:58.0343 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/01/18 18:43:58.0421 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/01/18 18:43:58.0578 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/01/18 18:43:58.0781 STHDA (8990440e4b2a7ca5a56a1833b03741fd) C:\WINDOWS\system32\drivers\sthda.sys
2011/01/18 18:43:58.0968 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/01/18 18:43:59.0031 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/01/18 18:43:59.0062 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/01/18 18:43:59.0140 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/01/18 18:43:59.0296 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/01/18 18:43:59.0343 SYMDNS (61a932f6e04c1d125659ec5f9a158cc1) C:\WINDOWS\System32\Drivers\SYMDNS.SYS
2011/01/18 18:43:59.0437 SymEvent (06b95820df51502099a8a15c93e87986) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
2011/01/18 18:43:59.0468 SYMFW (033a6a91aa4162540c1e39a0d5c563c8) C:\WINDOWS\System32\Drivers\SYMFW.SYS
2011/01/18 18:43:59.0500 SYMIDS (071f8c6c95d8b632e73dcdbf865d8e46) C:\WINDOWS\System32\Drivers\SYMIDS.SYS
2011/01/18 18:43:59.0718 SYMIDSCO (2133d1f879b280121b0e6a7d34b24a02) C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20110114.003\symidsco.sys
2011/01/18 18:43:59.0859 symlcbrd (b226f8a4d780acdf76145b58bb791d5b) C:\WINDOWS\system32\drivers\symlcbrd.sys
2011/01/18 18:43:59.0921 SYMNDIS (a6bbadd2472ffc5b6ce3198e13ee0e74) C:\WINDOWS\System32\Drivers\SYMNDIS.SYS
2011/01/18 18:43:59.0953 SYMREDRV (df5514802a2e0a478e29be2e33360807) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
2011/01/18 18:43:59.0984 SYMTDI (9da226bc68389fbd6ec0e01286e7639c) C:\WINDOWS\System32\Drivers\SYMTDI.SYS
2011/01/18 18:44:00.0062 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/01/18 18:44:00.0187 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/01/18 18:44:00.0265 SynTP (fa2daa32bed908023272a0f77d625dae) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2011/01/18 18:44:00.0328 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/01/18 18:44:00.0406 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/01/18 18:44:00.0562 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/01/18 18:44:00.0625 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/01/18 18:44:00.0687 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/01/18 18:44:00.0750 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2011/01/18 18:44:00.0843 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/01/18 18:44:00.0953 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2011/01/18 18:44:01.0046 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/01/18 18:44:01.0125 USBAAPL (60a68a5ea173a97971ee9f1ff49eb2b3) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/01/18 18:44:01.0250 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/01/18 18:44:01.0312 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/01/18 18:44:01.0359 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/01/18 18:44:01.0421 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/01/18 18:44:01.0531 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/01/18 18:44:01.0609 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/01/18 18:44:01.0656 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/01/18 18:44:01.0703 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/01/18 18:44:01.0765 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/01/18 18:44:01.0875 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
2011/01/18 18:44:01.0937 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/01/18 18:44:02.0000 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2011/01/18 18:44:02.0046 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/01/18 18:44:02.0140 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/01/18 18:44:02.0265 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/01/18 18:44:02.0406 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/01/18 18:44:02.0515 winachsf (ba6b6fb242a6ba4068c8b763063beb63) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
2011/01/18 18:44:02.0640 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/01/18 18:44:02.0734 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/01/18 18:44:02.0828 ================================================================================
2011/01/18 18:44:02.0828 Scan finished
2011/01/18 18:44:02.0828 ================================================================================


MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x00000004

Kernel Drivers (total 130):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806D0000 \WINDOWS\system32\hal.dll
0xF79C4000 \WINDOWS\system32\KDCOM.DLL
0xF78D4000 \WINDOWS\system32\BOOTVID.dll
0xF7395000 ACPI.sys
0xF79C6000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF7384000 pci.sys
0xF74C4000 isapnp.sys
0xF78D8000 compbatt.sys
0xF78DC000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xF7A8C000 pciide.sys
0xF7744000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF74D4000 MountMgr.sys
0xF7365000 ftdisk.sys
0xF774C000 PartMgr.sys
0xF78E0000 ACPIEC.sys
0xF7A8D000 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
0xF74E4000 VolSnap.sys
0xF734D000 atapi.sys
0xF74F4000 disk.sys
0xF7504000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF732D000 fltmgr.sys
0xF7514000 PxHelp20.sys
0xF7316000 KSecDD.sys
0xF7289000 Ntfs.sys
0xF725C000 NDIS.sys
0xF7242000 Mup.sys
0xF7614000 \SystemRoot\system32\DRIVERS\AmdK8.sys
0xF7974000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0xF7015000 \SystemRoot\system32\DRIVERS\ati2mtag.sys
0xF7001000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF6F99000 \SystemRoot\system32\DRIVERS\bcmwl5.sys
0xF77C4000 \SystemRoot\system32\DRIVERS\usbohci.sys
0xF6F75000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF77CC000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF6F4D000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF7624000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF77DC000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF6F1E000 \SystemRoot\system32\DRIVERS\SynTP.sys
0xF79D8000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF77E4000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF7634000 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
0xF6F0A000 \SystemRoot\system32\DRIVERS\sdbus.sys
0xF77EC000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0xF797C000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xF7BF6000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF7644000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF7980000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF6EF3000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF7654000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF7664000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF77F4000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF6EE2000 \SystemRoot\system32\DRIVERS\psched.sys
0xF7674000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF77FC000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF7804000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF7684000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF79DA000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF6E73000 \SystemRoot\system32\DRIVERS\ks.sys
0xF6E15000 \SystemRoot\system32\DRIVERS\update.sys
0xF7994000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF7694000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF76C4000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xEEC6A000 \SystemRoot\system32\DRIVERS\HSXHWAZL.sys
0xEEB73000 \SystemRoot\system32\DRIVERS\HSX_DPV.sys
0xEEABD000 \SystemRoot\system32\DRIVERS\HSX_CNXT.sys
0xF780C000 \SystemRoot\System32\Drivers\Modem.SYS
0xEE9AA000 \SystemRoot\system32\drivers\sthda.sys
0xEE986000 \SystemRoot\system32\drivers\portcls.sys
0xF76E4000 \SystemRoot\system32\drivers\drmk.sys
0xF71E4000 \SystemRoot\System32\Drivers\i2omgmt.SYS
0xEE45E000 \??\C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRT.SYS
0xEE439000 \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
0xEE425000 \??\C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS
0xF7A24000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7B0A000 \SystemRoot\System32\Drivers\Null.SYS
0xF7A34000 \SystemRoot\System32\Drivers\Beep.SYS
0xF7884000 \SystemRoot\System32\drivers\vga.sys
0xF7A3E000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7A40000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF788C000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF7894000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF6E05000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xEE293000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xEE23A000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xEE201000 \SystemRoot\System32\Drivers\SYMTDI.SYS
0xEE1B3000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF7544000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF7554000 \SystemRoot\System32\Drivers\SYMREDRV.SYS
0xF78A4000 \SystemRoot\System32\Drivers\SYMDNS.SYS
0xF7564000 \SystemRoot\System32\Drivers\SYMNDIS.SYS
0xEE18D000 \SystemRoot\System32\Drivers\SYMFW.SYS
0xF7574000 \SystemRoot\System32\Drivers\SYMIDS.SYS
0xEE146000 \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20110114.003\symidsco.sys
0xEE11E000 \SystemRoot\system32\DRIVERS\netbt.sys
0xEE0FC000 \SystemRoot\System32\drivers\afd.sys
0xF7584000 \SystemRoot\system32\DRIVERS\netbios.sys
0xEE0D1000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xEE061000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF75D4000 \SystemRoot\System32\Drivers\Fips.SYS
0xEE003000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
0xEDFE6000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
0xEDFCE000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF7A70000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xF6EDE000 \SystemRoot\System32\drivers\Dxapi.sys
0xF78C4000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7AC0000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\ati2dvag.dll
0xBF055000 \SystemRoot\System32\ati2cqag.dll
0xBF09D000 \SystemRoot\System32\atikvmag.dll
0xBF0E3000 \SystemRoot\System32\ati3duag.dll
0xBF34A000 \SystemRoot\System32\ativvaxx.dll
0xEBBBA000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xEB521000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xF79F6000 \SystemRoot\System32\Drivers\ASCTRM.SYS
0xEB88E000 \SystemRoot\system32\drivers\bcmwlnpf.sys
0xEB444000 \SystemRoot\system32\drivers\wdmaud.sys
0xEB87E000 \SystemRoot\system32\drivers\sysaudio.sys
0xF7A56000 \SystemRoot\system32\DRIVERS\dsunidrv.sys
0xEB068000 \SystemRoot\system32\DRIVERS\srv.sys
0xEB63A000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xF78AC000 \??\C:\WINDOWS\system32\drivers\symlcbrd.sys
0xF785C000 \SystemRoot\system32\DRIVERS\LVPr2Mon.sys
0xEE531000 \SystemRoot\System32\Drivers\HTTP.sys
0xB9E67000 \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20110118.003\NavEx15.Sys
0xB9E53000 \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20110118.003\NAVENG.Sys
0xB9E28000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 38):
0 System Idle Process
4 System
720 C:\WINDOWS\system32\smss.exe
776 csrss.exe
808 C:\WINDOWS\system32\winlogon.exe
852 C:\WINDOWS\system32\services.exe
864 C:\WINDOWS\system32\lsass.exe
1012 C:\WINDOWS\system32\ati2evxx.exe
1032 C:\WINDOWS\system32\svchost.exe
1104 svchost.exe
1144 C:\WINDOWS\system32\svchost.exe
1208 svchost.exe
1296 svchost.exe
1336 C:\WINDOWS\system32\ati2evxx.exe
1696 C:\WINDOWS\explorer.exe
1796 C:\Program Files\Common Files\Symantec Shared\CCPROXY.EXE
188 C:\WINDOWS\system32\WLTRYSVC.EXE
204 C:\WINDOWS\system32\BCMWLTRY.EXE
244 C:\WINDOWS\system32\spoolsv.exe
340 svchost.exe
416 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
436 C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
552 C:\Program Files\Bonjour\mDNSResponder.exe
1056 C:\WINDOWS\system32\ctfmon.exe
1064 C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
1256 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
1180 C:\WINDOWS\system32\dldtcoms.exe
1524 C:\Program Files\Java\jre6\bin\jqs.exe
1600 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
2004 C:\WINDOWS\system32\svchost.exe
2112 wdfmgr.exe
2152 C:\Program Files\Viewpoint\Common\ViewpointService.exe
2984 alg.exe
1548 C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
3720 C:\Program Files\iTunes\iTunes.exe
4032 C:\Program Files\iPod\bin\iPodService.exe
108 C:\Program Files\Mozilla Firefox\firefox.exe
2620 C:\Documents and Settings\Cate\My Documents\Downloads\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`04e71400 (NTFS)

