Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I still infected with Trojan-Downloader.Win32.Lukicsel.A or another trojan, or is system slowness due to loss of video card driver?


  • This topic is locked This topic is locked
17 replies to this topic

#1 SoCalBob55

SoCalBob55

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Local time:01:32 AM

Posted 27 March 2011 - 04:59 PM

All -

Thanks in advance for your help.

Some background. Last Wednesday, I hit a website from a Google search and got a suspicious message to launch an anti-virus program that I didn't recognize. I tried to run an anti-virus program I own (I think it was Webroot Spysweeper), but it froze after an hour, and everything on the system slowed to a crawl.

Guessing that I was seriously infected, I immediately used restart to shut down the computer and reboot to my D partition that has a different installation of Windows so that I could take a look and run some anti-virus and anti-malware programs. I had to shut down processes because the system was not allowing me to shut down Spysweeper.

I ran AdAware and MalwareBytes, which produced the logs farther below (shown after the requested DDS logs). Since two of the messages indicating removal of an infection mention Spysweeper, I wonder if it didn't infect that program while it was running.

Since I've been through something a bit like this in 2007 and worked with Bleeping Computer to resolve it, I did as instructed in the Preparation Guide, but also ran several existing apps, like:

Anti-virus -
Avast
Malware Bytes
Spysweeper
AdAware
SuperAntiSpyware

Misc -
ADS Spy v.1.11
TDSSKiller
RKILL
GMER
HijackThis

IMPORTANT - I THINK WHAT MIGHT BE CAUSING MY SYSTEM SLOWNESS NOW (WINDOWS PAINTING IN A JAGGED FASHION AS I MOVE THEM AND SCREENS REDRAWING VERY SLOWING AS I PAGE DOWN IN APPS AND BROWSERS) IS THE FACT THAT TDSSKILLER DELETED ONE OF MY NVIDEA DRIVERS, AND AS A RESULT, I GET THE GENERIC DRIVER WHEN I REBOOT. EVEN WHEN I TRIED TO COPY THE .SYS FILE BACK, IT WOULDN'T LOAD. HERE'S THE END OF THE LOG FROM TDSSKILLER:

2011/03/26 17:44:59.0886 2612 Detected object count: 1
2011/03/26 17:45:17.0668 2612 nv (a52d6a26c65aecdd802d6524b9d07f3a) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/03/26 17:45:17.0824 2612 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\nv4_mini.sys. Real md5: a52d6a26c65aecdd802d6524b9d07f3a, Fake md5: 88d8f8d4c3243e0bb0ed57496868e52e
2011/03/26 17:45:17.0996 2612 C:\WINDOWS\system32\DRIVERS\nv4_mini.sys - copied to quarantine
2011/03/26 17:45:18.0746 2612 Forged file(nv) - User select action: Quarantine

Here is the DDS log, and attached is the Attach file (zipped).

See below this for several other log files from the other programs.

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Robert Weil at 7:40:05.34 on Sat 03/26/2011
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.868 [GMT -7:00]
.
AV: Spy Sweeper with AntiVirus *Enabled/Updated* {B3891867-7230-459B-9987-E7CCFA7A7D1D}
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Kaspersky Anti-Virus 6.0 *Disabled/Outdated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\WTouch\WTouchService.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\WTouch\WTouchUser.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\msdtc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\dvd43\dvd43_tray.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
E:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\nlssrv32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WePrint\WePrint Server.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
C:\Program Files\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\StorageCraft\ImageManager\ImageManager.exe
C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
C:\WINDOWS\system32\Pen_Tablet.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\dwwin.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\vsnapvss.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
N:\Bleeping\Defogger.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
N:\Bleeping\RootKitKiller\tdsskiller.exe
N:\Bleeping\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q306&bd=pavilion&pf=laptop
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q306&bd=pavilion&pf=laptop
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: PCTools Site Guard: {5c8b2a36-3db1-42a4-a3cb-d426709bbfeb} - c:\progra~1\spywar~1\tools\iesdsg.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {D593DE91-7B41-45C2-830E-E9A99AB142AA} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
EB: {E69657FF-19AC-4849-BF35-91243EEF1687} - No File
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
uRun: [Snte] "c:\windows\system32\sks~1\msconfig.exe" -vt ndrv
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\isuspm.exe" -scheduler
uRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
uRun: [SUPERAntiSpyware] "e:\program files\superantispyware\SUPERAntiSpyware.exe"
mRun: [hpWirelessAssistant] "c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe"
mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] "RUNDLL32.EXE" c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [nwiz] "nwiz.exe" /installquiet /nodetect
mRun: [MsmqIntCert] regsvr32 /s mqrt.dll
mRun: [SynTPEnh] "c:\program files\synaptics\syntp\SynTPEnh.exe"
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [QlbCtrl] "c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe" /Start
mRun: [Cpqset] "c:\program files\hpq\default settings\cpqset.exe"
mRun: [NeroFilterCheck] "c:\program files\common files\ahead\lib\NeroCheck.exe"
mRun: [TotalRecorderScheduler] "c:\program files\highcriteria\totalrecorder\TotRecSched.exe"
mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"
mRun: [DXDllRegExe] c:\windows\system32\dxdllreg.exe
mRun: [RoxioEngineUtility] "c:\program files\common files\roxio shared\system\EngUtil.exe"
mRun: [kav] "c:\program files\kaspersky lab\kaspersky anti-virus 6.0\avp.exe"
mRun: [dvd43] "c:\program files\dvd43\dvd43_tray.exe"
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [MSConfig] "c:\windows\pchealth\helpctr\binaries\MSConfig.exe" /auto
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
mRun: [Nikon Message Center 2] "c:\program files\nikon\nikon message center 2\NkMC2.exe" -s
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [SpySweeper] c:\program files\webroot\spy sweeper\SpySweeperUI.exe /startintray
StartupFolder: c:\docume~1\robert~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\robert~1\startm~1\programs\startup\openof~1.lnk - o:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\robert~1\startm~1\programs\startup\weprin~1.lnk - c:\weprint\WePrint Server.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-0000-ba7e-000000000002}\SC_Acrobat.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\epsons~1.lnk - c:\windows\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Namo SWF Catcher - c:\program files\common files\sourcetec\swf catcher\InternetExplorer.htm
IE: Send To &Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Sothink SWF Catcher - c:\program files\common files\sourcetec\swf catcher\InternetExplorer.htm
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - c:\program files\common files\sourcetec\swf catcher\InternetExplorer.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky anti-virus 6.0\scieplugin.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~3\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~3\INetRepl.dll
IE: {36ECAF82-3300-8F84-092E-AFF36D6C7040} - {86529161-034E-4F8A-88D2-3C625E612E04} - c:\program files\winhttrack\WinHTTrackIEBar.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1263530833636
DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - hxxp://mediaplayer.walmart.com/installer/install.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Notify: cryptnet32 - cryptnet32.dll
Notify: klogon - c:\windows\system32\klogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\robert~1\applic~1\mozilla\firefox\profiles\1ie5u3vs.default\
FF - prefs.js: browser.startup.homepage - hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q306&bd=pavilion&pf=laptop
FF - component: c:\documents and settings\robert weil\application data\mozilla\firefox\profiles\1ie5u3vs.default\extensions\{0b457caa-602d-484a-8fe7-c1d894a011ba}\platform\winnt_x86-msvc\components\SSSLauncher.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdbplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\tabletplugins\npwacom.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Web Developer: {c45c406e-ab73-11d8-be73-000a95be3b12} - %profile%\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: FireShot: {0b457cAA-602d-484a-8fe7-c1d894a011ba} - %profile%\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
.
============= SERVICES / DRIVERS ===============
.
R0 IKFileSec;File Security Driver;c:\windows\system32\drivers\ikfilesec.sys [2008-10-7 40840]
R0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2006-2-13 20699]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-3-25 64512]
R0 stcvsm;stcvsm;c:\windows\system32\drivers\stcvsm.sys [2010-2-20 182048]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-3-25 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-3-25 301528]
R1 IKSysFlt;System Filter Driver;c:\windows\system32\drivers\iksysflt.sys [2008-10-7 66952]
R1 IKSysSec;System Security Driver;c:\windows\system32\drivers\iksyssec.sys [2008-10-7 81288]
R1 klif;Klif;c:\windows\system32\drivers\klif.sys [2006-11-5 162064]
R1 SASDIFSV;SASDIFSV;e:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;e:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R1 sbmount;StorageCraft Image Mount Driver;c:\windows\system32\drivers\sbmount.sys [2010-2-20 102560]
R1 SWIPsec;SonicWALL IPsec Driver;c:\windows\system32\drivers\SWIPsec.sys [2009-10-7 87064]
R2 aawservice;Ad-Aware 2007 Service;c:\program files\lavasoft\ad-aware 2007\aawservice.exe [2007-7-6 561152]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2004-8-4 14336]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-3-25 19544]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-3-25 42184]
R2 AVP;Kaspersky Anti-Virus 6.0;c:\program files\kaspersky lab\kaspersky anti-virus 6.0\avp.exe [2006-3-24 139367]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-3-22 1405384]
R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [2010-12-23 66560]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2008-10-7 356920]
R2 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2008-10-7 1079176]
R2 ShadowProtectSvc;ShadowProtect Service;c:\program files\storagecraft\shadowprotect\ShadowProtectSvc.exe [2010-2-20 3631648]
R2 StorageCraft Image Manager;StorageCraft Image Manager;c:\program files\storagecraft\imagemanager\ImageManager.exe [2009-12-17 102400]
R2 SWGVCSvc;SonicWALL Global VPN Client Service;c:\program files\sonicwall\sonicwall global vpn client\SWGVCSvc.exe [2009-3-5 227352]
R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2009-9-26 4410152]
R2 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe [2009-10-4 4463400]
R2 VSNAPVSS;StorageCraft Shadow Copy Provider;c:\windows\system32\vsnapvss.exe [2010-2-20 67616]
R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine;c:\program files\webroot\spy sweeper\SpySweeper.exe [2007-10-27 3572592]
R2 WTouchService;WTouch Service;c:\program files\wtouch\WTouchService.exe [2009-9-26 112936]
S0 Mdno50;Mdno50; [x]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;o:\program files\adobe\elements 9 organizer\photoshopelementsfileagent.exe --> o:\program files\adobe\elements 9 organizer\PhotoshopElementsFileAgent.exe [?]
S3 SASENUM;SASENUM;e:\program files\superantispyware\SASENUM.SYS [2010-2-17 12872]
S3 scsiscan;SCSI Scanner Driver;c:\windows\system32\drivers\scsiscan.sys [2010-5-31 10880]
S3 SWVNIC;SonicWALL Virtual Miniport;c:\windows\system32\drivers\SWVNIC.sys [2009-3-4 21016]
.
=============== Created Last 30 ================
.
2011-03-26 05:23:48 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-03-26 04:48:09 -------- d-----w- c:\docume~1\robert~1\applic~1\Malwarebytes
2011-03-26 03:00:03 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-03-26 02:59:40 40648 ----a-w- c:\windows\avastSS.scr
2011-03-26 02:59:31 -------- d-----w- c:\program files\AVAST Software
2011-03-26 02:59:31 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVAST Software
2011-03-26 02:59:12 -------- dc-h--w- c:\docume~1\alluse~1\applic~1\{FE41BDC7-CD33-4350-8A15-26EFBE20A0FE}
2011-03-26 02:36:59 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-26 02:36:58 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2011-03-26 02:36:55 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-26 02:36:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-03-22 04:30:32 31728 ----a-w- c:\windows\dbrmdwb.exe
2011-03-22 04:30:32 26 ----a-w- c:\windows\dbrmdwb.bat
2011-03-22 04:30:31 245840 ----a-w- c:\windows\system32\DNLEng.dll
2011-03-22 04:30:30 2327704 ----a-w- c:\windows\dbplugin.ocx
2011-03-22 04:30:29 894616 ----a-w- c:\windows\dbplugin.exe
2011-03-22 04:30:28 2179072 ----a-w- c:\program files\mozilla firefox\plugins\npdbplug.dll
2011-03-22 04:30:26 2179072 ----a-w- c:\windows\npdbplug.dll
2011-03-16 04:25:23 -------- d-----w- c:\docume~1\alluse~1\applic~1\espionServerData
2011-03-15 16:02:57 -------- d-----w- c:\docume~1\robert~1\applic~1\OpenOffice.org
2011-03-15 15:53:30 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-15 15:53:30 472808 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2011-03-15 15:51:42 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-03-15 14:32:53 -------- d-----w- c:\program files\NCH Software
2011-03-15 14:32:49 -------- d-----w- c:\docume~1\robert~1\applic~1\NCH Software
2011-03-15 04:10:05 -------- d-----w- c:\docume~1\robert~1\applic~1\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-03-15 03:27:13 -------- d-----w- c:\docume~1\alluse~1\applic~1\regid.1986-12.com.adobe
2011-03-15 03:11:00 -------- d-----w- c:\docume~1\alluse~1\applic~1\SmartSound Software Inc
2011-03-15 03:10:56 -------- d-----w- c:\program files\SmartSound Software
2011-03-15 02:18:35 -------- d-----w- c:\program files\common files\Akamai
.
==================== Find3M ====================
.
2011-03-15 03:20:06 297285 ----a-w- c:\windows\system32\shimg.dll
.
============= FINISH: 7:47:48.71 ===============

Note that I clearly have a driver issue for my video card (also for my USB drive - not sure where that happened):
Posted Image

Note the datastream logger output - I haven't deleted anything here - should I?:
Posted Image

Thank you for any assistance you can provide in determining whether I am still infected, or simply need to correct the video driver issue (and an idea of how to do so).

SoCalBob55


TDSS Killer log.

