Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rootkit.ZeroAccess infection


  • This topic is locked This topic is locked
19 replies to this topic

#1 dmkc1207

dmkc1207

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:13 AM

Posted 19 April 2012 - 08:38 PM

I've noticed this seems to be a fairly common topic, but with different steps & answers to each particular case. I've run into my share of malware but this one is definitely a beauty. I am Mr. Know-it-all so of course I tried fixing this on my own as Malwarebytes, Combofix, Nod and a few others thru the years have never let me down..until now..Tried a number of cures with tools from various google hits without success so I've registered and come to the place that has given me the best results as a lurker for many years. Combofix originally stated that "You are infected with Rootkit.ZeroAccess. It has inserted itself into the TCP/IP stack! This is a particularly difficult infection!"..no kidding..I was able to get online booting to a Kapersky Rescue Disk but am unable to get an I.P./Subnet/Gateway (all blank in control panel/network connections/right-click LAN/status/support) in windows though it shows "connected,firewalled" in status of LAN..If I type "ipconfig" (any parameter) in a command prompt I get "Windows IP Configuration" as the response....I'm starting with step 6 of the Prep Guide..Appreciate help on this one!

Contents of DDS.TXT (attach.txt attached as file)

DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Andrea at 19:39:35 on 2012-04-19
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.677 [GMT -4:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
svchost.exe
C:\TimeGuardian\bin\wrapper.exe
C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
C:\TimeGuardian\jre\bin\java.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
C:\WINDOWS\system32\wuauclt.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
Trusted Zone: scat.suz.com\Cww
Trusted Zone: scat.suz.com\www
Trusted Zone: suz.com\Cww.scat
Trusted Zone: suz.com\www.scat
Trusted Zone: suzuki.com\www.dealer
Trusted Zone: suzukiconnect.com\www
Trusted Zone: suzukidcs.com\www
Trusted Zone: scat.suz.com\cww
Trusted Zone: scat.suz.com\www
Trusted Zone: suz.com\Cww.scat
Trusted Zone: suz.com\www.scat
Trusted Zone: suzuki.com\www.dealer
Trusted Zone: suzukiconnect.com\www
Trusted Zone: suzukidcs.com\www
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxps://www.psndealer.com/common/ImageUploader5.cab
DPF: {5DE9821B-6881-40B1-9A78-EEBE4A8B1BD8} - hxxps://www.suzukiconnect.com/COMMON/installer/scm.CAB
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://mywayphotos.riteaid.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXclient-T27L10NSP24-10113/webex/ieatgpc.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 68.237.161.12 71.250.0.12
TCP: Interfaces\{5D0DD262-B1B2-44A1-BCC7-D2734E70FF3D} : DhcpNameServer = 68.237.161.12 71.250.0.12
Notify: igfxcui - igfxsrvc.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R2 ASA License (AMANO);ASA License (AMANO);c:\timeguardian\bin\wrapper.exe -s c:\timeguardian\conf\wrapperasa.conf --> c:\timeguardian\bin\wrapper.exe -s c:\timeguardian\conf\wrapperasa.conf [?]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\firebird\firebird_2_1\bin\fbguard.exe [2011-3-30 81920]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\firebird\firebird_2_1\bin\fbserver.exe [2011-3-30 2732032]
S0 cerc6;cerc6; [x]
S2 AutoProcess (TG);AutoProcess (TG);c:\timeguardian\bin\wrapper.exe -s c:\timeguardian\conf\wrapperauto.conf --> c:\timeguardian\bin\wrapper.exe -s c:\timeguardian\conf\wrapperauto.conf [?]
S2 avg7rsxp;Wltwo51b;c:\windows\system32\svchost.exe -k netsvcs [2008-4-13 14336]
S2 axinstsv;WimFltr;c:\windows\system32\svchost.exe -k netsvcs [2008-4-13 14336]
S2 DivisCTP;Arp1394;c:\windows\system32\svchost.exe -k netsvcs [2008-4-13 14336]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-5-5 136176]
S2 LRMINIPORT;Usbaudio;c:\windows\system32\svchost.exe -k netsvcs [2008-4-13 14336]
S2 mcredirector;Kpf4;c:\windows\system32\svchost.exe -k netsvcs [2008-4-13 14336]
S2 mcshield;O2flash;c:\windows\system32\svchost.exe -k netsvcs [2008-4-13 14336]
S2 pctfw1;Flashpnt;c:\windows\system32\svchost.exe -k netsvcs [2008-4-13 14336]
S3 Escalation Server (TG);Escalation Server (TG);c:\timeguardian\bin\wrapper.exe -s c:\timeguardian\conf\wrapper.conf --> c:\timeguardian\bin\wrapper.exe -s c:\timeguardian\conf\wrapper.conf [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-5-5 136176]
S3 MFE_RR;MFE_RR;\??\c:\docume~1\andrea\locals~1\temp\mfe_rr.sys --> c:\docume~1\andrea\locals~1\temp\mfe_rr.sys [?]