PhysicalDrive0 Model Number: TOSHIBAMK6037GSX, Rev: DL340D

Size Device Name MBR Status
--------------------------------------------
55 GB \\.\PhysicalDrive0 Dell MBR code detected
SHA1: 57BDF501CE769EF2720C705B6C71C893DA31574E


Done!

#9 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:08:48 PM

Posted 19 January 2011 - 10:50 AM

Hi-

So far, I am not seeing any malware infections. Do you have the problems when you are connected to a network other than your home network?
Shannon

#10 ijones32

ijones32
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 19 January 2011 - 07:06 PM

Yes, the problems occur all the time no matter what network the computer is on.

#11 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:08:48 PM

Posted 20 January 2011 - 12:12 PM

Hi-

Well, that says the problem is not in the router - back to looking at your computer.

Download Combofix from either of the links below, and save it to your desktop. For information regarding this download, please visit this webpage: how-to-use-combofix

Link 1
Link 2

**Note: It is important that it is saved directly to your desktop**

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

How to Temporarily Disable your Anti-virusl


Double click on combofix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please copy the "C:\ComboFix.txt" into your reply.
Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall


In your reply, please copy in the contents of the ComboFix report.
Shannon

#12 ijones32

ijones32
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 21 January 2011 - 06:33 PM

Here is the Combofix log.


ComboFix 11-01-20.01 - Cate 01/20/2011 23:22:24.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.894.601 [GMT -5:00]
Running from: c:\documents and settings\Cate\Desktop\ComboFix.exe
FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Common Files\Uninstall
c:\program files\Common Files\Uninstall\PAV\Uninstall.lnk
c:\program files\Helper

.
((((((((((((((((((((((((( Files Created from 2010-12-21 to 2011-01-21 )))))))))))))))))))))))))))))))
.