2011/03/26 17:43:18.0558 5904 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/03/26 17:43:18.0668 5904 ================================================================================
2011/03/26 17:43:18.0668 5904 SystemInfo:
2011/03/26 17:43:18.0668 5904
2011/03/26 17:43:18.0668 5904 OS Version: 5.1.2600 ServicePack: 2.0
2011/03/26 17:43:18.0668 5904 Product type: Workstation
2011/03/26 17:43:18.0668 5904 ComputerName: BOBSLAPTOP
2011/03/26 17:43:18.0668 5904 UserName: Robert Weil
2011/03/26 17:43:18.0668 5904 Windows directory: C:\WINDOWS
2011/03/26 17:43:18.0668 5904 System windows directory: C:\WINDOWS
2011/03/26 17:43:18.0668 5904 Processor architecture: Intel x86
2011/03/26 17:43:18.0668 5904 Number of processors: 2
2011/03/26 17:43:18.0668 5904 Page size: 0x1000
2011/03/26 17:43:18.0668 5904 Boot type: Normal boot
2011/03/26 17:43:18.0668 5904 ================================================================================
2011/03/26 17:43:33.0886 5904 Initialize success
2011/03/26 17:43:54.0980 4908 ================================================================================
2011/03/26 17:43:54.0980 4908 Scan started
2011/03/26 17:43:54.0980 4908 Mode: Manual;
2011/03/26 17:43:54.0980 4908 ================================================================================
2011/03/26 17:43:55.0340 4908 61883 (86d7b1e70661d754685b9ac6d749aae5) C:\WINDOWS\system32\DRIVERS\61883.sys
2011/03/26 17:43:55.0386 4908 Aavmker4 (83631291adf2887cffc786d034d3fa15) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/03/26 17:43:55.0527 4908 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2011/03/26 17:43:55.0574 4908 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/03/26 17:43:55.0605 4908 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/03/26 17:43:55.0683 4908 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/03/26 17:43:55.0777 4908 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
2011/03/26 17:43:55.0824 4908 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys
2011/03/26 17:43:55.0902 4908 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/03/26 17:43:55.0933 4908 agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2011/03/26 17:43:55.0980 4908 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2011/03/26 17:43:56.0027 4908 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/03/26 17:43:56.0074 4908 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/03/26 17:43:56.0152 4908 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2011/03/26 17:43:56.0199 4908 alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2011/03/26 17:43:56.0230 4908 amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2011/03/26 17:43:56.0277 4908 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2011/03/26 17:43:56.0340 4908 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/03/26 17:43:56.0371 4908 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2011/03/26 17:43:56.0402 4908 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2011/03/26 17:43:56.0449 4908 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2011/03/26 17:43:56.0511 4908 Aspi32 (5b01af89d16d562825c4db4530f20cbb) C:\WINDOWS\system32\drivers\Aspi32.sys
2011/03/26 17:43:56.0574 4908 aswFsBlk (1c2e6bb4fe8621b1b863855b02bc33eb) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/03/26 17:43:56.0590 4908 aswMon2 (452d0ecd14fa02f9b061f42c8a30dd49) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/03/26 17:43:56.0636 4908 aswRdr (b6a9373619d851be80fb5f1b5eed0d4e) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/03/26 17:43:56.0683 4908 aswSnx (9be41c1ae8bc481eb662d85c98d979c2) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/03/26 17:43:56.0746 4908 aswSP (4b1a54ba2bc5873a774df6b70ab8b0b3) C:\WINDOWS\system32\drivers\aswSP.sys
2011/03/26 17:43:56.0808 4908 aswTdi (c7f1cea32766184911293f4e1ee653f5) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/03/26 17:43:56.0855 4908 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/03/26 17:43:56.0902 4908 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/03/26 17:43:56.0949 4908 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/03/26 17:43:57.0011 4908 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/03/26 17:43:57.0105 4908 Avc (87c223adb8f7596b31caae3c67b16ddd) C:\WINDOWS\system32\DRIVERS\avc.sys
2011/03/26 17:43:57.0183 4908 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/03/26 17:43:57.0371 4908 BTKRNL (5c3807e7768023a1229c73296758a361) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
2011/03/26 17:43:57.0496 4908 BTWUSB (7024e11dab9410b31a37547575249dd7) C:\WINDOWS\system32\Drivers\btwusb.sys
2011/03/26 17:43:57.0558 4908 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2011/03/26 17:43:57.0605 4908 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/03/26 17:43:57.0699 4908 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/03/26 17:43:57.0761 4908 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2011/03/26 17:43:57.0824 4908 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/03/26 17:43:57.0886 4908 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/03/26 17:43:57.0965 4908 Cdr4_xp (c3e76b0c05ebf7261abfb08d9e75822e) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
2011/03/26 17:43:58.0074 4908 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/03/26 17:43:58.0230 4908 CmBatt (4266be808f85826aedf3c64c1e240203) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/03/26 17:43:58.0277 4908 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2011/03/26 17:43:58.0340 4908 Compbatt (df1b1a24bf52d0ebc01ed4ece8979f50) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/03/26 17:43:58.0433 4908 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2011/03/26 17:43:58.0543 4908 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2011/03/26 17:43:58.0621 4908 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2011/03/26 17:43:58.0730 4908 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/03/26 17:43:58.0855 4908 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
2011/03/26 17:43:58.0933 4908 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
2011/03/26 17:43:58.0996 4908 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/03/26 17:43:59.0105 4908 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2011/03/26 17:43:59.0215 4908 DNE (b5aa5aa5ac327bd7c1aec0c58f0c1144) C:\WINDOWS\system32\DRIVERS\dne2000.sys
2011/03/26 17:43:59.0293 4908 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/03/26 17:43:59.0386 4908 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/03/26 17:43:59.0465 4908 dvd43llh (1fc1eed3ea0c3a0ecf8a95b97e1b4831) C:\WINDOWS\system32\DRIVERS\dvd43llh.sys
2011/03/26 17:43:59.0558 4908 E100B (6ca101f9aa3d845ba31f6e13c01301a8) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/03/26 17:43:59.0621 4908 eabfiltr (b5cb3084046146fd2587d8c9b219feb4) C:\WINDOWS\system32\DRIVERS\eabfiltr.sys
2011/03/26 17:43:59.0699 4908 eabusb (231f4547ae1e4b3e60eca66c3a96d218) C:\WINDOWS\system32\DRIVERS\eabusb.sys
2011/03/26 17:43:59.0824 4908 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/03/26 17:43:59.0902 4908 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys
2011/03/26 17:43:59.0980 4908 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
2011/03/26 17:44:00.0043 4908 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/03/26 17:44:00.0121 4908 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/03/26 17:44:00.0230 4908 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/03/26 17:44:00.0293 4908 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/03/26 17:44:00.0355 4908 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2011/03/26 17:44:00.0465 4908 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/03/26 17:44:00.0558 4908 HBtnKey (4d4d97671c63c3af869b3518e6054204) C:\WINDOWS\system32\DRIVERS\cpqbttn.sys
2011/03/26 17:44:00.0652 4908 HdAudAddService (bb42bb78bbbc1e83292ef26973598daf) C:\WINDOWS\system32\drivers\CHDAud.sys
2011/03/26 17:44:00.0761 4908 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/03/26 17:44:00.0886 4908 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/03/26 17:44:00.0965 4908 HPFXBULK (299683d4c8aaa3f6f5d5d226a1782a6e) C:\WINDOWS\system32\drivers\hpfxbulk.sys
2011/03/26 17:44:01.0058 4908 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2011/03/26 17:44:01.0199 4908 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/03/26 17:44:01.0246 4908 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/03/26 17:44:01.0308 4908 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/03/26 17:44:01.0433 4908 HSFHWAZL (89e256c5f5346be265d9f86ac8625d4f) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
2011/03/26 17:44:01.0543 4908 HSF_DPV (0e44af3828111d4c3e73c33ac95226d8) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
2011/03/26 17:44:01.0699 4908 HTTP (c19b522a9ae0bbc3293397f3055e80a1) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/03/26 17:44:01.0793 4908 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys
2011/03/26 17:44:01.0855 4908 i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2011/03/26 17:44:01.0933 4908 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/03/26 17:44:02.0074 4908 iaStor (309c4d86d989fb1fcf64bd30dc81c51b) C:\WINDOWS\system32\DRIVERS\iaStor.sys
2011/03/26 17:44:02.0215 4908 IKFileSec (ff9f262494fc23d77a6148d49d87d2de) C:\WINDOWS\system32\drivers\ikfilesec.sys
2011/03/26 17:44:02.0293 4908 IKSysFlt (7e359671fd9595ecb1b0a33fb4184b19) C:\WINDOWS\system32\drivers\iksysflt.sys
2011/03/26 17:44:02.0355 4908 IKSysSec (a44cb3cf3af266665261a6e6c9cac27c) C:\WINDOWS\system32\drivers\iksyssec.sys
2011/03/26 17:44:02.0418 4908 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/03/26 17:44:02.0511 4908 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2011/03/26 17:44:02.0621 4908 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/03/26 17:44:02.0683 4908 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/03/26 17:44:02.0808 4908 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/03/26 17:44:02.0886 4908 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/03/26 17:44:02.0980 4908 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/03/26 17:44:03.0090 4908 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/03/26 17:44:03.0199 4908 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/03/26 17:44:03.0308 4908 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/03/26 17:44:03.0543 4908 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/03/26 17:44:03.0652 4908 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/03/26 17:44:03.0746 4908 kl1 (5445b03cd42dedf5f85b9daf712fdd09) C:\WINDOWS\system32\drivers\kl1.sys
2011/03/26 17:44:03.0840 4908 klif (92210989cc1d06f997b9628d8e4b1819) C:\WINDOWS\system32\drivers\klif.sys
2011/03/26 17:44:03.0949 4908 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
2011/03/26 17:44:04.0043 4908 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/03/26 17:44:04.0152 4908 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
2011/03/26 17:44:04.0293 4908 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
2011/03/26 17:44:04.0355 4908 mdmxsdk (74f4372af97a587ecec527ec34955712) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/03/26 17:44:04.0449 4908 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/03/26 17:44:04.0496 4908 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
2011/03/26 17:44:04.0558 4908 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/03/26 17:44:04.0590 4908 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/03/26 17:44:04.0636 4908 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/03/26 17:44:04.0668 4908 MQAC (db07b0088cdfd20c2a22e675120ede34) C:\WINDOWS\system32\drivers\mqac.sys
2011/03/26 17:44:04.0730 4908 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2011/03/26 17:44:04.0761 4908 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/03/26 17:44:04.0824 4908 MRxSmb (1fd607fc67f7f7c633c3da65bfc53d18) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/03/26 17:44:04.0918 4908 MSDV (6dd721dfd2648f3f6d5808b5ba6cb095) C:\WINDOWS\system32\DRIVERS\msdv.sys
2011/03/26 17:44:04.0965 4908 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2011/03/26 17:44:05.0043 4908 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/03/26 17:44:05.0105 4908 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/03/26 17:44:05.0152 4908 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/03/26 17:44:05.0230 4908 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/03/26 17:44:05.0293 4908 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/03/26 17:44:05.0340 4908 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
2011/03/26 17:44:05.0418 4908 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/03/26 17:44:05.0511 4908 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2011/03/26 17:44:05.0558 4908 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/03/26 17:44:05.0636 4908 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/03/26 17:44:05.0668 4908 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/03/26 17:44:05.0715 4908 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/03/26 17:44:05.0761 4908 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/03/26 17:44:05.0793 4908 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/03/26 17:44:05.0824 4908 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/03/26 17:44:05.0902 4908 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/03/26 17:44:05.0933 4908 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2011/03/26 17:44:05.0965 4908 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/03/26 17:44:06.0027 4908 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/03/26 17:44:06.0090 4908 nv (a52d6a26c65aecdd802d6524b9d07f3a) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/03/26 17:44:06.0199 4908 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\nv4_mini.sys. Real md5: a52d6a26c65aecdd802d6524b9d07f3a, Fake md5: 88d8f8d4c3243e0bb0ed57496868e52e
2011/03/26 17:44:06.0215 4908 nv - detected Forged file (1)
2011/03/26 17:44:06.0261 4908 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/03/26 17:44:06.0293 4908 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/03/26 17:44:06.0355 4908 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/03/26 17:44:06.0402 4908 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\drivers\Parport.sys
2011/03/26 17:44:06.0433 4908 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/03/26 17:44:06.0465 4908 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/03/26 17:44:06.0511 4908 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/03/26 17:44:06.0558 4908 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/03/26 17:44:06.0605 4908 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/03/26 17:44:06.0761 4908 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2011/03/26 17:44:06.0793 4908 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2011/03/26 17:44:06.0902 4908 pfc (6c1618a07b49e3873582b6449e744088) C:\WINDOWS\system32\drivers\pfc.sys
2011/03/26 17:44:06.0980 4908 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/03/26 17:44:07.0058 4908 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/03/26 17:44:07.0105 4908 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/03/26 17:44:07.0183 4908 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/03/26 17:44:07.0230 4908 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2011/03/26 17:44:07.0261 4908 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2011/03/26 17:44:07.0308 4908 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2011/03/26 17:44:07.0340 4908 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2011/03/26 17:44:07.0386 4908 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2011/03/26 17:44:07.0418 4908 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/03/26 17:44:07.0465 4908 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/03/26 17:44:07.0511 4908 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/03/26 17:44:07.0543 4908 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/03/26 17:44:07.0605 4908 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/03/26 17:44:07.0636 4908 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/03/26 17:44:07.0699 4908 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/03/26 17:44:07.0761 4908 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/03/26 17:44:07.0824 4908 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/03/26 17:44:07.0886 4908 RMCAST (35e81b908ae4e97fc7bdf4607c516ff4) C:\WINDOWS\system32\drivers\RMCast.sys
2011/03/26 17:44:07.0949 4908 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/03/26 17:44:08.0058 4908 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) E:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/03/26 17:44:08.0090 4908 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) E:\Program Files\SUPERAntiSpyware\SASENUM.SYS
2011/03/26 17:44:08.0121 4908 SASKUTIL (61db0d0756a99506207fd724e3692b25) E:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
2011/03/26 17:44:08.0168 4908 sbmount (05fc20f1b2eec9c5bbe3d78c834dfa56) C:\WINDOWS\system32\drivers\sbmount.sys
2011/03/26 17:44:08.0230 4908 sbp2port (3e2c3b180872be4120f246d85560b734) C:\WINDOWS\system32\DRIVERS\sbp2port.sys
2011/03/26 17:44:08.0293 4908 scsiscan (4acfb25ecc8dd21707f747b28216cea1) C:\WINDOWS\system32\DRIVERS\scsiscan.sys
2011/03/26 17:44:08.0371 4908 sdbus (02fc71b020ec8700ee8a46c58bc6f276) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/03/26 17:44:08.0433 4908 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/03/26 17:44:08.0496 4908 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\drivers\Serial.sys
2011/03/26 17:44:08.0590 4908 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
2011/03/26 17:44:08.0699 4908 sisagp (732d859b286da692119f286b21a2a114) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2011/03/26 17:44:08.0761 4908 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/03/26 17:44:08.0808 4908 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2011/03/26 17:44:08.0871 4908 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
2011/03/26 17:44:08.0902 4908 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/03/26 17:44:08.0949 4908 Srv (20b7e396720353e4117d64d9dcb926ca) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/03/26 17:44:08.0996 4908 SSFS0BB9 (d3ad8d2e550b262694b024d1eb1efffc) C:\WINDOWS\system32\Drivers\SSFS0BB9.SYS
2011/03/26 17:44:09.0011 4908 SSHRMD (4d0e7a4befad963d3aecfac12fdeff16) C:\WINDOWS\system32\Drivers\SSHRMD.SYS
2011/03/26 17:44:09.0043 4908 SSIDRV (43eeddc9b9b8accdb4a914ba893c73de) C:\WINDOWS\system32\Drivers\SSIDRV.SYS
2011/03/26 17:44:09.0090 4908 SSKBFD (8564bc9598be1705477b7fa61d657c2b) C:\WINDOWS\system32\Drivers\sskbfd.sys
2011/03/26 17:44:09.0136 4908 stcvsm (cfcee4a194278d2f3c2ff53d0355eda4) C:\WINDOWS\system32\drivers\stcvsm.sys
2011/03/26 17:44:09.0215 4908 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/03/26 17:44:09.0261 4908 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/03/26 17:44:09.0324 4908 SWIPsec (ebd83e322b4eb50f6a1d8d7b42d3745e) C:\WINDOWS\system32\Drivers\SWIPsec.sys
2011/03/26 17:44:09.0371 4908 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2011/03/26 17:44:09.0433 4908 SWVNIC (962b13026b10b82d2874bfda4ecc048d) C:\WINDOWS\system32\DRIVERS\swvnic.sys
2011/03/26 17:44:09.0480 4908 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/03/26 17:44:09.0527 4908 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/03/26 17:44:09.0558 4908 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/03/26 17:44:09.0605 4908 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/03/26 17:44:09.0668 4908 SynTP (c9a1785cc0d7a040dd0fdbfeaa8be135) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2011/03/26 17:44:09.0715 4908 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/03/26 17:44:09.0808 4908 Tcpip (9f4b36614a0fc234525ba224957de55c) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/03/26 17:44:09.0871 4908 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/03/26 17:44:09.0902 4908 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/03/26 17:44:09.0949 4908 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/03/26 17:44:10.0043 4908 tifm21 (9179e07503630d6fb2e4162ff0196191) C:\WINDOWS\system32\drivers\tifm21.sys
2011/03/26 17:44:10.0121 4908 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2011/03/26 17:44:10.0199 4908 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
2011/03/26 17:44:10.0230 4908 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2011/03/26 17:44:10.0293 4908 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
2011/03/26 17:44:10.0386 4908 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/03/26 17:44:10.0433 4908 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/03/26 17:44:10.0496 4908 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/03/26 17:44:10.0543 4908 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/03/26 17:44:10.0621 4908 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/03/26 17:44:10.0683 4908 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/03/26 17:44:10.0761 4908 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/03/26 17:44:10.0824 4908 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/03/26 17:44:10.0886 4908 usb_rndisx (ae4df3b7d1db9373b08db4ed224e26b6) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
2011/03/26 17:44:10.0949 4908 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2011/03/26 17:44:10.0996 4908 viaagp (d92e7c8a30cfd14d8e15b5f7f032151b) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2011/03/26 17:44:11.0043 4908 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/03/26 17:44:11.0090 4908 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/03/26 17:44:11.0261 4908 w39n51 (4e7b07653f4f9937cf62ad2869fba520) C:\WINDOWS\system32\DRIVERS\w39n51.sys
2011/03/26 17:44:11.0386 4908 wacommousefilter (427a8bc96f16c40df81c2d2f4edd32dd) C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys
2011/03/26 17:44:11.0433 4908 wacomvhid (51d580f30d1a1f2ea4965af6abc2bcb2) C:\WINDOWS\system32\DRIVERS\wacomvhid.sys
2011/03/26 17:44:11.0480 4908 WacomVKHid (889459833432b161cb99cfdf84a1a9bb) C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys
2011/03/26 17:44:11.0543 4908 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/03/26 17:44:11.0683 4908 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/03/26 17:44:11.0808 4908 winachsf (214bc3ad84907ad6ad655ac5465f449a) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2011/03/26 17:44:12.0027 4908 WmiAcpi (ae2c8544e747c20062db27456ea2d67a) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/03/26 17:44:12.0136 4908 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/03/26 17:44:12.0215 4908 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/03/26 17:44:12.0261 4908 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/03/26 17:44:12.0824 4908 ================================================================================