S3 Tomcat6;Apache Tomcat 6;c:\timeguardian\apache-tomcat-6.0.26\bin\tomcat6.exe [2011-3-30 57344]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2011-3-25 11520]
.
=============== Created Last 30 ================
.
2012-04-19 23:27:49 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e49e17ba-4cea-46cd-ad0b-357a36e2e8e5}\offreg.dll
2012-04-19 23:11:37 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2012-04-19 23:11:33 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2012-04-19 23:11:33 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2012-04-19 23:11:29 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2012-04-19 23:11:26 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2012-04-19 23:11:06 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2012-04-19 23:11:02 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2012-04-19 23:11:01 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2012-04-19 23:09:58 19016 -c--a-w- c:\windows\system32\dllcache\w926nd.sys
2012-04-19 23:08:59 32384 -c--a-w- c:\windows\system32\dllcache\usb101et.sys
2012-04-19 23:07:59 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll
2012-04-19 23:06:57 32640 -c--a-w- c:\windows\system32\dllcache\symc8xx.sys
2012-04-19 23:05:59 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys
2012-04-19 23:04:59 404990 -c--a-w- c:\windows\system32\dllcache\slntamr.sys
2012-04-19 23:03:58 6912 -c--a-w- c:\windows\system32\dllcache\seaddsmc.sys
2012-04-19 23:02:58 79872 -c--a-w- c:\windows\system32\dllcache\rwia430.dll
2012-04-19 23:01:58 33152 -c--a-w- c:\windows\system32\dllcache\ql10wnt.sys
2012-04-19 23:00:58 27296 -c--a-w- c:\windows\system32\dllcache\perc2.sys
2012-04-19 22:59:57 61696 -c--a-w- c:\windows\system32\dllcache\ohci1394.sys
2012-04-19 22:58:57 59104 -c--a-w- c:\windows\system32\dllcache\n9i128v2.dll
2012-04-19 22:57:59 6016 -c--a-w- c:\windows\system32\dllcache\msfsio.sys
2012-04-19 22:56:59 576746 -c--a-w- c:\windows\system32\dllcache\ltmdmntl.sys
2012-04-19 22:55:57 45632 -c--a-w- c:\windows\system32\dllcache\ip5515.sys
2012-04-19 22:54:58 100936 -c--a-w- c:\windows\system32\dllcache\ibmtok.sys
2012-04-19 22:53:59 13312 -c--a-w- c:\windows\system32\dllcache\hpsjmcro.dll
2012-04-19 22:52:57 92160 -c--a-w- c:\windows\system32\dllcache\fuusd.dll
2012-04-19 22:51:59 53248 -c--a-w- c:\windows\system32\dllcache\eqndiag.exe
2012-04-19 22:50:59 91305 -c--a-w- c:\windows\system32\dllcache\dimaint.sys
2012-04-19 22:49:58 10240 -c--a-w- c:\windows\system32\dllcache\compbatt.sys
2012-04-19 22:48:58 102400 -c--a-w- c:\windows\system32\dllcache\binlsvc.dll
2012-04-19 22:47:59 747392 -c--a-w- c:\windows\system32\dllcache\adm8830.sys
2012-04-19 22:02:09 -------- d-sh--r- C:\cmdcons
2012-04-19 22:02:08 -------- d-----w- c:\windows\setup.pss
2012-04-19 17:53:00 -------- d-----w- c:\documents and settings\andrea\application data\Malwarebytes
2012-04-19 15:56:25 98816 ----a-w- c:\windows\sed.exe
2012-04-19 15:56:25 518144 ----a-w- c:\windows\SWREG.exe
2012-04-19 15:50:06 -------- d-----w- C:\ComboFix
2012-04-19 15:39:29 162816 -c--a-w- c:\windows\system32\dllcache\netbt.sys
2012-04-19 15:39:29 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
2012-04-19 15:27:39 256000 ----a-w- c:\windows\PEV.exe
2012-04-19 15:27:39 208896 ----a-w- c:\windows\MBR.exe
2012-04-19 14:16:29 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-04-19 14:16:28 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-19 14:16:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-04-19 13:57:22 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2012-04-19 13:18:39 -------- d-----w- c:\windows\Downloaded Installations
2012-04-19 13:18:00 -------- d-----w- c:\program files\Broadcom
2012-04-19 12:54:51 -------- d-----w- c:\documents and settings\all users\application data\Hitman Pro
2012-04-19 12:36:49 -------- d-----w- c:\windows\pss
2012-04-14 12:29:09 6582328 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e49e17ba-4cea-46cd-ad0b-357a36e2e8e5}\mpengine.dll
.
==================== Find3M ====================
.
2012-03-01 11:01:32 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 11:01:32 43520 ------w- c:\windows\system32\licmgr10.dll
2012-03-01 11:01:32 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10:16 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10:16 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17:40 385024 ------w- c:\windows\system32\html.iec
2012-02-09 11:18:39 83968 ----a-w- c:\windows\system32\MDNTFGPC.dll
2012-02-09 11:18:39 43008 ----a-w- c:\windows\system32\RPFGPU.exe
2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 19:40:11.98 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:13 AM