2011-01-03 12:04 . 2008-04-14 00:12 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2011-01-03 12:04 . 2001-08-18 03:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2011-01-03 12:04 . 2008-04-14 00:12 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
2011-01-03 12:04 . 2001-08-18 03:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
2011-01-03 12:04 . 2001-08-18 03:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
2011-01-03 12:04 . 2001-08-18 03:37 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
2011-01-03 12:02 . 2001-08-17 17:10 35871 ----a-w- c:\windows\system32\dllcache\wbfirdma.sys
2011-01-03 12:01 . 2001-08-17 18:28 765884 ----a-w- c:\windows\system32\dllcache\usrti.sys
2011-01-03 12:00 . 2001-08-17 18:58 22912 ----a-w- c:\windows\system32\dllcache\umaxpcls.sys
2011-01-03 11:59 . 2001-08-18 03:36 31744 ----a-w- c:\windows\system32\dllcache\tp4.dll
2011-01-03 11:58 . 2001-08-17 19:56 172768 ----a-w- c:\windows\system32\dllcache\t2r4disp.dll
2011-01-03 11:58 . 2001-08-18 03:36 94293 ----a-w- c:\windows\system32\dllcache\sxports.dll
2011-01-03 11:58 . 2001-08-17 18:50 103936 ----a-w- c:\windows\system32\dllcache\sx.sys
2011-01-03 11:58 . 2001-08-17 19:02 3968 ----a-w- c:\windows\system32\dllcache\swusbflt.sys
2011-01-03 11:58 . 2001-08-18 03:36 10240 ----a-w- c:\windows\system32\dllcache\swpidflt.dll
2011-01-03 11:58 . 2001-08-18 03:36 10240 ----a-w- c:\windows\system32\dllcache\swpdflt2.dll
2011-01-03 11:58 . 2001-08-18 03:36 53760 ----a-w- c:\windows\system32\dllcache\sw_wheel.dll
2011-01-03 11:58 . 2001-08-18 03:36 41472 ----a-w- c:\windows\system32\dllcache\sw_effct.dll
2011-01-03 11:58 . 2001-08-18 03:36 155648 ----a-w- c:\windows\system32\dllcache\stlnprop.dll
2011-01-03 11:58 . 2001-08-18 03:36 53248 ----a-w- c:\windows\system32\dllcache\stlncoin.dll
2011-01-03 11:58 . 2001-08-17 17:18 285760 ----a-w- c:\windows\system32\dllcache\stlnata.sys
2011-01-03 11:58 . 2001-08-17 18:51 16896 ----a-w- c:\windows\system32\dllcache\stcusb.sys
2011-01-03 11:58 . 2001-08-17 17:11 48736 ----a-w- c:\windows\system32\dllcache\srwlnd5.sys
2011-01-03 11:56 . 2001-08-17 17:12 24576 ----a-w- c:\windows\system32\dllcache\smc8000n.sys
2011-01-03 11:55 . 2001-08-17 19:56 252032 ----a-w- c:\windows\system32\dllcache\sis300iv.dll
2011-01-03 11:54 . 2001-08-17 18:51 16640 ----a-w- c:\windows\system32\dllcache\scmstcs.sys
2011-01-03 11:53 . 2001-08-17 18:57 65664 ----a-w- c:\windows\system32\dllcache\s3legacy.sys
2011-01-03 11:52 . 2001-08-17 18:28 714762 ----a-w- c:\windows\system32\dllcache\r2mdmkxx.sys
2011-01-03 11:51 . 2001-08-18 03:36 121344 ----a-w- c:\windows\system32\dllcache\phvfwext.dll
2011-01-03 11:50 . 2001-08-18 03:36 44544 ----a-w- c:\windows\system32\dllcache\ovui2.dll
2011-01-03 11:49 . 2001-08-17 17:49 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
2011-01-03 11:48 . 2001-08-17 17:11 52255 ----a-w- c:\windows\system32\dllcache\n1000nt5.sys
2011-01-03 11:47 . 2001-08-17 18:48 12160 ----a-w- c:\windows\system32\dllcache\mouhid.sys
2011-01-03 11:46 . 2004-08-04 02:41 420992 ----a-w- c:\windows\system32\dllcache\ltmdmntt.sys
2011-01-03 11:45 . 2008-04-14 00:09 6144 ----a-w- c:\windows\system32\dllcache\kbd106.dll
2011-01-03 11:44 . 2001-08-18 03:36 372824 ----a-w- c:\windows\system32\dllcache\iconf32.dll
2011-01-03 11:43 . 2001-08-17 18:28 44863 ----a-w- c:\windows\system32\dllcache\hsf_soar.sys
2011-01-03 11:42 . 2001-08-18 03:36 123392 ----a-w- c:\windows\system32\dllcache\hpgt21tk.dll
2011-01-03 11:41 . 2001-08-17 17:13 27165 ----a-w- c:\windows\system32\dllcache\fetnd5.sys
2011-01-03 11:40 . 2001-08-17 18:50 114944 ----a-w- c:\windows\system32\dllcache\epstw2k.sys