2011/03/26 17:44:12.0824 4908 Scan finished
2011/03/26 17:44:12.0824 4908 ================================================================================
2011/03/26 17:44:12.0855 5800 Detected object count: 1
2011/03/26 17:44:25.0340 5800 Forged file(nv) - User select action: Skip
2011/03/26 17:44:41.0808 2480 ================================================================================
2011/03/26 17:44:41.0808 2480 Scan started
2011/03/26 17:44:41.0808 2480 Mode: Manual;
2011/03/26 17:44:41.0808 2480 ================================================================================
2011/03/26 17:44:42.0152 2480 61883 (86d7b1e70661d754685b9ac6d749aae5) C:\WINDOWS\system32\DRIVERS\61883.sys
2011/03/26 17:44:42.0215 2480 Aavmker4 (83631291adf2887cffc786d034d3fa15) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/03/26 17:44:42.0340 2480 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2011/03/26 17:44:42.0371 2480 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/03/26 17:44:42.0402 2480 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/03/26 17:44:42.0480 2480 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/03/26 17:44:42.0527 2480 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
2011/03/26 17:44:42.0590 2480 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys
2011/03/26 17:44:42.0652 2480 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/03/26 17:44:42.0699 2480 agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2011/03/26 17:44:42.0761 2480 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2011/03/26 17:44:42.0793 2480 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/03/26 17:44:42.0840 2480 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/03/26 17:44:42.0933 2480 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2011/03/26 17:44:42.0965 2480 alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2011/03/26 17:44:42.0996 2480 amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2011/03/26 17:44:43.0043 2480 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2011/03/26 17:44:43.0090 2480 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/03/26 17:44:43.0121 2480 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2011/03/26 17:44:43.0152 2480 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2011/03/26 17:44:43.0199 2480 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2011/03/26 17:44:43.0277 2480 Aspi32 (5b01af89d16d562825c4db4530f20cbb) C:\WINDOWS\system32\drivers\Aspi32.sys
2011/03/26 17:44:43.0324 2480 aswFsBlk (1c2e6bb4fe8621b1b863855b02bc33eb) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/03/26 17:44:43.0386 2480 aswMon2 (452d0ecd14fa02f9b061f42c8a30dd49) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/03/26 17:44:43.0433 2480 aswRdr (b6a9373619d851be80fb5f1b5eed0d4e) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/03/26 17:44:43.0480 2480 aswSnx (9be41c1ae8bc481eb662d85c98d979c2) C:\WINDOWS\system32\drivers\aswSnx.sys
2011/03/26 17:44:43.0527 2480 aswSP (4b1a54ba2bc5873a774df6b70ab8b0b3) C:\WINDOWS\system32\drivers\aswSP.sys
2011/03/26 17:44:43.0590 2480 aswTdi (c7f1cea32766184911293f4e1ee653f5) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/03/26 17:44:43.0652 2480 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/03/26 17:44:43.0715 2480 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/03/26 17:44:43.0793 2480 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/03/26 17:44:43.0855 2480 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/03/26 17:44:43.0965 2480 Avc (87c223adb8f7596b31caae3c67b16ddd) C:\WINDOWS\system32\DRIVERS\avc.sys
2011/03/26 17:44:44.0058 2480 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/03/26 17:44:44.0230 2480 BTKRNL (5c3807e7768023a1229c73296758a361) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
2011/03/26 17:44:44.0371 2480 BTWUSB (7024e11dab9410b31a37547575249dd7) C:\WINDOWS\system32\Drivers\btwusb.sys
2011/03/26 17:44:44.0449 2480 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2011/03/26 17:44:44.0496 2480 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/03/26 17:44:44.0590 2480 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/03/26 17:44:44.0652 2480 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2011/03/26 17:44:44.0730 2480 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/03/26 17:44:44.0824 2480 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/03/26 17:44:44.0902 2480 Cdr4_xp (c3e76b0c05ebf7261abfb08d9e75822e) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
2011/03/26 17:44:44.0965 2480 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/03/26 17:44:45.0105 2480 CmBatt (4266be808f85826aedf3c64c1e240203) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/03/26 17:44:45.0215 2480 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2011/03/26 17:44:45.0277 2480 Compbatt (df1b1a24bf52d0ebc01ed4ece8979f50) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/03/26 17:44:45.0371 2480 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2011/03/26 17:44:45.0449 2480 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2011/03/26 17:44:45.0527 2480 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2011/03/26 17:44:45.0605 2480 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/03/26 17:44:45.0715 2480 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
2011/03/26 17:44:45.0808 2480 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
2011/03/26 17:44:45.0886 2480 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/03/26 17:44:45.0996 2480 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2011/03/26 17:44:46.0105 2480 DNE (b5aa5aa5ac327bd7c1aec0c58f0c1144) C:\WINDOWS\system32\DRIVERS\dne2000.sys
2011/03/26 17:44:46.0199 2480 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/03/26 17:44:46.0293 2480 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/03/26 17:44:46.0371 2480 dvd43llh (1fc1eed3ea0c3a0ecf8a95b97e1b4831) C:\WINDOWS\system32\DRIVERS\dvd43llh.sys
2011/03/26 17:44:46.0465 2480 E100B (6ca101f9aa3d845ba31f6e13c01301a8) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/03/26 17:44:46.0527 2480 eabfiltr (b5cb3084046146fd2587d8c9b219feb4) C:\WINDOWS\system32\DRIVERS\eabfiltr.sys
2011/03/26 17:44:46.0605 2480 eabusb (231f4547ae1e4b3e60eca66c3a96d218) C:\WINDOWS\system32\DRIVERS\eabusb.sys
2011/03/26 17:44:46.0730 2480 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/03/26 17:44:46.0808 2480 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys
2011/03/26 17:44:46.0886 2480 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
2011/03/26 17:44:46.0965 2480 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/03/26 17:44:47.0027 2480 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/03/26 17:44:47.0121 2480 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/03/26 17:44:47.0183 2480 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/03/26 17:44:47.0277 2480 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2011/03/26 17:44:47.0371 2480 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/03/26 17:44:47.0465 2480 HBtnKey (4d4d97671c63c3af869b3518e6054204) C:\WINDOWS\system32\DRIVERS\cpqbttn.sys
2011/03/26 17:44:47.0574 2480 HdAudAddService (bb42bb78bbbc1e83292ef26973598daf) C:\WINDOWS\system32\drivers\CHDAud.sys
2011/03/26 17:44:47.0683 2480 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/03/26 17:44:47.0793 2480 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/03/26 17:44:47.0886 2480 HPFXBULK (299683d4c8aaa3f6f5d5d226a1782a6e) C:\WINDOWS\system32\drivers\hpfxbulk.sys
2011/03/26 17:44:47.0980 2480 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2011/03/26 17:44:48.0074 2480 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/03/26 17:44:48.0121 2480 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/03/26 17:44:48.0152 2480 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/03/26 17:44:48.0215 2480 HSFHWAZL (89e256c5f5346be265d9f86ac8625d4f) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
2011/03/26 17:44:48.0293 2480 HSF_DPV (0e44af3828111d4c3e73c33ac95226d8) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
2011/03/26 17:44:48.0402 2480 HTTP (c19b522a9ae0bbc3293397f3055e80a1) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/03/26 17:44:48.0465 2480 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys
2011/03/26 17:44:48.0511 2480 i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2011/03/26 17:44:48.0543 2480 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/03/26 17:44:48.0621 2480 iaStor (309c4d86d989fb1fcf64bd30dc81c51b) C:\WINDOWS\system32\DRIVERS\iaStor.sys
2011/03/26 17:44:48.0730 2480 IKFileSec (ff9f262494fc23d77a6148d49d87d2de) C:\WINDOWS\system32\drivers\ikfilesec.sys
2011/03/26 17:44:48.0777 2480 IKSysFlt (7e359671fd9595ecb1b0a33fb4184b19) C:\WINDOWS\system32\drivers\iksysflt.sys
2011/03/26 17:44:48.0808 2480 IKSysSec (a44cb3cf3af266665261a6e6c9cac27c) C:\WINDOWS\system32\drivers\iksyssec.sys
2011/03/26 17:44:48.0840 2480 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/03/26 17:44:48.0918 2480 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2011/03/26 17:44:48.0996 2480 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/03/26 17:44:49.0027 2480 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/03/26 17:44:49.0121 2480 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/03/26 17:44:49.0183 2480 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/03/26 17:44:49.0246 2480 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/03/26 17:44:49.0293 2480 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/03/26 17:44:49.0340 2480 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/03/26 17:44:49.0418 2480 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/03/26 17:44:49.0496 2480 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/03/26 17:44:49.0543 2480 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/03/26 17:44:49.0590 2480 kl1 (5445b03cd42dedf5f85b9daf712fdd09) C:\WINDOWS\system32\drivers\kl1.sys
2011/03/26 17:44:49.0652 2480 klif (92210989cc1d06f997b9628d8e4b1819) C:\WINDOWS\system32\drivers\klif.sys
2011/03/26 17:44:49.0730 2480 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
2011/03/26 17:44:49.0793 2480 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/03/26 17:44:49.0886 2480 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys
2011/03/26 17:44:50.0011 2480 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
2011/03/26 17:44:50.0074 2480 mdmxsdk (74f4372af97a587ecec527ec34955712) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/03/26 17:44:50.0183 2480 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/03/26 17:44:50.0230 2480 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
2011/03/26 17:44:50.0293 2480 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/03/26 17:44:50.0324 2480 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/03/26 17:44:50.0355 2480 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/03/26 17:44:50.0402 2480 MQAC (db07b0088cdfd20c2a22e675120ede34) C:\WINDOWS\system32\drivers\mqac.sys
2011/03/26 17:44:50.0449 2480 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2011/03/26 17:44:50.0511 2480 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/03/26 17:44:50.0558 2480 MRxSmb (1fd607fc67f7f7c633c3da65bfc53d18) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/03/26 17:44:50.0636 2480 MSDV (6dd721dfd2648f3f6d5808b5ba6cb095) C:\WINDOWS\system32\DRIVERS\msdv.sys
2011/03/26 17:44:50.0683 2480 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2011/03/26 17:44:50.0761 2480 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/03/26 17:44:50.0808 2480 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/03/26 17:44:50.0855 2480 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/03/26 17:44:50.0918 2480 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/03/26 17:44:50.0996 2480 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/03/26 17:44:51.0043 2480 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
2011/03/26 17:44:51.0105 2480 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/03/26 17:44:51.0183 2480 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2011/03/26 17:44:51.0246 2480 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/03/26 17:44:51.0293 2480 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/03/26 17:44:51.0340 2480 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/03/26 17:44:51.0386 2480 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/03/26 17:44:51.0418 2480 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/03/26 17:44:51.0465 2480 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/03/26 17:44:51.0511 2480 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/03/26 17:44:51.0605 2480 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/03/26 17:44:51.0668 2480 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2011/03/26 17:44:51.0699 2480 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/03/26 17:44:51.0746 2480 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/03/26 17:44:51.0808 2480 nv (a52d6a26c65aecdd802d6524b9d07f3a) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/03/26 17:44:51.0933 2480 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\nv4_mini.sys. Real md5: a52d6a26c65aecdd802d6524b9d07f3a, Fake md5: 88d8f8d4c3243e0bb0ed57496868e52e
2011/03/26 17:44:51.0949 2480 nv - detected Forged file (1)
2011/03/26 17:44:51.0996 2480 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/03/26 17:44:52.0027 2480 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/03/26 17:44:52.0090 2480 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/03/26 17:44:52.0152 2480 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\drivers\Parport.sys
2011/03/26 17:44:52.0168 2480 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/03/26 17:44:52.0215 2480 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/03/26 17:44:52.0246 2480 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/03/26 17:44:52.0308 2480 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/03/26 17:44:52.0355 2480 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/03/26 17:44:52.0543 2480 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2011/03/26 17:44:52.0590 2480 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2011/03/26 17:44:52.0699 2480 pfc (6c1618a07b49e3873582b6449e744088) C:\WINDOWS\system32\drivers\pfc.sys
2011/03/26 17:44:52.0793 2480 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/03/26 17:44:52.0824 2480 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/03/26 17:44:52.0871 2480 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/03/26 17:44:52.0933 2480 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/03/26 17:44:52.0980 2480 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2011/03/26 17:44:53.0011 2480 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2011/03/26 17:44:53.0043 2480 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2011/03/26 17:44:53.0074 2480 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2011/03/26 17:44:53.0121 2480 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2011/03/26 17:44:53.0152 2480 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/03/26 17:44:53.0215 2480 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/03/26 17:44:53.0261 2480 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/03/26 17:44:53.0293 2480 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/03/26 17:44:53.0324 2480 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/03/26 17:44:53.0340 2480 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/03/26 17:44:53.0386 2480 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/03/26 17:44:53.0433 2480 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/03/26 17:44:53.0496 2480 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/03/26 17:44:53.0543 2480 RMCAST (35e81b908ae4e97fc7bdf4607c516ff4) C:\WINDOWS\system32\drivers\RMCast.sys
2011/03/26 17:44:53.0590 2480 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/03/26 17:44:53.0699 2480 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) E:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2011/03/26 17:44:53.0730 2480 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) E:\Program Files\SUPERAntiSpyware\SASENUM.SYS
2011/03/26 17:44:53.0761 2480 SASKUTIL (61db0d0756a99506207fd724e3692b25) E:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
2011/03/26 17:44:53.0886 2480 sbmount (05fc20f1b2eec9c5bbe3d78c834dfa56) C:\WINDOWS\system32\drivers\sbmount.sys
2011/03/26 17:44:53.0965 2480 sbp2port (3e2c3b180872be4120f246d85560b734) C:\WINDOWS\system32\DRIVERS\sbp2port.sys
2011/03/26 17:44:54.0043 2480 scsiscan (4acfb25ecc8dd21707f747b28216cea1) C:\WINDOWS\system32\DRIVERS\scsiscan.sys
2011/03/26 17:44:54.0121 2480 sdbus (02fc71b020ec8700ee8a46c58bc6f276) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2011/03/26 17:44:54.0183 2480 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/03/26 17:44:54.0246 2480 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\drivers\Serial.sys
2011/03/26 17:44:54.0340 2480 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
2011/03/26 17:44:54.0465 2480 sisagp (732d859b286da692119f286b21a2a114) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2011/03/26 17:44:54.0527 2480 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/03/26 17:44:54.0574 2480 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2011/03/26 17:44:54.0636 2480 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
2011/03/26 17:44:54.0683 2480 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/03/26 17:44:54.0746 2480 Srv (20b7e396720353e4117d64d9dcb926ca) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/03/26 17:44:54.0808 2480 SSFS0BB9 (d3ad8d2e550b262694b024d1eb1efffc) C:\WINDOWS\system32\Drivers\SSFS0BB9.SYS
2011/03/26 17:44:54.0855 2480 SSHRMD (4d0e7a4befad963d3aecfac12fdeff16) C:\WINDOWS\system32\Drivers\SSHRMD.SYS
2011/03/26 17:44:54.0902 2480 SSIDRV (43eeddc9b9b8accdb4a914ba893c73de) C:\WINDOWS\system32\Drivers\SSIDRV.SYS
2011/03/26 17:44:54.0949 2480 SSKBFD (8564bc9598be1705477b7fa61d657c2b) C:\WINDOWS\system32\Drivers\sskbfd.sys
2011/03/26 17:44:55.0043 2480 stcvsm (cfcee4a194278d2f3c2ff53d0355eda4) C:\WINDOWS\system32\drivers\stcvsm.sys
2011/03/26 17:44:55.0183 2480 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/03/26 17:44:55.0308 2480 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/03/26 17:44:55.0402 2480 SWIPsec (ebd83e322b4eb50f6a1d8d7b42d3745e) C:\WINDOWS\system32\Drivers\SWIPsec.sys
2011/03/26 17:44:55.0511 2480 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2011/03/26 17:44:55.0605 2480 SWVNIC (962b13026b10b82d2874bfda4ecc048d) C:\WINDOWS\system32\DRIVERS\swvnic.sys
2011/03/26 17:44:55.0715 2480 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/03/26 17:44:55.0793 2480 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/03/26 17:44:55.0886 2480 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/03/26 17:44:55.0949 2480 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/03/26 17:44:56.0043 2480 SynTP (c9a1785cc0d7a040dd0fdbfeaa8be135) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2011/03/26 17:44:56.0152 2480 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/03/26 17:44:56.0308 2480 Tcpip (9f4b36614a0fc234525ba224957de55c) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/03/26 17:44:56.0386 2480 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/03/26 17:44:56.0465 2480 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/03/26 17:44:56.0543 2480 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/03/26 17:44:56.0668 2480 tifm21 (9179e07503630d6fb2e4162ff0196191) C:\WINDOWS\system32\drivers\tifm21.sys
2011/03/26 17:44:56.0761 2480 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2011/03/26 17:44:56.0840 2480 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
2011/03/26 17:44:56.0886 2480 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2011/03/26 17:44:56.0949 2480 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
2011/03/26 17:44:57.0043 2480 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/03/26 17:44:57.0136 2480 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/03/26 17:44:57.0215 2480 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/03/26 17:44:57.0261 2480 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/03/26 17:44:57.0340 2480 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/03/26 17:44:57.0449 2480 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/03/26 17:44:57.0558 2480 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/03/26 17:44:57.0636 2480 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/03/26 17:44:57.0699 2480 usb_rndisx (ae4df3b7d1db9373b08db4ed224e26b6) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
2011/03/26 17:44:57.0746 2480 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2011/03/26 17:44:57.0793 2480 viaagp (d92e7c8a30cfd14d8e15b5f7f032151b) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2011/03/26 17:44:57.0855 2480 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/03/26 17:44:57.0933 2480 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/03/26 17:44:58.0121 2480 w39n51 (4e7b07653f4f9937cf62ad2869fba520) C:\WINDOWS\system32\DRIVERS\w39n51.sys
2011/03/26 17:44:58.0261 2480 wacommousefilter (427a8bc96f16c40df81c2d2f4edd32dd) C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys
2011/03/26 17:44:58.0308 2480 wacomvhid (51d580f30d1a1f2ea4965af6abc2bcb2) C:\WINDOWS\system32\DRIVERS\wacomvhid.sys
2011/03/26 17:44:58.0340 2480 WacomVKHid (889459833432b161cb99cfdf84a1a9bb) C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys
2011/03/26 17:44:58.0418 2480 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/03/26 17:44:58.0558 2480 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/03/26 17:44:58.0668 2480 winachsf (214bc3ad84907ad6ad655ac5465f449a) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2011/03/26 17:44:58.0886 2480 WmiAcpi (ae2c8544e747c20062db27456ea2d67a) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2011/03/26 17:44:58.0996 2480 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/03/26 17:44:59.0090 2480 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/03/26 17:44:59.0136 2480 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/03/26 17:44:59.0855 2480 ================================================================================
2011/03/26 17:44:59.0855 2480 Scan finished
2011/03/26 17:44:59.0855 2480 ================================================================================
2011/03/26 17:44:59.0886 2612 Detected object count: 1
2011/03/26 17:45:17.0668 2612 nv (a52d6a26c65aecdd802d6524b9d07f3a) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/03/26 17:45:17.0824 2612 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\nv4_mini.sys. Real md5: a52d6a26c65aecdd802d6524b9d07f3a, Fake md5: 88d8f8d4c3243e0bb0ed57496868e52e
2011/03/26 17:45:17.0996 2612 C:\WINDOWS\system32\DRIVERS\nv4_mini.sys - copied to quarantine
2011/03/26 17:45:18.0746 2612 Forged file(nv) - User select action: Quarantine




Removed 2 attachments- HJT and RKILL logs - and pasted contents of one other log into post body and deleted attachment form.~ OB

Attached Files


Edited by Orange Blossom, 03 May 2011 - 11:17 PM.


BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:10:32 AM

Posted 03 April 2011 - 08:45 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.
If you are unable to create a log because your computer cannot start up successfully please provide detailed information about the Windows version you are using: What we in particular need to know is version, edition and if it is a 32bit or a 64bit system.
If you are unsure about any of these caracteristics, just let us know and we'll help you figuring it out. Please also tell us if you have your Windows CD/DVD handy.


Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • In the custom scan box paste the following:
    msconfig
    safebootminimal
    activex
    drivers32
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    wininit.exe
    hlp.dat
    /md5stop
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt<--Will be minimized

In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 SoCalBob55

SoCalBob55
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Local time:01:32 AM

Posted 03 April 2011 - 10:06 AM

Thanks, Myrti. You'll find a pretty thorough explanation of my system and current condition in my first post about. I may be infection-free at this point - but I definitely have a display driver problem at the very least (see the last part of my post).

But you're the expert!

Here's OTL.txt file:

OTL logfile created on: 4/3/2011 7:14:54 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Robert Weil\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 17.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 48.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 83.12 Gb Total Space | 3.57 Gb Free Space | 4.29% Space Free | Partition Type: NTFS
Drive E: | 4.63 Gb Total Space | 2.30 Gb Free Space | 49.56% Space Free | Partition Type: NTFS
Drive F: | 644.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive I: | 465.65 Gb Total Space | 47.22 Gb Free Space | 10.14% Space Free | Partition Type: FAT32
Drive O: | 930.86 Gb Total Space | 80.21 Gb Free Space | 8.62% Space Free | Partition Type: NTFS

Computer Name: BOBSLAPTOP | User Name: Robert Weil | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/03 06:53:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Robert Weil\Desktop\OTL.exe
PRC - [2011/03/23 07:24:45 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/03/22 01:05:42 | 000,939,848 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011/03/22 01:05:41 | 001,405,384 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/02/23 07:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/02/23 07:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2010/12/23 07:24:46 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\nlssrv32.exe
PRC - [2010/12/13 16:49:14 | 000,067,616 | ---- | M] (StorageCraft Technology Corporation) -- C:\WINDOWS\system32\vsnapvss.exe
PRC - [2010/12/13 16:47:48 | 003,631,648 | ---- | M] (StorageCraft Technology Corporation) -- C:\Program Files\StorageCraft\ShadowProtect\ShadowProtectSvc.exe
PRC - [2010/11/29 18:19:36 | 001,234,224 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QuickTimePlayer.exe
PRC - [2010/07/29 01:40:56 | 000,311,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2010/05/14 11:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2009/12/17 17:06:46 | 000,102,400 | ---- | M] (StorageCraft Technology Corporation) -- C:\Program Files\StorageCraft\ImageManager\ImageManager.exe
PRC - [2009/12/13 10:45:34 | 001,937,408 | ---- | M] (EuroSmartz Ltd) -- C:\WePrint\WePrint Server.exe
PRC - [2009/09/28 16:06:02 | 004,463,400 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Wacom_Tablet.exe
PRC - [2009/09/28 16:06:02 | 001,823,528 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
PRC - [2009/09/08 14:56:28 | 003,724,072 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchUser.exe
PRC - [2009/09/08 14:56:22 | 000,393,512 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
PRC - [2009/09/08 14:56:22 | 000,112,936 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchService.exe
PRC - [2009/09/08 14:56:20 | 004,410,152 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Pen_Tablet.exe
PRC - [2009/06/22 15:55:48 | 001,585,152 | ---- | M] (Amazon.com) -- C:\Program Files\Amazon\MP3 Downloader\AmazonMP3Downloader.exe
PRC - [2009/03/05 23:57:56 | 000,227,352 | ---- | M] (SonicWALL, Inc.) -- C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe
PRC - [2008/04/23 02:08:13 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
PRC - [2008/03/01 15:49:50 | 000,826,880 | ---- | M] () -- C:\Program Files\dvd43\DVD43_Tray.exe
PRC - [2008/01/04 21:56:58 | 005,367,664 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
PRC - [2008/01/04 21:56:52 | 003,572,592 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
PRC - [2008/01/04 21:34:36 | 000,214,384 | ---- | M] () -- C:\Program Files\Webroot\Spy Sweeper\ssu.exe
PRC - [2007/07/06 14:02:26 | 000,561,152 | ---- | M] (Lavasoft AB) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
PRC - [2006/06/01 13:32:12 | 000,094,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006/05/12 01:32:48 | 000,086,016 | ---- | M] (High Criteria inc.) -- C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe
PRC - [2006/02/27 17:02:06 | 000,581,693 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/02/27 17:00:58 | 001,265,748 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2006/02/16 10:00:00 | 000,122,880 | ---- | M] (WinZip Computing LP) -- C:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2005/12/23 21:44:26 | 000,491,606 | ---- | M] () -- C:\Program Files\HPQ\Shared\HpqToaster.exe
PRC - [2004/08/04 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2001/08/18 05:00:00 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sndvol32.exe
PRC - [2001/08/09 02:01:00 | 000,090,112 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe


========== Modules (SafeList) ==========

MOD - [2011/04/03 06:53:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Robert Weil\Desktop\OTL.exe
MOD - [2011/02/23 07:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2004/08/04 14:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (AdobeActiveFileMonitor9.0)
SRV - [2011/03/28 14:40:07 | 003,229,784 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_a35e6b9.dll -- (Akamai)
SRV - [2011/03/22 01:05:41 | 001,405,384 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/02/23 07:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/12/23 07:24:46 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\nlssrv32.exe -- (nlsX86cc)
SRV - [2010/12/13 16:49:14 | 000,067,616 | ---- | M] (StorageCraft Technology Corporation) [Auto | Running] -- C:\WINDOWS\system32\vsnapvss.exe -- (VSNAPVSS)
SRV - [2010/12/13 16:47:48 | 003,631,648 | ---- | M] (StorageCraft Technology Corporation) [Auto | Running] -- C:\Program Files\StorageCraft\ShadowProtect\ShadowProtectSvc.exe -- (ShadowProtectSvc)
SRV - [2009/12/17 17:06:46 | 000,102,400 | ---- | M] (StorageCraft Technology Corporation) [Auto | Running] -- C:\Program Files\StorageCraft\ImageManager\ImageManager.exe -- (StorageCraft Image Manager)
SRV - [2009/09/28 16:06:02 | 004,463,400 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\WINDOWS\system32\Wacom_Tablet.exe -- (TabletServiceWacom)
SRV - [2009/09/08 14:56:22 | 000,112,936 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV - [2009/09/08 14:56:20 | 004,410,152 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\WINDOWS\system32\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2009/03/05 23:57:56 | 000,227,352 | ---- | M] (SonicWALL, Inc.) [Auto | Running] -- C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe -- (SWGVCSvc)
SRV - [2008/10/15 00:03:01 | 001,079,176 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2008/06/13 15:29:14 | 000,356,920 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2008/03/08 21:49:40 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/01/04 21:56:52 | 003,572,592 | ---- | M] (Webroot Software, Inc.) [Auto | Running] -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe -- (WebrootSpySweeperService)
SRV - [2007/07/06 14:02:26 | 000,561,152 | ---- | M] (Lavasoft AB) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe -- (aawservice)
SRV - [2006/03/24 20:09:22 | 000,139,367 | ---- | M] (Kaspersky Lab) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe -- (AVP)
SRV - [2005/02/09 13:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Auto | Stopped] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
SRV - [2001/08/09 02:01:00 | 000,090,112 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe -- (EPSONStatusAgent2)
SRV - [2000/05/24 15:20:36 | 000,015,360 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\WINDOWS\system32\ATMsrvc.exe -- (ATMsrvc)


========== Driver Services (SafeList) ==========

DRV - [2011/03/22 01:05:43 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011/03/22 01:05:42 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/02/23 06:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/02/23 06:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/02/23 06:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/02/23 06:55:47 | 000,102,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/02/23 06:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/02/23 06:54:57 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/02/23 06:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/12/13 16:49:16 | 000,182,048 | ---- | M] (StorageCraft Technology Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\stcvsm.sys -- (stcvsm)
DRV - [2010/12/13 16:48:34 | 000,102,560 | ---- | M] (StorageCraft Technology Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\sbmount.sys -- (sbmount)
DRV - [2010/05/10 11:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- E:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 11:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- E:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 11:15:58 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- E:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/10/20 03:00:00 | 000,009,072 | ---- | M] (Sonic Solutions) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2009/05/20 12:54:06 | 000,013,736 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2009/03/05 23:58:12 | 000,087,064 | ---- | M] (SonicWALL, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SWIPsec.sys -- (SWIPsec)
DRV - [2009/03/04 18:03:32 | 000,021,016 | ---- | M] (SonicWALL, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWVNIC.sys -- (SWVNIC)
DRV - [2008/11/16 18:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2008/08/25 11:36:30 | 000,081,288 | ---- | M] (PCTools Research Pty Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iksyssec.sys -- (IKSysSec)
DRV - [2008/08/25 11:36:28 | 000,066,952 | ---- | M] (PCTools Research Pty Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iksysflt.sys -- (IKSysFlt)
DRV - [2008/08/25 11:36:28 | 000,040,840 | ---- | M] (PCTools Research Pty Ltd.) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ikfilesec.sys -- (IKFileSec)
DRV - [2008/01/04 21:34:36 | 000,023,920 | ---- | M] (Webroot Software Inc (www.webroot.com)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sskbfd.sys -- (SSKBFD)
DRV - [2008/01/04 21:34:34 | 000,163,696 | ---- | M] (Webroot Software Inc (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\Drivers\SSIDRV.SYS -- (SSIDRV)
DRV - [2008/01/04 21:34:34 | 000,021,872 | ---- | M] (Webroot Software Inc (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\Drivers\SSHRMD.SYS -- (SSHRMD)
DRV - [2008/01/04 21:34:34 | 000,020,336 | ---- | M] (Webroot Software Inc (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\Drivers\SSFS0BB9.SYS -- (SSFS0BB9)
DRV - [2007/07/16 08:29:34 | 000,017,432 | R--- | M] (Hewlett Packard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hpfxbulk.sys -- (HPFXBULK)
DRV - [2007/02/16 11:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2007/02/15 16:11:28 | 000,011,440 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WacomVKHid.sys -- (WacomVKHid)
DRV - [2007/01/04 11:07:00 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2006/11/05 08:51:37 | 000,162,064 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (klif)
DRV - [2006/04/18 04:29:06 | 000,569,856 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2006/03/14 11:02:54 | 001,428,480 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel®
DRV - [2006/02/28 05:00:00 | 000,200,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RMCast.sys -- (RMCAST)
DRV - [2006/02/28 05:00:00 | 000,072,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)
DRV - [2006/02/27 16:45:48 | 001,342,602 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/02/27 16:43:06 | 000,057,096 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/02/13 17:24:10 | 000,020,699 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2005/09/20 03:30:56 | 000,162,432 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/09/19 13:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2005/09/19 13:24:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2005/09/19 13:23:52 | 000,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2005/08/22 08:07:00 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/08/22 08:06:16 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/08/22 08:06:10 | 000,718,464 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/08/03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/09/19 16:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002/07/17 07:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2001/08/17 13:53:26 | 000,010,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\scsiscan.sys -- (scsiscan)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q306&bd=pavilion&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-714373593-766633883-78019857-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-714373593-766633883-78019857-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q306&bd=pavilion&pf=laptop
IE - HKU\S-1-5-21-714373593-766633883-78019857-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-714373593-766633883-78019857-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q306&bd=pavilion&pf=laptop"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.88
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101

FF - HKLM\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/03/25 19:59:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/29 04:46:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/29 04:46:56 | 000,000,000 | ---D | M]

[2009/01/17 13:14:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Robert Weil\Application Data\Mozilla\Extensions
[2011/03/29 20:36:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Robert Weil\Application Data\Mozilla\Firefox\Profiles\1ie5u3vs.default\extensions
[2011/02/11 08:28:49 | 000,000,000 | ---D | M] (FireShot) -- C:\Documents and Settings\Robert Weil\Application Data\Mozilla\Firefox\Profiles\1ie5u3vs.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2010/01/28 07:24:41 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Robert Weil\Application Data\Mozilla\Firefox\Profiles\1ie5u3vs.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/01/23 08:02:23 | 000,000,000 | ---D | M] (Web Developer) -- C:\Documents and Settings\Robert Weil\Application Data\Mozilla\Firefox\Profiles\1ie5u3vs.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2009/01/17 13:14:53 | 000,000,000 | ---D | M] (Aardvark) -- C:\Documents and Settings\Robert Weil\Application Data\Mozilla\Firefox\Profiles\1ie5u3vs.default\extensions\aardvark@rob.brown
[2009/01/17 13:14:56 | 000,000,000 | ---D | M] ("Undo Closed Tabs Button") -- C:\Documents and Settings\Robert Weil\Application Data\Mozilla\Firefox\Profiles\1ie5u3vs.default\extensions\undoclosedtabsbutton@supernova00.biz
[2011/03/29 20:36:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/03/15 08:53:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/03/25 19:59:41 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/03/15 08:52:55 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/04/17 16:18:36 | 000,113,504 | ---- | M] (Keynote Systems) -- C:\Program Files\Mozilla Firefox\components\FFConnectorLauncher.dll
[2009/04/17 16:18:38 | 000,232,288 | ---- | M] (Keynote Systems) -- C:\Program Files\Mozilla Firefox\components\FFSource.dll
[2011/03/21 21:30:26 | 002,179,072 | ---- | M] (DNAML Pty Ltd) -- C:\Program Files\Mozilla Firefox\plugins\npdbplug.dll
[2011/03/15 08:52:51 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2007/03/05 13:59:06 | 000,645,504 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll

O1 HOSTS File: ([2007/12/17 06:43:00 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (PCTools Site Guard) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\Program Files\Spyware Doctor\tools\iesdsg.dll (PC Tools)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O3 - HKU\S-1-5-21-714373593-766633883-78019857-1005\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-714373593-766633883-78019857-1005\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe ()
O4 - HKLM..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe ()
O4 - HKLM..\Run: [DXDllRegExe] File not found
O4 - HKLM..\Run: [kav] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [RoxioEngineUtility] C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe (Roxio)
O4 - HKLM..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe (Webroot Software, Inc.)
O4 - HKLM..\Run: [TotalRecorderScheduler] C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe (High Criteria inc.)
O4 - HKU\S-1-5-21-714373593-766633883-78019857-1005..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-714373593-766633883-78019857-1005..\Run: [Snte] File not found
O4 - HKU\S-1-5-21-714373593-766633883-78019857-1005..\Run: [SUPERAntiSpyware] E:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-714373593-766633883-78019857-1005..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10l_Plugin.exe (Adobe Systems, Inc.)
O4 - HKLM..\RunOnceEx: [Register Homesite+.exe] C:\Program Files\Macromedia\HomeSite+\Homesite+.exe (Macromedia, Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\StartUp\Vongo Tray.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-BA7E-000000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing LP)
O4 - Startup: C:\Documents and Settings\Default User\Start Menu\Programs\StartUp\Vongo Tray.lnk = File not found
O4 - Startup: C:\Documents and Settings\Robert Weil\Start Menu\Programs\StartUp\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Robert Weil\Start Menu\Programs\StartUp\OpenOffice.org 3.3.lnk = File not found
O4 - Startup: C:\Documents and Settings\Robert Weil\Start Menu\Programs\StartUp\WePrint Server.lnk = C:\WePrint\WePrint Server.exe (EuroSmartz Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-714373593-766633883-78019857-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-714373593-766633883-78019857-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Namo SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll (Kaspersky Lab)
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1263530833636 (WUWebControl Class)
O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} http://mediaplayer.walmart.com/installer/install.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\Hp\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet32: DllName - cryptnet32.dll - File not found
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\Documents and Settings\Robert Weil\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Robert Weil\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/03/02 21:10:48 | 000,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/06/18 14:12:18 | 000,000,088 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2008/01/22 15:55:48 | 000,000,000 | ---D | M] - I:\autorun -- [ FAT32 ]
O32 - AutoRun File - [2007/05/18 10:37:12 | 000,000,069 | RH-- | M] () - I:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{95e58044-a66d-11dc-9ab0-001302be8cfd}\Shell - "" = AutoRun
O33 - MountPoints2\{95e58044-a66d-11dc-9ab0-001302be8cfd}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{95e58044-a66d-11dc-9ab0-001302be8cfd}\Shell\AutoRun\command - "" = F:\LaunchU3.exe
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\wd_windows_tools\Setup.exe -- [2007/06/26 12:02:12 | 000,212,992 | ---- | M] (Western Digital Technologies, Inc.)
O33 - MountPoints2\P\Shell\AutoRun\command - "" = P:\wd_windows_tools\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