2011-01-03 11:39 . 2001-08-18 03:36 6216 ----a-w- c:\windows\system32\dllcache\divaci.dll
2011-01-03 11:38 . 2001-08-18 03:36 28672 ----a-w- c:\windows\system32\dllcache\cyycoins.dll
2011-01-03 11:37 . 2001-08-17 19:04 171264 ----a-w- c:\windows\system32\dllcache\camdrv30.sys
2011-01-03 11:36 . 2001-08-17 17:49 26624 ----a-w- c:\windows\system32\dllcache\ativxbar.sys
2011-01-02 20:56 . 2011-01-02 20:56 -------- d-----w- c:\documents and settings\Cate\Application Data\Logitech
2011-01-02 20:15 . 2009-10-07 08:48 539160 ----a-r- c:\windows\system32\LVUI2RC.dll
2011-01-02 20:15 . 2009-10-07 08:48 539160 ----a-r- c:\windows\system32\LVUI2.dll
2011-01-02 20:15 . 2009-10-07 08:49 6756632 ----a-r- c:\windows\system32\drivers\lvuvc.sys
2011-01-02 20:15 . 2009-10-07 08:43 416280 ----a-r- c:\windows\system32\lvcodec2.dll
2011-01-02 20:14 . 2009-10-07 08:47 266008 ----a-r- c:\windows\system32\drivers\lvrs.sys
2011-01-02 20:14 . 2009-10-07 08:43 199192 ----a-w- c:\windows\system32\lvci12101110.dll
2011-01-02 20:14 . 2009-10-07 08:24 34068 ----a-r- c:\windows\system32\Repository.reg
2011-01-02 20:13 . 2009-10-07 08:49 23832 ----a-r- c:\windows\system32\drivers\lvuvcflt.sys
2011-01-02 20:12 . 2011-01-02 20:15 -------- d-----w- c:\program files\Common Files\LogiShrd
2011-01-02 20:11 . 2011-01-02 20:11 -------- d-----w- c:\program files\Logitech
2011-01-01 17:23 . 2011-01-01 17:23 -------- d-----w- c:\documents and settings\Cate\Local Settings\Application Data\LogiShrd
2011-01-01 17:22 . 2011-01-01 17:22 -------- d-----w- c:\documents and settings\Cate\Application Data\Leadertech
2011-01-01 17:18 . 2011-01-02 20:57 -------- d-----w- c:\documents and settings\All Users\Application Data\LogiShrd
2011-01-01 16:09 . 2008-04-13 18:45 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2011-01-01 16:09 . 2008-04-13 18:45 60032 ----a-w- c:\windows\system32\dllcache\usbaudio.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 18:12 . 2004-08-10 18:02 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52 . 2004-08-10 17:51 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:26 . 2004-08-10 17:51 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:26 . 2004-08-10 17:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26 . 2004-08-10 17:51 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2004-08-10 17:51 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2004-08-10 17:51 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:13 . 2004-08-10 17:50 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25 . 2004-08-10 17:51 1853312 ----a-w- c:\windows\system32\win32k.sys
2009-05-08 01:45 . 2009-05-08 01:45 284000 ----a-w- c:\program files\npmusicn.dll
2009-05-08 01:45 . 2009-05-08 01:45 284000 ----a-w- c:\program files\hannah.dll
2008-08-16 22:42 . 2008-08-16 22:42 13112 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
2008-08-16 22:42 . 2008-08-16 22:42 70456 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
2008-08-16 22:42 . 2008-08-16 22:42 91448 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
2008-08-16 22:42 . 2008-08-16 22:42 20800 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
2008-08-16 22:43 . 2008-08-16 22:43 206136 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
2008-08-16 22:42 . 2008-08-16 22:42 31032 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll
2008-08-16 22:42 . 2008-08-16 22:42 40248 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
2008-05-21 13:41 . 2008-05-21 13:41 479232 ----a-w- c:\program files\mozilla firefox\plugins\msvcm80.dll