MsConfig - StartUpFolder: C:^Documents and Settings^Robert Weil^Start Menu^Programs^StartUp^Picaboo.lnk - - File not found
MsConfig - StartUpReg: AIM - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: aawservice - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (Lavasoft AB)
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: klmdb.sys - Driver
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sdauxservice - C:\Program Files\Spyware Doctor\pctsAuxs.exe (PC Tools)
SafeBootMin: sdcoreservice - C:\Program Files\Spyware Doctor\pctsSvc.exe (PC Tools)
SafeBootMin: sermouse.sys - Driver
SafeBootMin: svcWRSSSDK - Service
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: WebrootSpySweeperService - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe (Webroot Software, Inc.)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {12470E94-27EB-00BA-0075-FD372A4019BF} - Browser Customizations
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4b218e3e-bc98-4770-93d3-2731b9329278} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6D56CCC0-A3E1-6227-7228-76C00B3B87FF} - NetShow
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8EFA4753-7169-4CC3-A28B-0A1643B8A39B} - Microsoft .NET Framework 1.1 Hotfix (KB886903)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5F859CD-3D6C-8B91-7932-DD5B907CAC48} - NetShow
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: mixer - C:\WINDOWS\System32\DrvTrNTm.dll (High Criteria inc.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\WINDOWS\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
Drivers32: wave - C:\WINDOWS\System32\DrvTrNTm.dll (High Criteria inc.)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/04/03 06:59:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Robert Weil\Desktop\ComputerProbs_3-11
[2011/04/03 06:53:32 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Robert Weil\Desktop\OTL.exe
[2011/03/29 05:27:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Apple Computer
[2011/03/29 05:27:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/03/29 04:54:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/03/29 04:53:12 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/03/29 04:53:06 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/03/29 04:46:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/03/29 04:46:14 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/03/28 22:36:08 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/03/27 09:01:27 | 003,658,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys
[2011/03/27 08:39:58 | 000,025,992 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe
[2011/03/27 07:40:49 | 000,116,224 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2011/03/27 07:40:44 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2011/03/27 07:40:28 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2011/03/27 07:39:59 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2011/03/27 07:39:54 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2011/03/27 07:39:52 | 000,019,455 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wvchntxx.sys
[2011/03/27 07:39:47 | 000,012,063 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wsiintxx.sys
[2011/03/27 07:39:45 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshirda.dll
[2011/03/27 07:39:20 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2011/03/27 07:39:15 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2011/03/27 07:39:03 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2011/03/27 07:38:55 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2011/03/27 07:38:50 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2011/03/27 07:38:41 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys
[2011/03/27 07:38:40 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wceusbsh.sys
[2011/03/27 07:38:40 | 000,023,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wch7xxnt.sys
[2011/03/27 07:38:34 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2011/03/27 07:38:30 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv10nt.sys
[2011/03/27 07:38:29 | 000,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv06nt.sys
[2011/03/27 07:38:28 | 000,033,599 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv04nt.sys
[2011/03/27 07:38:27 | 000,019,551 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv02nt.sys
[2011/03/27 07:38:26 | 000,029,311 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\watv01nt.sys
[2011/03/27 07:38:23 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv11nt.sys
[2011/03/27 07:38:22 | 000,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv09nt.sys
[2011/03/27 07:38:22 | 000,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv08nt.sys
[2011/03/27 07:38:21 | 000,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv07nt.sys
[2011/03/27 07:38:20 | 000,011,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv05nt.sys
[2011/03/27 07:38:19 | 000,012,127 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv02nt.sys
[2011/03/27 07:38:18 | 000,012,415 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\wadv01nt.sys
[2011/03/27 07:38:17 | 000,013,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wacompen.sys
[2011/03/27 07:38:11 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2011/03/27 07:38:05 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2011/03/27 07:38:00 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2011/03/27 07:37:52 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2011/03/27 07:37:46 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2011/03/27 07:37:40 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2011/03/27 07:37:34 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2011/03/27 07:37:29 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys
[2011/03/27 07:37:24 | 000,011,325 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\vchnt5.dll
[2011/03/27 07:37:18 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2011/03/27 07:37:12 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2011/03/27 07:37:06 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2011/03/27 07:37:00 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2011/03/27 07:36:55 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2011/03/27 07:36:49 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2011/03/27 07:36:44 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2011/03/27 07:36:39 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2011/03/27 07:36:36 | 000,078,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbvideo.sys
[2011/03/27 07:36:35 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbser.sys
[2011/03/27 07:36:32 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbohci.sys
[2011/03/27 07:36:30 | 000,059,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2011/03/27 07:36:28 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2011/03/27 07:36:19 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxud32.dll
[2011/03/27 07:36:13 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2011/03/27 07:36:09 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2011/03/27 07:36:04 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu12.dll
[2011/03/27 07:35:59 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2011/03/27 07:35:54 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2011/03/27 07:35:48 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2011/03/27 07:35:43 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2011/03/27 07:35:38 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2011/03/27 07:35:33 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2011/03/27 07:35:26 | 000,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys
[2011/03/27 07:35:17 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2011/03/27 07:35:12 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2011/03/27 07:35:07 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2011/03/27 07:35:02 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2011/03/27 07:34:57 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2011/03/27 07:34:52 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2011/03/27 07:34:45 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys
[2011/03/27 07:34:41 | 000,042,496 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll
[2011/03/27 07:34:40 | 000,082,432 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4mon.exe
[2011/03/27 07:34:35 | 000,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll
[2011/03/27 07:34:30 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys
[2011/03/27 07:34:24 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys
[2011/03/27 07:34:19 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys
[2011/03/27 07:34:12 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2011/03/27 07:34:06 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2011/03/27 07:34:01 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2011/03/27 07:33:59 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2011/03/27 07:33:53 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2011/03/27 07:33:49 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2011/03/27 07:33:42 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys
[2011/03/27 07:33:35 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2011/03/27 07:33:27 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2011/03/27 07:33:22 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2011/03/27 07:33:14 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2011/03/27 07:33:09 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2011/03/27 07:33:05 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2011/03/27 07:33:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2011/03/27 07:32:56 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2011/03/27 07:32:51 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2011/03/27 07:32:47 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2011/03/27 07:32:40 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2011/03/27 07:32:35 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2011/03/27 07:32:31 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2011/03/27 07:32:24 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2011/03/27 07:32:09 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2011/03/27 07:32:04 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2011/03/27 07:31:56 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2011/03/27 07:31:48 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2011/03/27 07:31:44 | 000,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2011/03/27 07:31:37 | 000,007,552 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypvu1.sys
[2011/03/27 07:31:32 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys
[2011/03/27 07:31:28 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll
[2011/03/27 07:31:23 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys
[2011/03/27 07:31:18 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2011/03/27 07:31:17 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonyait.sys
[2011/03/27 07:31:11 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2011/03/27 07:30:58 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2011/03/27 07:30:52 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2011/03/27 07:30:47 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2011/03/27 07:30:42 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2011/03/27 07:30:37 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2011/03/27 07:30:33 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys
[2011/03/27 07:30:32 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbbatt.sys
[2011/03/27 07:30:32 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbclass.sys
[2011/03/27 07:30:31 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbali.sys
[2011/03/27 07:30:26 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll
[2011/03/27 07:30:22 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll
[2011/03/27 07:30:17 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll
[2011/03/27 07:30:08 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll
[2011/03/27 07:30:04 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slserv.exe
[2011/03/27 07:30:04 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slwdmsup.sys
[2011/03/27 07:30:03 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slrundll.exe
[2011/03/27 07:30:02 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slnthal.sys
[2011/03/27 07:30:01 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slntamr.sys
[2011/03/27 07:30:00 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slgen.dll
[2011/03/27 07:30:00 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slnt7554.sys
[2011/03/27 07:29:59 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slextspk.dll
[2011/03/27 07:29:58 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\slcoinst.dll
[2011/03/27 07:29:57 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2011/03/27 07:29:52 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2011/03/27 07:29:47 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2011/03/27 07:29:43 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll
[2011/03/27 07:29:38 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys
[2011/03/27 07:29:36 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2011/03/27 07:29:32 | 000,238,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrv.dll
[2011/03/27 07:29:28 | 000,104,064 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrp.sys
[2011/03/27 07:29:24 | 000,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll
[2011/03/27 07:29:19 | 000,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys
[2011/03/27 07:29:15 | 000,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll
[2011/03/27 07:29:09 | 000,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys
[2011/03/27 07:29:08 | 000,003,901 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\siint5.dll
[2011/03/27 07:28:54 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2011/03/27 07:28:49 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2011/03/27 07:28:44 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2011/03/27 07:28:40 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2011/03/27 07:28:35 | 000,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys
[2011/03/27 07:28:29 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2011/03/27 07:28:24 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys
[2011/03/27 07:28:16 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys
[2011/03/27 07:28:11 | 000,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys
[2011/03/27 07:28:05 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2011/03/27 07:28:01 | 000,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys
[2011/03/27 07:27:56 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2011/03/27 07:27:51 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2011/03/27 07:27:46 | 000,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll
[2011/03/27 07:27:39 | 000,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys
[2011/03/27 07:27:35 | 000,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll
[2011/03/27 07:27:31 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2011/03/27 07:27:27 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2011/03/27 07:27:23 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2011/03/27 07:27:17 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2011/03/27 07:27:13 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2011/03/27 07:27:08 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2011/03/27 07:27:04 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2011/03/27 07:27:00 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2011/03/27 07:26:56 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2011/03/27 07:26:51 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3gnbm.sys
[2011/03/27 07:26:51 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2011/03/27 07:26:50 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3gnb.dll
[2011/03/27 07:26:45 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2011/03/27 07:26:40 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2011/03/27 07:26:33 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2011/03/27 07:26:29 | 000,024,576 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2011/03/27 07:26:18 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2011/03/27 07:26:14 | 000,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys
[2011/03/27 07:26:08 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2011/03/27 07:26:03 | 000,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys
[2011/03/27 07:25:59 | 000,079,104 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2011/03/27 07:25:54 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2011/03/27 07:25:52 | 000,059,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rfcomm.sys
[2011/03/27 07:25:47 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2011/03/27 07:25:42 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\recagent.sys
[2011/03/27 07:25:31 | 000,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys
[2011/03/27 07:25:25 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2011/03/27 07:25:20 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2011/03/27 07:25:16 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2011/03/27 07:25:12 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[2011/03/27 07:25:07 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qic157.sys
[2011/03/27 07:25:01 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2011/03/27 07:24:57 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2011/03/27 07:24:52 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2011/03/27 07:24:51 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusd.dll
[2011/03/27 07:24:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll
[2011/03/27 07:24:42 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll
[2011/03/27 07:24:37 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2011/03/27 07:24:33 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa3.sys
[2011/03/27 07:24:29 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ppa.sys
[2011/03/27 07:24:24 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powerfil.sys
[2011/03/27 07:24:18 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys
[2011/03/27 07:24:16 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\plugin.ocx
[2011/03/27 07:24:10 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll
[2011/03/27 07:24:05 | 000,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys
[2011/03/27 07:24:01 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys
[2011/03/27 07:23:57 | 000,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys
[2011/03/27 07:23:52 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys
[2011/03/27 07:23:48 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll
[2011/03/27 07:23:44 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax
[2011/03/27 07:23:43 | 000,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3dd.dll
[2011/03/27 07:23:42 | 000,211,712 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2dll.dll
[2011/03/27 07:23:42 | 000,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm3.sys
[2011/03/27 07:23:41 | 000,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) -- C:\WINDOWS\System32\dllcache\perm2.sys
[2011/03/27 07:23:38 | 000,169,984 | ---- | C] (Cisco Systems) -- C:\WINDOWS\System32\dllcache\pcx500.sys
[2011/03/27 07:23:34 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2011/03/27 07:23:30 | 000,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys
[2011/03/27 07:23:26 | 000,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys
[2011/03/27 07:23:22 | 000,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[2011/03/27 07:23:17 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2011/03/27 07:23:16 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2011/03/27 07:23:12 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2011/03/27 07:23:02 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll
[2011/03/27 07:22:58 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll
[2011/03/27 07:22:54 | 000,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys
[2011/03/27 07:22:50 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe
[2011/03/27 07:22:46 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll
[2011/03/27 07:22:42 | 000,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys
[2011/03/27 07:22:37 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll
[2011/03/27 07:22:33 | 000,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys
[2011/03/27 07:22:29 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys
[2011/03/27 07:22:25 | 000,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys
[2011/03/27 07:22:21 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys
[2011/03/27 07:22:17 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2011/03/27 07:22:13 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2011/03/27 07:22:08 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2011/03/27 07:22:01 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2011/03/27 07:21:46 | 000,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys
[2011/03/27 07:21:42 | 000,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll
[2011/03/27 07:21:39 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\ntmtlfax.sys
[2011/03/27 07:21:29 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2011/03/27 07:21:22 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys
[2011/03/27 07:21:18 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys
[2011/03/27 07:21:16 | 000,028,672 | ---- | C] (National Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\nscirda.sys
[2011/03/27 07:21:09 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2011/03/27 07:21:05 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2011/03/27 07:20:59 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2011/03/27 07:20:58 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2011/03/27 07:20:50 | 000,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys
[2011/03/27 07:20:44 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2011/03/27 07:20:40 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2011/03/27 07:20:37 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys
[2011/03/27 07:20:30 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2011/03/27 07:20:26 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2011/03/27 07:20:22 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2011/03/27 07:20:18 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2011/03/27 07:20:14 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2011/03/27 07:20:09 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2011/03/27 07:20:04 | 000,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys
[2011/03/27 07:19:59 | 000,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys
[2011/03/27 07:19:55 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2011/03/27 07:19:50 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2011/03/27 07:19:46 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2011/03/27 07:19:43 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2011/03/27 07:19:39 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2011/03/27 07:19:37 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mutohpen.sys
[2011/03/27 07:19:33 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2011/03/27 07:19:32 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mtxparhm.sys
[2011/03/27 07:19:31 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mtxparhd.dll
[2011/03/27 07:19:29 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\mtlstrm.sys
[2011/03/27 07:19:28 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\dllcache\mtlmnt5.sys
[2011/03/27 07:19:19 | 000,049,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstape.sys
[2011/03/27 07:19:12 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys
[2011/03/27 07:19:02 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmpu401.sys
[2011/03/27 07:19:00 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msircomm.sys
[2011/03/27 07:18:49 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys
[2011/03/27 07:18:45 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys
[2011/03/27 07:18:28 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2011/03/27 07:18:21 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys
[2011/03/27 07:18:12 | 000,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys
[2011/03/27 07:18:05 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys
[2011/03/27 07:18:01 | 000,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll
[2011/03/27 07:17:58 | 000,026,112 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\memstpci.sys
[2011/03/27 07:17:54 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll
[2011/03/27 07:17:50 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys
[2011/03/27 07:17:44 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2011/03/27 07:17:35 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys
[2011/03/27 07:17:29 | 000,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys
[2011/03/27 07:17:24 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll
[2011/03/27 07:17:20 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll
[2011/03/27 07:17:16 | 000,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys
[2011/03/27 07:17:15 | 000,020,864 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwadihid.sys
[2011/03/27 07:17:11 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2011/03/27 07:17:07 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2011/03/27 07:17:06 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ltotape.sys
[2011/03/27 07:17:05 | 000,420,992 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2011/03/27 07:17:01 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2011/03/27 07:17:00 | 000,606,684 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2011/03/27 07:16:57 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2011/03/27 07:16:51 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys
[2011/03/27 07:16:45 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2011/03/27 07:16:41 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2011/03/27 07:16:37 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2011/03/27 07:16:33 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2011/03/27 07:16:31 | 000,034,688 | ---- | C] (Toshiba Corp.) -- C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[2011/03/27 07:16:27 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2011/03/27 07:16:22 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2011/03/27 07:16:17 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2011/03/27 07:16:11 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsusd.dll
[2011/03/27 07:16:08 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kdsui.dll
[2011/03/27 07:15:39 | 000,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys
[2011/03/27 07:15:36 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2011/03/27 07:15:31 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2011/03/27 07:15:30 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2011/03/27 07:15:30 | 000,087,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irda.sys
[2011/03/27 07:15:28 | 000,040,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irbus.sys
[2011/03/27 07:15:20 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2011/03/27 07:15:17 | 000,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll
[2011/03/27 07:15:13 | 000,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys
[2011/03/27 07:15:07 | 000,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys
[2011/03/27 07:14:36 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2011/03/27 07:14:33 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys
[2011/03/27 07:14:29 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll
[2011/03/27 07:14:26 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll
[2011/03/27 07:14:22 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2011/03/27 07:14:19 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2011/03/27 07:14:15 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2011/03/27 07:14:12 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2011/03/27 07:14:08 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2011/03/27 07:14:05 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2011/03/27 07:14:02 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys
[2011/03/27 07:13:59 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys
[2011/03/27 07:13:54 | 000,009,216 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[2011/03/27 07:13:51 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys
[2011/03/27 07:13:48 | 000,702,845 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xdnt5.dll
[2011/03/27 07:13:48 | 000,161,020 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\i81xnt5.sys
[2011/03/27 07:13:44 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys
[2011/03/27 07:13:41 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll
[2011/03/27 07:13:26 | 001,041,536 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfdpsp2.sys
[2011/03/27 07:13:25 | 000,685,056 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfcxts2.sys
[2011/03/27 07:13:24 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfcisp2.dll
[2011/03/27 07:13:23 | 000,220,032 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\hsfbs2s2.sys
[2011/03/27 07:13:19 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys
[2011/03/27 07:13:16 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys
[2011/03/27 07:13:13 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys
[2011/03/27 07:13:09 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys
[2011/03/27 07:13:06 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys
[2011/03/27 07:13:03 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys
[2011/03/27 07:12:59 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys
[2011/03/27 07:12:56 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll
[2011/03/27 07:12:53 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys
[2011/03/27 07:12:49 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys
[2011/03/27 07:12:46 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys
[2011/03/27 07:12:43 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys
[2011/03/27 07:12:40 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys
[2011/03/27 07:12:36 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2011/03/27 07:12:33 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2011/03/27 07:12:29 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2011/03/27 07:12:26 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2011/03/27 07:12:23 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2011/03/27 07:12:20 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2011/03/27 07:12:14 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2011/03/27 07:12:08 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2011/03/27 07:12:01 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2011/03/27 07:11:55 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2011/03/27 07:11:49 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2011/03/27 07:11:44 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2011/03/27 07:11:43 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidir.sys
[2011/03/27 07:11:40 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2011/03/27 07:11:39 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbth.sys
[2011/03/27 07:11:37 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidbatt.sys
[2011/03/27 07:11:31 | 000,907,456 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys
[2011/03/27 07:11:29 | 000,028,288 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2011/03/27 07:11:26 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2011/03/27 07:11:23 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2011/03/27 07:11:20 | 000,059,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gckernel.sys
[2011/03/27 07:11:19 | 000,010,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gameenum.sys
[2011/03/27 07:11:16 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys
[2011/03/27 07:11:13 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll
[2011/03/27 07:11:11 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys
[2011/03/27 07:11:08 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll
[2011/03/27 07:11:05 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2011/03/27 07:10:54 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2011/03/27 07:10:51 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2011/03/27 07:10:48 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2011/03/27 07:10:42 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2011/03/27 07:10:38 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2011/03/27 07:10:35 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2011/03/27 07:10:34 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2011/03/27 07:10:30 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2011/03/27 07:10:26 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2011/03/27 07:10:18 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys
[2011/03/27 07:10:14 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2011/03/27 07:10:11 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys
[2011/03/27 07:10:09 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2011/03/27 07:10:06 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2011/03/27 07:10:02 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2011/03/27 07:10:00 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys
[2011/03/27 07:09:54 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2011/03/27 07:09:52 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2011/03/27 07:09:49 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2011/03/27 07:09:46 | 000,137,088 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\essm2e.sys
[2011/03/27 07:09:46 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2011/03/27 07:09:43 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2011/03/27 07:09:40 | 000,347,550 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2011/03/27 07:09:37 | 000,594,238 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys
[2011/03/27 07:09:35 | 000,595,647 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2011/03/27 07:09:32 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2011/03/27 07:09:30 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2011/03/27 07:09:27 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2011/03/27 07:09:25 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2011/03/27 07:09:22 | 000,061,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2011/03/27 07:09:19 | 000,051,200 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2011/03/27 07:09:17 | 000,053,248 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2011/03/27 07:09:14 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2011/03/27 07:09:12 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2011/03/27 07:09:09 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2011/03/27 07:09:07 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2011/03/27 07:09:05 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys
[2011/03/27 07:08:59 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2011/03/27 07:08:58 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2011/03/27 07:08:56 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2011/03/27 07:08:54 | 000,171,520 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2011/03/27 07:08:52 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2011/03/27 07:08:50 | 000,455,199 | ---- | C] (3Com Corporation.) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2011/03/27 07:08:49 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2011/03/27 07:08:47 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2011/03/27 07:08:45 | 000,241,206 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2011/03/27 07:08:43 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2011/03/27 07:08:41 | 000,634,134 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2011/03/27 07:08:40 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2011/03/27 07:08:38 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2011/03/27 07:08:36 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2011/03/27 07:08:34 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2011/03/27 07:08:33 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2011/03/27 07:08:31 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2011/03/27 07:08:29 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2011/03/27 07:08:27 | 000,050,719 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2011/03/27 07:08:21 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2011/03/27 07:08:19 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2011/03/27 07:08:14 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2011/03/27 07:08:12 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2011/03/27 07:08:11 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2011/03/27 07:08:09 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4.sys
[2011/03/27 07:08:09 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2011/03/27 07:08:03 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2011/03/27 07:08:02 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlttape.sys
[2011/03/27 07:08:00 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2011/03/27 07:07:59 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2011/03/27 07:07:53 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2011/03/27 07:07:51 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2011/03/27 07:07:49 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2011/03/27 07:07:48 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2011/03/27 07:07:45 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2011/03/27 07:07:43 | 000,614,429 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2011/03/27 07:07:42 | 000,042,432 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2011/03/27 07:07:40 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2011/03/27 07:07:39 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2011/03/27 07:07:37 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2011/03/27 07:07:36 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2011/03/27 07:07:34 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2011/03/27 07:07:33 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2011/03/27 07:07:31 | 000,090,525 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2011/03/27 07:07:30 | 000,103,044 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2011/03/27 07:07:28 | 000,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2011/03/27 07:07:27 | 000,037,735 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2011/03/27 07:07:25 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2011/03/27 07:07:21 | 000,419,357 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2011/03/27 07:07:20 | 000,029,531 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2011/03/27 07:07:18 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2011/03/27 07:07:16 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2011/03/27 07:07:15 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe
[2011/03/27 07:07:13 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll
[2011/03/27 07:07:11 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2011/03/27 07:07:09 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2011/03/27 07:07:06 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2011/03/27 07:07:05 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2011/03/27 07:07:03 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2011/03/27 07:07:02 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2011/03/27 07:07:01 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2011/03/27 07:06:53 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2011/03/27 07:06:52 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2011/03/27 07:06:50 | 000,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2011/03/27 07:06:49 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2011/03/27 07:06:48 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2011/03/27 07:06:46 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2011/03/27 07:06:45 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2011/03/27 07:06:44 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2011/03/27 07:06:42 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2011/03/27 07:06:42 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2011/03/27 07:06:41 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2011/03/27 07:06:39 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2011/03/27 07:06:38 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2011/03/27 07:06:37 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2011/03/27 07:06:35 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2011/03/27 07:06:34 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2011/03/27 07:06:32 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll
[2011/03/27 07:06:31 | 000,249,856 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2011/03/27 07:06:30 | 000,096,256 | ---- | C] (Copyright © Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2011/03/27 07:06:29 | 000,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2011/03/27 07:06:28 | 000,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys
[2011/03/27 07:06:25 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll
[2011/03/27 07:06:23 | 000,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2011/03/27 07:06:20 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2011/03/27 07:06:18 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2011/03/27 07:06:17 | 000,021,533 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2011/03/27 07:06:10 | 000,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2011/03/27 07:06:08 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2011/03/27 07:06:05 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2011/03/27 07:06:03 | 000,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2011/03/27 07:06:02 | 000,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2011/03/27 07:06:01 | 000,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2011/03/27 07:06:00 | 000,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2011/03/27 07:05:59 | 000,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2011/03/27 07:05:57 | 000,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2011/03/27 07:05:56 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2011/03/27 07:05:50 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\changer.sys
[2011/03/27 07:05:49 | 000,015,423 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\ch7xxnt5.dll
[2011/03/27 07:05:46 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2011/03/27 07:05:44 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2011/03/27 07:05:44 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2011/03/27 07:05:43 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2011/03/27 07:05:42 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2011/03/27 07:05:40 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2011/03/27 07:05:39 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2011/03/27 07:05:38 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2011/03/27 07:05:35 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2011/03/27 07:05:33 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2011/03/27 07:05:32 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2011/03/27 07:05:30 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.dll
[2011/03/27 07:05:29 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2011/03/27 07:05:28 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2011/03/27 07:05:27 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2011/03/27 07:05:26 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2011/03/27 07:05:25 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2011/03/27 07:05:23 | 000,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2011/03/27 07:05:22 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2011/03/27 07:05:21 | 000,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2011/03/27 07:04:43 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2011/03/27 07:04:41 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthusb.sys
[2011/03/27 07:04:40 | 000,035,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthprint.sys
[2011/03/27 07:04:38 | 000,274,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2011/03/27 07:04:37 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthpan.sys
[2011/03/27 07:04:37 | 000,038,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthmodem.sys
[2011/03/27 07:04:36 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthenum.sys
[2011/03/27 07:04:35 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2011/03/27 07:04:33 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2011/03/27 07:04:32 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2011/03/27 07:04:31 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2011/03/27 07:04:31 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2011/03/27 07:04:30 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2011/03/27 07:04:29 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2011/03/27 07:04:28 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2011/03/27 07:04:26 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2011/03/27 07:04:26 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2011/03/27 07:04:25 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2011/03/27 07:04:24 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2011/03/27 07:04:24 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2011/03/27 07:04:21 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2011/03/27 07:04:19 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2011/03/27 07:04:19 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2011/03/27 07:04:18 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2011/03/27 07:04:17 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2011/03/27 07:04:16 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2011/03/27 07:04:16 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2011/03/27 07:04:13 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2011/03/27 07:04:12 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2011/03/27 07:04:12 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2011/03/27 07:04:11 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2011/03/27 07:04:11 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2011/03/27 07:04:10 | 000,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys
[2011/03/27 07:04:09 | 000,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys
[2011/03/27 07:04:07 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2011/03/27 07:04:05 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2011/03/27 07:04:04 | 000,096,640 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys
[2011/03/27 07:04:04 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2011/03/27 07:04:03 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2011/03/27 07:04:02 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2011/03/27 07:04:01 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2011/03/27 07:04:01 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2011/03/27 07:03:59 | 000,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2011/03/27 07:03:59 | 000,013,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcstrm.sys
[2011/03/27 07:03:54 | 000,017,279 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\atv10nt5.dll
[2011/03/27 07:03:53 | 000,014,143 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\atv06nt5.dll
[2011/03/27 07:03:52 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\atv04nt5.dll
[2011/03/27 07:03:51 | 000,011,359 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\atv02nt5.dll
[2011/03/27 07:03:49 | 000,021,183 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\atv01nt5.dll
[2011/03/27 07:03:44 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ativvaxx.dll
[2011/03/27 07:03:43 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ativtmxx.dll
[2011/03/27 07:03:41 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ativmvxx.ax
[2011/03/27 07:03:40 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ativdaxx.ax
[2011/03/27 07:03:37 | 000,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll
[2011/03/27 07:03:37 | 000,070,528 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys
[2011/03/27 07:03:35 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinxsxx.sys
[2011/03/27 07:03:34 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinxbxx.sys
[2011/03/27 07:03:33 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atintuxx.sys
[2011/03/27 07:03:33 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinttxx.sys
[2011/03/27 07:03:31 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinsnxx.sys
[2011/03/27 07:03:30 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinrvxx.sys
[2011/03/27 07:03:28 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinraxx.sys
[2011/03/27 07:03:26 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinpdxx.sys
[2011/03/27 07:03:24 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinmdxx.sys
[2011/03/27 07:03:23 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atinbtxx.sys
[2011/03/27 07:03:22 | 000,281,600 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys
[2011/03/27 07:03:22 | 000,075,136 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys
[2011/03/27 07:03:21 | 000,289,664 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys
[2011/03/27 07:03:21 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2011/03/27 07:03:20 | 000,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll
[2011/03/27 07:03:19 | 000,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll
[2011/03/27 07:03:19 | 000,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll
[2011/03/27 07:03:17 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ati3duag.dll
[2011/03/27 07:03:16 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ati3d1ag.dll
[2011/03/27 07:03:15 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mtag.sys
[2011/03/27 07:03:15 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mtaa.sys
[2011/03/27 07:03:14 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2dvag.dll
[2011/03/27 07:03:13 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2dvaa.dll
[2011/03/27 07:03:13 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2cqag.dll
[2011/03/27 07:03:12 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1xsxx.sys
[2011/03/27 07:03:12 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1xbxx.sys
[2011/03/27 07:03:10 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1tuxx.sys
[2011/03/27 07:03:10 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1ttxx.sys
[2011/03/27 07:03:09 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1rvxx.sys
[2011/03/27 07:03:09 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1snxx.sys
[2011/03/27 07:03:08 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1raxx.sys
[2011/03/27 07:03:08 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1pdxx.sys
[2011/03/27 07:03:07 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1mdxx.sys
[2011/03/27 07:03:06 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati1btxx.sys
[2011/03/27 07:03:05 | 000,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2011/03/27 07:03:05 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2011/03/27 07:03:03 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2011/03/27 07:02:59 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2011/03/27 07:02:58 | 000,036,224 | ---- | C] (ADMtek Incorporated.) -- C:\WINDOWS\System32\dllcache\an983.sys
[2011/03/27 07:02:57 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2011/03/27 07:02:56 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys
[2011/03/27 07:02:55 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys
[2011/03/27 07:02:48 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2011/03/27 07:02:45 | 000,003,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv11nt5.dll
[2011/03/27 07:02:45 | 000,003,711 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv09nt5.dll
[2011/03/27 07:02:44 | 000,003,135 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv08nt5.dll
[2011/03/27 07:02:43 | 000,003,647 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv07nt5.dll
[2011/03/27 07:02:42 | 000,003,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv05nt5.dll
[2011/03/27 07:02:41 | 000,003,967 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv02nt5.dll