2008-05-21 13:41 . 2008-05-21 13:41 548864 ----a-w- c:\program files\mozilla firefox\plugins\msvcp80.dll
2008-05-21 13:41 . 2008-05-21 13:41 626688 ----a-w- c:\program files\mozilla firefox\plugins\msvcr80.dll
2008-06-05 18:58 . 2008-06-05 18:58 648504 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
2008-08-16 22:42 . 2008-08-16 22:42 23864 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-24 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 90112]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Cate^Start Menu^Programs^Startup^Logitech . Product Registration.lnk]
path=c:\documents and settings\Cate\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
backup=c:\windows\pss\Logitech . Product Registration.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Cate^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\Cate\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
2005-12-19 20:08 1347584 ----a-w- c:\windows\system32\WLTRAY.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2007-03-15 17:09 460784 ----a-w- c:\program files\DellSupport\DSAgnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2005-12-10 01:29 49152 ------w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-05-30 16:30 292136 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
2009-10-14 18:36 2793304 ----a-w- c:\program files\Logitech\Logitech WebCam Software\LWS.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-04-29 20:39 1090952 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 21:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
2006-09-22 16:06 282624 ----a-w- c:\windows\stsystra.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-12-03 21:46 14944136 ----a-r- c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 15:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-08-24 00:17 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2006-09-22 16:47 761947 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\WINDOWS\\system32\\dldtcoms.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\dldtpswx.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\dldttime.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\dldtjswx.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 dldt_device;dldt_device;c:\windows\system32\dldtcoms.exe -service --> c:\windows\system32\dldtcoms.exe -service [?]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [9/27/2008 4:16 PM 24652]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/13/2010 3:53 PM 135664]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [1/1/2011 2:46 PM 102448]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.facebook.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3070815
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
DPF: {9C196458-4145-46AF-8A77-1506878DFECA} - hxxp://www1.sdhc.k12.fl.us/ClientDownloads/fcplugin.cab
FF - ProfilePath - c:\documents and settings\Cate\Application Data\Mozilla\Firefox\Profiles\xxzauwvx.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Move Media Player: moveplayer@movenetworks.com - c:\documents and settings\Cate\Application Data\Move Networks
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-ccApp - c:\program files\Common Files\Symantec Shared\ccApp.exe
MSConfigStartUp-ModemOnHold - c:\program files\NetWaiting\netWaiting.exe
MSConfigStartUp-URLLSTCK - c:\program files\Norton Internet Security\UrlLstCk.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-20 23:26
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(788)
c:\windows\system32\Ati2evxx.dll
c:\windows\System32\BCMLogon.dll
.
Completion time: 2011-01-20 23:28:44
ComboFix-quarantined-files.txt 2011-01-21 04:28