[2011/03/27 07:02:40 | 000,004,255 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\dllcache\adv01nt5.dll
[2011/03/27 07:02:37 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2011/03/27 07:02:36 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2011/03/27 07:02:35 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2011/03/27 07:02:35 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2011/03/27 07:02:34 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2011/03/27 07:02:33 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2011/03/27 07:02:33 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2011/03/27 07:02:30 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2011/03/27 07:02:29 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2011/03/27 07:02:28 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2011/03/27 07:02:28 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2011/03/27 07:02:27 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2011/03/27 07:02:26 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2011/03/27 07:02:26 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2011/03/27 07:02:25 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2011/03/27 07:02:24 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2011/03/27 07:02:23 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2011/03/27 07:02:23 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2011/03/27 07:02:22 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2011/03/27 07:02:22 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2011/03/27 07:01:48 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2011/03/26 17:45:17 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2011/03/26 17:42:27 | 001,377,112 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Robert Weil\Desktop\tdsskiller.exe
[2011/03/25 22:26:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/03/25 22:23:48 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2011/03/25 21:48:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Robert Weil\Application Data\Malwarebytes
[2011/03/25 20:00:04 | 000,301,528 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/03/25 20:00:04 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/03/25 20:00:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/03/25 20:00:03 | 000,371,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/03/25 20:00:03 | 000,102,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/03/25 20:00:03 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/03/25 20:00:03 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/03/25 20:00:03 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/03/25 20:00:03 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/03/25 19:59:40 | 000,040,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/03/25 19:59:39 | 000,190,016 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/03/25 19:59:31 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/03/25 19:59:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/03/25 19:59:12 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{FE41BDC7-CD33-4350-8A15-26EFBE20A0FE}
[2011/03/25 19:36:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/03/25 19:36:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/25 19:36:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/03/25 19:36:55 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/03/25 19:36:54 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/03/21 21:30:32 | 000,031,728 | ---- | C] (DNAML Pty Ltd) -- C:\WINDOWS\dbrmdwb.exe
[2011/03/21 21:30:30 | 002,327,704 | ---- | C] (DNAML Pty Ltd) -- C:\WINDOWS\dbplugin.ocx
[2011/03/21 21:30:26 | 002,179,072 | ---- | C] (DNAML Pty Ltd) -- C:\WINDOWS\npdbplug.dll
[2011/03/15 21:25:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\espionServerData
[2011/03/15 09:02:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Robert Weil\Application Data\OpenOffice.org
[2011/03/15 08:56:54 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.3
[2011/03/15 08:53:30 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/03/15 08:53:29 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/03/15 08:53:29 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/03/15 08:53:29 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/03/15 08:51:42 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/03/15 07:33:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Software
[2011/03/15 07:32:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Video Related Programs
[2011/03/15 07:32:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NCH Software Suite
[2011/03/15 07:32:53 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2011/03/15 07:32:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Robert Weil\Application Data\NCH Software
[2011/03/14 21:10:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Robert Weil\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/03/14 20:27:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2011/03/14 20:11:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2011/03/14 20:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\SmartSound Software
[2011/03/14 20:09:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/03/14 19:18:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai
[2011/03/08 21:15:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Fonts\Lady Rene
[2008/09/03 20:02:52 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\Implode.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/03 07:22:38 | 005,160,736 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2011/04/03 07:21:16 | 098,441,760 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2011/04/03 06:53:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Robert Weil\Desktop\OTL.exe
[2011/04/03 02:00:01 | 000,000,354 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-BOBSLAPTOP-Robert Weil.job
[2011/04/02 22:01:24 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/01 22:42:31 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/04/01 21:28:16 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/03/31 21:15:00 | 000,112,875 | R--- | M] () -- C:\Documents and Settings\Robert Weil\Desktop\Lisa-photo.JPG
[2011/03/31 06:00:59 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\prismShakeIcon.job
[2011/03/30 19:39:57 | 000,045,568 | ---- | M] () -- C:\Documents and Settings\Robert Weil\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/30 19:39:09 | 000,000,230 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/03/30 19:24:26 | 000,000,452 | ---- | M] () -- C:\WINDOWS\ULead32.ini
[2011/03/29 05:08:52 | 000,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2011/03/29 05:08:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/29 05:06:34 | 001,319,648 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx
[2011/03/29 05:06:34 | 000,486,536 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox2.idx
[2011/03/29 04:54:36 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/03/28 22:36:08 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/03/27 22:35:21 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\Robert Weil\Desktop\SUPERAntiSpyware Scan Log - 03-27-2011 - 21-53-52.zip
[2011/03/27 22:16:55 | 000,163,977 | ---- | M] () -- C:\Documents and Settings\Robert Weil\Desktop\SuperAntiSpyware_3-27-11-LOG.jpg
[2011/03/27 22:14:58 | 002,325,324 | ---- | M] () -- C:\Documents and Settings\Robert Weil\Desktop\SuperAntiSpywareLog_3-27-11t.rtf
[2011/03/27 08:40:06 | 000,008,628 | -H-- | M] () -- C:\Documents and Settings\Robert Weil\Desktop\pagedfrg.GID
[2011/03/27 08:39:59 | 000,025,992 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe
[2011/03/27 08:07:54 | 001,006,778 | ---- | M] () -- C:\Documents and Settings\Robert Weil\Desktop\rkill.scr
[2011/03/26 20:39:44 | 000,421,586 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/03/26 20:39:44 | 000,074,240 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/03/26 07:38:06 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Robert Weil\defogger_reenable
[2011/03/26 07:30:09 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2011/03/25 22:19:57 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\Robert Weil\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2011/03/25 22:19:57 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2011/03/25 20:00:04 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/03/25 20:00:03 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/03/25 19:36:59 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/25 19:28:04 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/03/25 18:01:08 | 001,377,112 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Robert Weil\Desktop\tdsskiller.exe
[2011/03/23 05:46:04 | 000,002,048 | ---- | M] () -- C:\Documents and Settings\Robert Weil\Application Data\A&I Book Creator Prefs
[2011/03/22 01:05:43 | 000,064,512 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2011/03/22 01:05:42 | 000,016,432 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2011/03/21 21:30:32 | 000,031,728 | ---- | M] (DNAML Pty Ltd) -- C:\WINDOWS\dbrmdwb.exe
[2011/03/21 21:30:32 | 000,000,026 | ---- | M] () -- C:\WINDOWS\dbrmdwb.bat
[2011/03/21 21:30:31 | 000,245,840 | ---- | M] () -- C:\WINDOWS\System32\DNLEng.dll
[2011/03/21 21:30:30 | 002,327,704 | ---- | M] (DNAML Pty Ltd) -- C:\WINDOWS\dbplugin.ocx
[2011/03/21 21:30:29 | 000,894,616 | ---- | M] () -- C:\WINDOWS\dbplugin.exe
[2011/03/21 21:30:28 | 000,000,633 | ---- | M] () -- C:\WINDOWS\npdbplug.xpt
[2011/03/21 21:30:26 | 002,179,072 | ---- | M] (DNAML Pty Ltd) -- C:\WINDOWS\npdbplug.dll
[2011/03/20 17:07:56 | 000,301,568 | ---- | M] () -- C:\Documents and Settings\Robert Weil\Desktop\gmer.exe
[2011/03/16 19:30:40 | 008,901,864 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/03/15 09:03:35 | 000,000,727 | ---- | M] () -- C:\Documents and Settings\Robert Weil\Start Menu\Programs\StartUp\OpenOffice.org 3.3.lnk
[2011/03/15 08:56:54 | 000,000,749 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.3.lnk
[2011/03/15 08:52:46 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/03/15 08:52:45 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/03/15 08:52:45 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/03/15 08:52:45 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/03/15 08:52:42 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/03/15 07:32:54 | 000,000,771 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Prism Video File Converter.lnk
[2011/03/15 07:22:15 | 002,595,302 | ---- | M] () -- C:\Documents and Settings\Robert Weil\Desktop\When Im Sixty-Four - The Beatles.mp4
[2011/03/15 07:19:44 | 002,595,302 | ---- | M] () -- C:\Documents and Settings\Robert Weil\Desktop\When Im Sixty-Four - The Beatles.mov
[2011/03/15 06:55:42 | 003,469,806 | ---- | M] () -- C:\Documents and Settings\Robert Weil\Desktop\When Im Sixty-Four - The Beatles.wmv
[2011/03/15 06:24:36 | 002,596,029 | ---- | M] () -- C:\Documents and Settings\Robert Weil\When64.mov
[2011/03/14 20:20:06 | 000,297,285 | ---- | M] () -- C:\WINDOWS\System32\shimg.dll
[2011/03/14 20:17:51 | 000,000,378 | ---- | M] () -- C:\WINDOWS\System32\Wacom_Tablet.dat
[2011/03/14 20:17:46 | 000,004,096 | -HS- | M] () -- C:\VSM000.IDX
[2011/03/14 20:03:18 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Premiere Elements 9.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/31 21:16:39 | 000,112,875 | R--- | C] () -- C:\Documents and Settings\Robert Weil\Desktop\Lisa-photo.JPG
[2011/03/31 06:00:59 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\prismShakeIcon.job
[2011/03/29 04:54:36 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/03/27 22:35:21 | 000,001,196 | ---- | C] () -- C:\Documents and Settings\Robert Weil\Desktop\SUPERAntiSpyware Scan Log - 03-27-2011 - 21-53-52.zip
[2011/03/27 22:16:50 | 000,163,977 | ---- | C] () -- C:\Documents and Settings\Robert Weil\Desktop\SuperAntiSpyware_3-27-11-LOG.jpg
[2011/03/27 22:14:58 | 002,325,324 | ---- | C] () -- C:\Documents and Settings\Robert Weil\Desktop\SuperAntiSpywareLog_3-27-11t.rtf
[2011/03/27 08:38:23 | 000,008,628 | -H-- | C] () -- C:\Documents and Settings\Robert Weil\Desktop\pagedfrg.GID
[2011/03/27 08:07:52 | 001,006,778 | ---- | C] () -- C:\Documents and Settings\Robert Weil\Desktop\rkill.scr
[2011/03/27 07:40:39 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2011/03/27 07:40:33 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2011/03/27 07:24:46 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2011/03/27 07:24:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2011/03/27 07:18:44 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2011/03/27 07:12:17 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2011/03/27 07:12:11 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2011/03/27 07:12:05 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2011/03/27 07:11:58 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2011/03/27 07:11:52 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2011/03/27 07:07:57 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2011/03/27 07:07:56 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2011/03/27 07:07:54 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2011/03/27 07:03:47 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2011/03/27 07:03:46 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2011/03/27 07:03:44 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2011/03/27 07:03:41 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2011/03/27 07:03:40 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2011/03/27 07:03:39 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2011/03/27 07:03:38 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2011/03/27 07:03:38 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2011/03/27 07:03:36 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2011/03/27 07:03:18 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2011/03/26 19:11:18 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/26 07:38:06 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Robert Weil\defogger_reenable
[2011/03/25 22:29:48 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/03/25 22:19:57 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\Robert Weil\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2011/03/25 22:19:57 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2011/03/25 20:00:04 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/03/25 19:36:59 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/21 21:30:32 | 000,000,026 | ---- | C] () -- C:\WINDOWS\dbrmdwb.bat
[2011/03/21 21:30:31 | 000,245,840 | ---- | C] () -- C:\WINDOWS\System32\DNLEng.dll
[2011/03/21 21:30:29 | 000,894,616 | ---- | C] () -- C:\WINDOWS\dbplugin.exe
[2011/03/21 21:30:28 | 000,000,633 | ---- | C] () -- C:\WINDOWS\npdbplug.xpt
[2011/03/20 17:07:56 | 000,301,568 | ---- | C] () -- C:\Documents and Settings\Robert Weil\Desktop\gmer.exe
[2011/03/15 09:03:35 | 000,000,727 | ---- | C] () -- C:\Documents and Settings\Robert Weil\Start Menu\Programs\StartUp\OpenOffice.org 3.3.lnk
[2011/03/15 08:56:54 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\OpenOffice.org 3.3.lnk
[2011/03/15 07:32:54 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Prism Video File Converter.lnk
[2011/03/15 07:32:54 | 000,000,771 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Prism Video File Converter.lnk
[2011/03/15 07:10:50 | 002,595,302 | ---- | C] () -- C:\Documents and Settings\Robert Weil\Desktop\When Im Sixty-Four - The Beatles.mov
[2011/03/15 06:55:32 | 003,469,806 | ---- | C] () -- C:\Documents and Settings\Robert Weil\Desktop\When Im Sixty-Four - The Beatles.wmv
[2011/03/15 06:53:20 | 002,595,302 | ---- | C] () -- C:\Documents and Settings\Robert Weil\Desktop\When Im Sixty-Four - The Beatles.mp4
[2011/03/15 06:24:32 | 002,596,029 | ---- | C] () -- C:\Documents and Settings\Robert Weil\When64.mov
[2011/03/14 20:32:15 | 000,000,354 | ---- | C] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-BOBSLAPTOP-Robert Weil.job
[2011/03/14 20:17:46 | 000,004,096 | -HS- | C] () -- C:\VSM000.IDX
[2011/03/14 20:09:41 | 000,000,728 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Help.lnk
[2011/03/14 20:03:18 | 000,001,811 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Premiere Elements 9.lnk
[2011/03/14 20:03:18 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Premiere Elements 9.lnk
[2010/12/23 07:24:46 | 000,316,928 | ---- | C] () -- C:\WINDOWS\System32\HDREfexProFC32.dll
[2010/11/22 21:53:25 | 000,297,285 | ---- | C] () -- C:\WINDOWS\System32\shimg.dll
[2010/11/04 20:21:39 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2010/06/21 21:25:12 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Jingles
[2010/06/21 21:25:12 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Robert Weil\Application Data\Internet Services
[2010/06/21 21:25:12 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLck.DAT
[2010/06/21 21:25:12 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Sound Effects
[2010/06/21 21:25:11 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Kernel Extension
[2010/06/21 21:25:11 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Robert Weil\Application Data\Iterate Items
[2010/06/21 21:25:11 | 000,000,012 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Soundtrack
[2010/06/21 21:14:04 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLbx.DAT
[2010/06/09 19:54:53 | 000,020,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\V36QQ
[2010/06/03 20:23:05 | 000,020,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\Q12PL
[2010/02/20 22:29:09 | 000,000,378 | ---- | C] () -- C:\WINDOWS\System32\Wacom_Tablet.dat
[2009/11/08 18:22:23 | 000,065,793 | ---- | C] () -- C:\WINDOWS\System32\esfw54.bin
[2009/11/08 17:48:31 | 000,000,623 | R--- | C] () -- C:\WINDOWS\System32\hppapr10.dat
[2009/11/08 17:43:53 | 000,169,352 | ---- | C] () -- C:\WINDOWS\hppins10.dat
[2009/11/08 17:43:52 | 000,005,186 | ---- | C] () -- C:\WINDOWS\hppmdl10.dat
[2009/08/17 07:16:44 | 000,002,048 | ---- | C] () -- C:\Documents and Settings\Robert Weil\Application Data\A&I Book Creator Prefs
[2009/08/01 09:02:44 | 000,123,131 | ---- | C] () -- C:\WINDOWS\HPHins12.dat
[2009/08/01 09:02:44 | 000,014,916 | ---- | C] () -- C:\WINDOWS\hphmdl12.dat
[2009/08/01 09:02:20 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2009/01/03 21:27:30 | 000,000,023 | ---- | C] () -- C:\WINDOWS\SWFDecompiler.INI
[2008/09/03 20:03:08 | 000,204,848 | ---- | C] () -- C:\WINDOWS\System32\gswin32c.exe
[2008/09/03 20:02:57 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\utility3.dll
[2008/09/03 20:02:57 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\unredmon.exe
[2008/09/03 20:02:53 | 000,054,272 | ---- | C] () -- C:\WINDOWS\System32\P2irdao.dll
[2008/09/03 20:02:53 | 000,050,176 | ---- | C] () -- C:\WINDOWS\System32\P2ctdao.dll
[2008/09/03 20:02:52 | 000,748,160 | ---- | C] () -- C:\WINDOWS\System32\Co2c40en.dll
[2008/06/26 21:18:38 | 000,691,545 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2008/06/26 21:18:38 | 000,002,551 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2008/05/15 21:33:14 | 000,104,553 | ---- | C] () -- C:\WINDOWS\hpoins04.dat
[2008/05/15 21:33:14 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat
[2008/03/03 22:03:02 | 000,000,017 | ---- | C] () -- C:\WINDOWS\MovingPicture.ini
[2007/10/27 15:58:18 | 000,684,032 | ---- | C] () -- C:\WINDOWS\libeay32.dll
[2007/10/27 15:58:18 | 000,155,648 | ---- | C] () -- C:\WINDOWS\ssleay32.dll
[2007/10/27 12:44:17 | 000,026,480 | ---- | C] () -- C:\WINDOWS\System32\wrlzma.dll
[2007/10/27 12:42:28 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\islzma.dll
[2007/10/16 20:55:36 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\jesterrun.dll
[2007/10/16 20:54:27 | 000,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2007/08/13 20:24:22 | 000,000,050 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/05/10 20:36:28 | 000,502,784 | ---- | C] () -- C:\WINDOWS\x2.64.exe
[2007/05/10 20:36:28 | 000,240,128 | ---- | C] () -- C:\WINDOWS\System32\x.264.exe
[2007/05/10 20:36:28 | 000,217,073 | ---- | C] () -- C:\WINDOWS\meta4.exe
[2007/05/10 20:36:28 | 000,066,560 | ---- | C] () -- C:\WINDOWS\MOTA113.exe
[2007/05/10 20:36:28 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2007/05/10 20:36:27 | 000,471,552 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2007/04/13 15:19:52 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2007/03/10 21:00:28 | 000,001,901 | ---- | C] () -- C:\WINDOWS\panose.bin
[2007/03/10 20:58:20 | 000,000,198 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2007/01/17 22:49:53 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/12/06 08:54:18 | 000,001,414 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/12/06 08:51:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006/11/05 08:37:50 | 098,441,760 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat
[2006/11/05 08:37:50 | 005,160,736 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox2.dat
[2006/11/04 18:20:12 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Robert Weil\Application Data\$_hpcst$.hpc
[2006/10/10 14:17:27 | 000,000,452 | ---- | C] () -- C:\WINDOWS\ULead32.ini
[2006/09/30 13:27:22 | 002,255,360 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2006/09/30 13:27:22 | 000,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2006/09/30 13:27:22 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2006/09/30 13:27:22 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2006/09/09 22:13:19 | 000,000,039 | ---- | C] () -- C:\WINDOWS\buZZP3lic.dll
[2006/09/08 21:00:45 | 000,000,277 | ---- | C] () -- C:\WINDOWS\ImageInc.ini
[2006/08/25 15:56:43 | 000,219,908 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2006/08/20 23:59:04 | 000,271,264 | ---- | C] () -- C:\WINDOWS\VBRUN100.DLL
[2006/08/20 17:54:26 | 000,000,086 | ---- | C] () -- C:\WINDOWS\fontmix.ini
[2006/08/20 16:02:50 | 000,000,930 | ---- | C] () -- C:\WINDOWS\fontog35.ini
[2006/08/20 07:37:13 | 008,901,864 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/08/19 21:08:49 | 000,000,230 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/08/19 18:17:58 | 000,045,568 | ---- | C] () -- C:\Documents and Settings\Robert Weil\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/08/19 18:15:19 | 000,458,822 | ---- | C] () -- C:\WINDOWS\System32\AutoEye.dll
[2006/08/19 17:48:47 | 000,086,304 | ---- | C] () -- C:\WINDOWS\RHVIDEO.DLL
[2006/08/19 15:45:57 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\qttask.exe
[2006/08/19 15:13:18 | 000,000,278 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2006/08/19 14:56:44 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\sh33w32.dll
[2006/08/19 14:08:10 | 000,072,192 | ---- | C] () -- C:\WINDOWS\unlite3.exe
[2006/08/19 14:07:57 | 000,777,728 | ---- | C] () -- C:\WINDOWS\System32\SSLSVC.DLL
[2006/08/19 14:07:57 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2006/08/19 14:07:57 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\cfmsg.dll
[2006/08/19 14:07:57 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2006/08/19 14:07:56 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\lang_cfml.dll
[2006/08/19 14:07:56 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\xml_datagrove.dll
[2006/08/19 12:40:18 | 000,042,483 | ---- | C] () -- C:\WINDOWS\ICCCODES.DAT
[2006/08/19 12:40:18 | 000,039,095 | ---- | C] () -- C:\WINDOWS\Iccsigs.dat
[2006/08/19 12:40:18 | 000,000,156 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2006/08/19 12:40:10 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2006/08/18 17:41:27 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Robert Weil\Local Settings\Application Data\fusioncache.dat
[2006/05/17 01:12:20 | 000,000,031 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/05/17 01:10:01 | 000,045,929 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.EXE
[2006/05/17 01:10:01 | 000,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/05/17 00:53:20 | 000,000,488 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/05/17 00:51:37 | 000,028,836 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/05/16 22:33:16 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/05/16 22:33:16 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/05/16 22:33:16 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/05/16 22:33:16 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/05/16 22:33:16 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/05/16 22:33:16 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/05/16 22:33:15 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/05/16 22:33:15 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/05/16 22:33:15 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/03/27 09:54:48 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/03/27 09:54:36 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/03/27 09:23:14 | 000,087,268 | ---- | C] () -- C:\WINDOWS\hpqins69.dat
[2006/03/27 09:18:52 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/03/27 09:15:14 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/03/27 09:05:02 | 000,421,586 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/03/27 09:05:02 | 000,074,240 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/03/27 08:57:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/03/27 08:54:34 | 000,022,720 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/02/27 16:51:36 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005/12/02 11:09:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/05/24 14:32:44 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005/04/27 21:22:38 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/04/27 21:22:34 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004/08/04 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 14:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004/08/04 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 14:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/04 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 14:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/04 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/01/13 12:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/05/28 14:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/05/28 14:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[2000/12/13 21:09:58 | 000,000,385 | ---- | C] () -- C:\Program Files\file_id.diz
[2000/09/14 02:03:00 | 000,000,145 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT.DAT

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2005/08/14 06:49:09 | 000,218,112 | ---- | M] (Soeperman Enterprises Ltd.) -- C:\HijackThis.exe


< MD5 for: EXPLORER.EXE >
[2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\explorer.exe
[2004/08/04 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\explorer.exe
[2004/08/04 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: WINLOGON.EXE >
[2006/02/28 05:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2006/02/28 05:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\system32\winlogon.exe
[2008/04/13 17:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\winlogon.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 209 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BEC0D766
@Alternate Data Stream - 161 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:618D0840

< End of report >

And here's the Extras.txt file:

OTL Extras logfile created on: 4/3/2011 7:14:55 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Robert Weil\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 17.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 48.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 83.12 Gb Total Space | 3.57 Gb Free Space | 4.29% Space Free | Partition Type: NTFS
Drive E: | 4.63 Gb Total Space | 2.30 Gb Free Space | 49.56% Space Free | Partition Type: NTFS
Drive F: | 644.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive I: | 465.65 Gb Total Space | 47.22 Gb Free Space | 10.14% Space Free | Partition Type: FAT32
Drive O: | 930.86 Gb Total Space | 80.21 Gb Free Space | 8.62% Space Free | Partition Type: NTFS

Computer Name: BOBSLAPTOP | User Name: Robert Weil | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
jsfile [edit] -- "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"J:\Program Files\Pinnacle\Studio 11\programs\RM.exe" = J:\Program Files\Pinnacle\Studio 11\programs\RM.exe:*:Enabled:Render Manager
"J:\Program Files\Pinnacle\Studio 11\programs\Studio.exe" = J:\Program Files\Pinnacle\Studio 11\programs\Studio.exe:*:Enabled:Studio
"J:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe" = J:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile
"J:\Program Files\Pinnacle\Studio 11\programs\umi.exe" = J:\Program Files\Pinnacle\Studio 11\programs\umi.exe:*:Enabled:umi
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe" = C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home -- (Nero AG)
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- (America Online, Inc.)
"C:\Program Files\StorageCraft\ImageManager\ImageManagerClient.exe" = C:\Program Files\StorageCraft\ImageManager\ImageManagerClient.exe:*:Enabled:ShadowProtect ImageManager Client -- (StorageCraft Technology Corporation)
"C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVC.exe" = C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVC.exe:*:Disabled:SonicWALL Global VPN Client -- (SonicWALL, Inc.)
"C:\WePrint\WePrint Server.exe" = C:\WePrint\WePrint Server.exe:*:Disabled:WePrint Server -- (EuroSmartz Ltd)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{09D8492A-C8E2-421E-927D-46800FB327A3}" = Wireless Home Network Setup
"{1313740E-0072-4E2D-A628-DEFCD38B577A}" = HP User Guides 0011
"{155FBB0D-0EE9-42D1-9E41-15E08F691033}" = Microsoft Producer for Microsoft Office PowerPoint 2003
"{15C77FC3-8137-4A5E-8F81-F559045DD6B0}" = Shipping Assistant 3.7
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{21E75254-410E-49C4-8981-2E1A2A2221F2}" = HP Diagnostic Assistant
"{221DBED3-CAF7-4D16-B968-76B66430868A}" = EpsonNet Config V2
"{223879E4-BE04-4E3A-9F8B-303152E3AF55}" = Handbrake
"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{2405665A-16C9-4D3A-B70E-F006220E1472}" = Overland
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer
"{267868CE-6DFF-40F7-9C58-C01119B7B117}" = Fax
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java™ 6 Update 22
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{2E132061-C78A-48D4-A899-1D13B9D189FA}" = Memories Disc Creator 2.0
"{2F7AB49F-2556-49FE-A6AC-6B1C7F66AEA3}" = FDRTools Advanced 2.4.0beta2
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{31851B85-C98E-44DE-8750-9843BCD63963}" = Adobe After Effects 5.5
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3432AB81-BCC7-4457-B39C-47395F7C237A}" = CameraBag 1.0
"{34A59AC3-6C5C-4A09-A7F5-369A37176C8A}" = AiOSoftware
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.00 E2
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3BE11C5A-7959-418B-90AC-1D85DE8B6E15}" = 5500
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = HP Integrated Module with Bluetooth wireless technology
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40624553-811E-400E-B69B-38D8926A66BD}" = SonicWALL Global VPN Client
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 2.00 E1
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update
"{459CF5D4-CB35-4929-93EE-AA2E25FB2959}" = BTTH Color Tuner
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{46DDF76F-ACD4-42BC-B48F-B89C4EE2E1A9}" = Easy CD & DVD Creator 6
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FD1C84E-F387-4609-A31F-4117F88B6600}" = EPSON LFP Remote Panel
"{5035918F-2813-44B6-AABE-9143CE5743B2}" = DirPrinting
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{597D73A8-5FDB-4bc1-9893-40B54459F1BC}" = ProductContext
"{5DE8F9B6-DAEA-4990-AB2A-F797577D88B5}" = 5500Tour
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6815FCDD-401D-481E-BA88-31B4754C2B46}" = Macromedia Flash Player 8
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{692854CC-97EF-4307-B787-8C6787B91033}" = Nero 7 Demo
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7066F2DB-5032-4B6F-A8E7-A6F946043438}" = Adobe Setup
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75193929-9A52-4CA4-98DE-8C7296940920}" = Kaspersky Anti-Virus 6.0
"{76F8CB2B-6516-4E1E-B6F1-AED4ABDB4B0A}_is1" = Spy Sweeper
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = TIPCI
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8850DEC8-22FD-4F05-A3AA-49B91200C24F}" = ShadowProtect Desktop
"{89B6F63A-7E0C-424A-9D39-C4EF59E96D78}" = hppQFolderCP2020
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D3562E7-C795-4B5D-A091-6DAA3FF0DF3B}" = Macromedia HomeSite+
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90530409-6D54-11D4-BEE3-00C04F990354}" = Microsoft Visio Standard 2002 [English]
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91CA0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{95120000-0038-0409-0000-0000000FF1CE}" = Time Zone Data Update Tool for Microsoft Office Outlook
"{9811A185-3D3D-11D6-9E14-00036D172B00}" = Adobe MPEG Encoder
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AE4AC96-A5F4-4F19-9D13-066C8B3CE034}" = Nikon Scan
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9DE3F260-B88E-42CE-90E7-73C78C37D95E}" = 32 Bit HP BiDi Channel Components Installer
"{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2
"{A2500497-FD32-493e-B8E5-28D6728DBEF5}" = Readme
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{A5B4CD3C-AD42-4F2E-989E-261D1E64AE58}" = Namo FreeMotion 2006
"{A5F39441-3414-4db2-9A71-0BA8AB3CB16A}" = HP Color LaserJet CP2020 Series 1.0
"{A60AA403-E30B-4CC5-9250-D1AE4AAD4909}" = ArcSoft ShowBiz DVD 2
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module
"{AC76BA86-1033-0000-BA7E-000000000002}" = Adobe Acrobat 7.0 Standard
"{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1
"{AD29A697-E023-48D4-B46E-2D58BAC7C063}" = DesignPro 5 eMedia
"{AEF7A12C-CD9B-4773-8AD1-6916138CA7EA}" = SmartAudio
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B08A973F-5D0C-4A09-A219-F00289BB85C0}" = 5500_Help
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module
"{B19F9155-9337-4807-B5EF-ED471DDB2CCE}" = hph_software_req
"{B208806F-A231-4FA0-AB3F-5C1B8979223E}" = Microsoft ActiveSync 4.0
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6164988-AA55-4099-BB9C-EC058210DAD6}" = ImageManager
"{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BB81360F-041C-4CF7-B15E-71380D154244}" = Adobe Setup
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BC96BBA7-C634-460E-AD18-A0A994213F80}" = HP User Guides--System Recovery
"{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1" = Sothink SWF Decompiler
"{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1760DA4-A5FA-4FF1-A46A-031AB4A41345}" = 5500Trb
"{D1AE6D4D-C37A-487d-83D8-C333125B2459}" = HP Photosmart and Deskjet 7.0 Software
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D755C7A3-C03E-4460-8C00-AC6E55505FB5}" = LightScribe 1.4.74.1
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DB7E00C9-6DEF-489A-8112-D8F81614F45A}" = Vongo
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E31C348B-63A9-4CBF-8D7F-D932ABB63244}" = Ad-Aware 2007
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E70EF09E-44EB-4BE2-B80C-77AA04397A31}" = CameraBag 1.5
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EAB17EF3-6B6A-4324-8585-E17976E7484C}" = ShadowProtect Desktop
"{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9
"{EC8282AB-48DD-91D2-7387-01CD6E100A5D}" = Adobe Photoshop.com Inspiration Browser
"{F0100437-007E-405A-8CD6-E1E38E68CE76}" = Corel Painter 8
"{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations
"{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg
"{FF102450-55AA-4AE1-ACE4-E271E2470C83}" = hpmdtab
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Ad-Aware" = Ad-Aware
"AdeptTracker Professional_is1" = AdeptTracker Professional 3.01
"Adobe Acrobat 7.0 Standard" = Adobe Acrobat 7.1.0 Standard
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe PageMaker 7.0" = Adobe PageMaker 7.0
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Premiere 6.5" = Adobe Premiere 6.5
"Adobe Type Manager 4.1" = Adobe Type Manager 4.1
"Adobe_32fdd767b4383606e8168e834af5d90" = Adobe Premiere Pro CS3
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_85df662426fa6bb25f7d596f4d1b2a2" = Adobe Encore CS3
"Akamai" = Akamai NetSession Interface
"AlphaPlugins RedEyes for Adobe Photoshop_is1" = AlphaPlugins RedEyes
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.5
"AOL Instant Messenger" = AOL Instant Messenger
"AutoEye" = AutoEye
"avast" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"Capture NX 2" = Capture NX 2
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_CPL30A5m" = HDAUDIO Soft Data Fax Modem with SmartCP
"Color Efex Pro 3.0 Select NX2" = Color Efex Pro 3.0 Select for Capture NX 2
"Composite Suite 2.0 Adobe After Effects" = Composite Suite 2.0 Adobe After Effects
"Corel Uninstaller" = Corel Uninstaller
"CrossFont_is1" = CrossFont version 5.4
"DreamSuite Series2" = DreamSuite Series2
"DVD43_is1" = DVD43 v4.2.0
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"ExtractNow_is1" = ExtractNow
"FTP Commander" = FTP Commander
"Handbrake" = Handbrake 0.9.4
"HDR Efex Pro" = HDR Efex Pro
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Image Zone 4.2
"iDump" = iDump (Backing up your iPod)
"Image Rescue 4_is1" = Image Rescue 4
"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"InstallShield_{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{AD29A697-E023-48D4-B46E-2D58BAC7C063}" = DesignPro 5 eMedia
"InstallWIX_{75193929-9A52-4CA4-98DE-8C7296940920}" = Kaspersky Anti-Virus 6.0
"KeynoteConnector" = Keynote Connector
"Little Ink Pot's Chalkaholic Plugin_is1" = Chalkaholic Plugin v 1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MVApplication1" = Memorex exPressit Label Design Studio
"Neat Image_is1" = Neat Image v6.0 Pro+
"Netscape Browser" = Netscape Browser (remove only)
"NewBlue Video Essentials for Windows" = NewBlue Video Essentials for Windows
"NVIDIA Drivers" = NVIDIA Drivers
"Pen Tablet Driver" = Pen Tablet
"PhotomatixPro3x32_is1" = Photomatix Pro version 3.2.9
"PhotoScape" = PhotoScape
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"Picasa2" = Picasa 2
"PremElem90" = Adobe Premiere Elements 9
"Prism" = Prism Video File Converter
"PROSet" = Intel® PRO Network Connections Drivers
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"RNCompiler 6.0" = Advanced RealMedia Export Plug-in for Premiere 6.0
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"Spyware Doctor" = Spyware Doctor 6.0
"SUPER ©" = SUPER © Version 2007.bld.22 (Mar 14, 2007)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TCEssentials" = TC Native Essentials 2.02
"TotalRecorder" = Total Recorder 6.0
"TraxTime" = TraxTime
"Tweak UI 2.10" = Tweak UI
"TwistingPixels_is1" = TwistingPixels
"VLC media player" = VLC media player 0.9.8a
"Wacom Tablet Driver" = Wacom Tablet
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.42
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-714373593-766633883-78019857-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"A&I Book Creator" = A&I Book Creator
"GoToMeeting" = GoToMeeting 4.5.0.457

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/26/2011 10:43:17 PM | Computer Name = BOBSLAPTOP | Source = Bonjour Service | ID = 100
Description = 220: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 3/27/2011 2:20:25 AM | Computer Name = BOBSLAPTOP | Source = Bonjour Service | ID = 100
Description = 392: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 3/28/2011 12:43:36 AM | Computer Name = BOBSLAPTOP | Source = Bonjour Service | ID = 100
Description = 236: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 3/28/2011 12:43:36 AM | Computer Name = BOBSLAPTOP | Source = Bonjour Service | ID = 100
Description = 240: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 3/28/2011 8:34:09 AM | Computer Name = BOBSLAPTOP | Source = Bonjour Service | ID = 100
Description = 392: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 3/29/2011 7:38:18 AM | Computer Name = BOBSLAPTOP | Source = Bonjour Service | ID = 100
Description = 228: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 3/29/2011 7:38:18 AM | Computer Name = BOBSLAPTOP | Source = Bonjour Service | ID = 100
Description = 248: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 3/29/2011 7:38:18 AM | Computer Name = BOBSLAPTOP | Source = Bonjour Service | ID = 100
Description = 412: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 3/29/2011 7:38:18 AM | Computer Name = BOBSLAPTOP | Source = Bonjour Service | ID = 100
Description = 404: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 3/29/2011 7:38:18 AM | Computer Name = BOBSLAPTOP | Source = Bonjour Service | ID = 100
Description = 424: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

[ System Events ]
Error - 3/26/2011 11:34:40 PM | Computer Name = BOBSLAPTOP | Source = System Error | ID = 1003
Description = Error code 1000008e, parameter1 c0000005, parameter2 804eeea8, parameter3
f78ea57c, parameter4 00000000.

Error - 3/26/2011 11:35:18 PM | Computer Name = BOBSLAPTOP | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Mdno50

Error - 3/27/2011 11:12:20 AM | Computer Name = BOBSLAPTOP | Source = Service Control Manager | ID = 7034
Description = The PC Tools Security Service service terminated unexpectedly. It
has done this 1 time(s).

Error - 3/27/2011 12:11:11 PM | Computer Name = BOBSLAPTOP | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Mdno50

Error - 3/27/2011 12:21:51 PM | Computer Name = BOBSLAPTOP | Source = DCOM | ID = 10010
Description = The server {FFF2D28F-E4EE-44D9-8104-8E71556757F6} did not register
with DCOM within the required timeout.

Error - 3/27/2011 12:33:52 PM | Computer Name = BOBSLAPTOP | Source = DCOM | ID = 10010
Description = The server {FFF2D28F-E4EE-44D9-8104-8E71556757F6} did not register
with DCOM within the required timeout.

Error - 3/27/2011 12:45:52 PM | Computer Name = BOBSLAPTOP | Source = DCOM | ID = 10010
Description = The server {FFF2D28F-E4EE-44D9-8104-8E71556757F6} did not register
with DCOM within the required timeout.

Error - 3/27/2011 10:00:09 PM | Computer Name = BOBSLAPTOP | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Mdno50

Error - 3/28/2011 8:40:32 AM | Computer Name = BOBSLAPTOP | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Mdno50

Error - 3/29/2011 8:10:27 AM | Computer Name = BOBSLAPTOP | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Mdno50


< End of report >

#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:10:32 AM

Posted 03 April 2011 - 01:10 PM

Hi,

the entries you see in ADSpy are ok, there is no need to delete them. Have you tried reinstalling the nvidia drivers?

Could you please run TDSSKiller again and post the log for me here.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 SoCalBob55

SoCalBob55
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Local time:01:32 AM

Posted 03 April 2011 - 03:08 PM

Hi, again. I ran TDSSKiller again and no results were found.

Did the logs above all look good (including attachments?) Maybe I was successful in zapping the various bugs.

How do I reinstall the nvidia driver - I confess to not knowing how to do these things.

Thanks.

Bob

#6 SoCalBob55

SoCalBob55
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Local time:01:32 AM

Posted 03 April 2011 - 03:10 PM

It was TDSSKiller that located and deleted by nvidia driver - see below. Even though I copied the driver back into the appropriate directory, it didn't "take." Any advice?

2011/03/26 17:45:17.0668 2612 nv (a52d6a26c65aecdd802d6524b9d07f3a) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/03/26 17:45:17.0824 2612 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\nv4_mini.sys. Real md5: a52d6a26c65aecdd802d6524b9d07f3a, Fake md5: 88d8f8d4c3243e0bb0ed57496868e52e
2011/03/26 17:45:17.0996 2612 C:\WINDOWS\system32\DRIVERS\nv4_mini.sys - copied to quarantine

#7 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:10:32 AM

Posted 03 April 2011 - 03:40 PM

Hi,

yes it looks as if TDSSKiller found the bug in the nvidia driver and deleted it. It is possible that something went wrong during the cleaning and that has broken your video driver.

The first thing to try to replace your driver is to update, please have a look here: link

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#8 SoCalBob55

SoCalBob55
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Local time:01:32 AM

Posted 03 April 2011 - 07:21 PM

Thanks, Myrti.

Everything seems to be good now that I've reinstalled the driver - that link was perfect!

I'm creating a set of recovery disks and I set a restore point.

Anything else I should do to maintain my system? What anti-virus and anti-spyware software and routine do you recommend?

Thanks!

Bob

#9 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:10:32 AM

Posted 04 April 2011 - 07:11 AM

Hi,

just to be sure I'd like to run a scan with Eset to check for leftovers:
ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Vista users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Please go here then click on: Posted Image

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

Afterwards I'll advise you to update/unisntall some programs to close vulnerabilities on your PC before finally showing you how to remove the tools we used and give you some tips on how to keep the PC safe.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#10 SoCalBob55

SoCalBob55
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Local time:01:32 AM

Posted 06 April 2011 - 07:32 AM

Myrti -

Here's the logfile - for the most part, it seems to be detecting valid anti-virus and anti-malware software:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6425
# api_version=3.0.2
# EOSSerial=182baa78897c764ea420c190de76417c
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-04-06 10:51:57
# local_time=2011-04-06 03:51:57 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=360507
# found=7
# cleaned=0
# scan_time=22010
C:\Documents and Settings\Administrator\Desktop\SDFix.exe Win32/PrcView application (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GTUD89SN\JtreZlena[1].exeZxHb65d142fV03f01535002R97c82b54102Tfab65c18Q000002fe901806F0016000aJ12000601l0409325 probably a variant of Win32/Agent.JRYZYSH trojan (unable to clean) 00000000000000000000000000000000 I
I:\utilities\EZ-Total05a.exe a variant of Win32/Conficker.Y worm (unable to clean) 00000000000000000000000000000000 I
I:\utilities\SDFix.exe Win32/PrcView application (unable to clean) 00000000000000000000000000000000 I
I:\utilities\SpySweeperRegSetup45_EN.exe probably a variant of Win32/Agent.IUDXHLV trojan (unable to clean) 00000000000000000000000000000000 I
I:\utilities\SpywareDoctor_to_9-07\sdsetup.exe probably a variant of Win32/Spy.Agent.LSLDWCL trojan (unable to clean) 00000000000000000000000000000000 I
I:\utilities\ANTISPYWARE\SDFix.exe Win32/PrcView application (unable to clean) 00000000000000000000000000000000 I

#11 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:10:32 AM

Posted 06 April 2011 - 08:57 AM

Hi,

I would agree with that. Can you tell me what this is: I:\utilities\EZ-Total05a.exe

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#12 SoCalBob55

SoCalBob55
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Local time:01:32 AM

Posted 06 April 2011 - 05:45 PM

I don't know - I can delete it, thought. Can't remember why/if I downloaded a utility by that name. I certainly don't use the file.

What's the next step?

Bob

#13 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:10:32 AM

Posted 06 April 2011 - 06:00 PM

Hi,

no it's fine, it's likely another FP by Eset, I just can't place it. (Or you can delete it, if you don't remember what it does anyways)

I'd like you to update your software to help avoid infections in the future:
Your version of Adobe Reader is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Adobe components and update:
  • Download the latest version of Adobe Reader Version X. and save it to your desktop.
  • Uncheck the "Free McAfee Security plan Plus" option or any other Toolbar you are offered
  • Click the download button at the bottom.
  • If you use Internet Explorer and do not wish to install the ActiveX element, simply click on the click here to download link on the next page.
  • Remove all older version of Adobe Reader: Go to Add/remove and uninstall all versions of Adobe Reader, Acrobat Reader and Adobe Acrobat.
    If you are unsure of how to use Add or Remove Programs, the please see this tutorial:How To Remove An Installed Program From Your Computer
  • Then from your desktop double-click on Adobe Reader to install the newest version.
    If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the "Adobe Setup - Welcome" window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • Once the installation is finished, open Adobe Reader and accept the warranty if prompted.
  • Click on Help and select Check for Updates.
  • A window will open and Adobe will check for Updates. If any updates are found to be available click on Download.
  • Once the update is downloaded you will get a system notification telling you so. Click on the popup to restore the window.
  • In the window that opens click Install.
  • Once the update is done click Close.
Your Adobe Reader is now up to date!

Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Look for "JDK 6 Update 24(JDK or JRE)"
  • Click the "Download JRE" button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • Click Continue and the page will refresh.
  • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u23-windows-i586.exe to install the newest version.
-- If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
-- If you choose to update via the Java applet in Control Panel, uncheck the option to install the Toolbar unless you want it.
-- The uninstaller incorporated in this release removes previous Updates 10 and above, but does not remove older versions, so they still need to be removed manually.


Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click Ok and reboot your computer.

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#14 SoCalBob55

SoCalBob55
  • Topic Starter

  • Members
  • 89 posts
  • OFFLINE
  •  
  • Local time:01:32 AM

Posted 06 April 2011 - 06:42 PM

I have Adobe Acrobat Standard 7.1 and Adobe Reader 6.0.1. Can I just delete the Reader program?

I also have several large Java update program update packets on the C drive in the SWSETUP folder - can I delete before installing the update?

Also, will you have anti-virus and anti-malware recommendations for me after this?

Bob

#15 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,779 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:10:32 AM

Posted 06 April 2011 - 06:52 PM

Hi,

yes, you can just delete the reader, but I would highly recommend deleting the standard too or at least get a new adobe reader (it's now version 10) and set it to open pdf files by default. The Adobe 7 series hasn't been updated in a long time and is full of known bugs and vulnerabilities.

SWSetup seems to be part of the HP Wireless assistant. If you use that program I would not remvoe the java version installed in it as it might break.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users