Pre-Run: 35,285,000,192 bytes free
Post-Run: 37,384,900,608 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - F53E6D3A687BBD86B8EC30C074EAD9DC

#13 Shannon2012

Shannon2012

  • Security Colleague
  • 3,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:08:48 PM

Posted 22 January 2011 - 07:00 AM

Hi-

Thank you for the ComboFix report. Is your computer running any better?

Please do an online scan with Kaspersky WebScanner

You might be prompted to install an ActiveX component from Kaspersky, if so, click Yes.

  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make sure that the following are selected:
    • Scan using the following Anti-Virus database:

      Extended (if available otherwise Standard)

    • Scan Options:

      Scan Archives
      Scan Mail Bases

  • Click OK
  • Now under select a target to scan:

    Select My Computer

  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
  • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste the output report into your reply

Next, please run Malwarebytes' Anti-Malware (MBAM)
  • Click on the Update tab and click the Check for Updates button.
  • When the update is finished, click on the Scanner tab.
  • Select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy & Paste the entire report in your next reply.

In your reply, please copy in the contents of the Kaspersky WebScanner report and the MBAM report. Also, let me know how your computer is running.
Shannon

#14 ijones32

ijones32
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 23 January 2011 - 09:50 PM

I could not get the Kaspersky scan to run. An error message popped up after downloading about half of the components saying something about a license being expired. However, I did get the ESET scan to run and have the log for that which I will post below. I also completed the MBAM scan and will post that too.

C:\Documents and Settings\All Users\Application Data\AOL Downloads\triton_suite_install\6.1.41.2\setup.exe probably a variant of Win32/Agent.HZHBURL trojan cleaned by deleting - quarantined
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1\A0001208.exe probably a variant of Win32/Agent.HZHBURL trojan cleaned by deleting - quarantined




Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5584

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

1/23/2011 9:40:15 PM
mbam-log-2011-01-23 (21-40-15).txt

Scan type: Full scan (C:\|)
Objects scanned: 196554
Time elapsed: 33 minute(s), 20 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#15 ijones32

ijones32
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:07:48 PM

Posted 23 January 2011 - 10:00 PM

Also the computer is still running rather choppy. Internet browsers are still sluggish and freeze when too much activity is going on. Pages and content load slowly sometimes. Overall, little improvement has been made. The typing speed has become significantly better though.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users