Posted 20 April 2012 - 02:51 AM

Hello and Welcome to Bleeping Computer!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 dmkc1207

dmkc1207
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:13 AM

Posted 20 April 2012 - 07:14 AM

Gracias Gringo!!...here are the results of the requests;

ComboFix 12-04-20.03 - Andrea 04/20/2012 7:54.5.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.627 [GMT -4:00]
Running from: f:\bleeping_recommends\Morgans_infection\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}.
.
((((((((((((((((((((((((( Files Created from 2012-03-20 to 2012-04-20 ))))))))))))))))))))))))))))))).
.
2012-04-20 12:02 . 2012-04-20 12:02 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{39984DDF-FF47-46CB-A92B-BAE4D932BDC3}\offreg.dll
2012-04-20 02:04 . 2012-03-14 02:15 6582328 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{39984DDF-FF47-46CB-A92B-BAE4D932BDC3}\mpengine.dll
2012-04-19 23:11 . 2008-04-14 09:42 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2012-04-19 23:11 . 2008-04-14 09:42 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2012-04-19 23:11 . 2001-08-18 02:36 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2012-04-19 23:11 . 2001-08-18 02:37 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2012-04-19 23:11 . 2001-08-18 02:37 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2012-04-19 23:11 . 2001-08-18 02:37 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2012-04-19 23:11 . 2001-08-17 16:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2012-04-19 23:11 . 2008-04-14 02:04 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2012-04-19 23:09 . 2001-08-17 16:13 19016 -c--a-w- c:\windows\system32\dllcache\w926nd.sys
2012-04-19 23:08 . 2008-04-14 02:05 32384 -c--a-w- c:\windows\system32\dllcache\usb101et.sys
2012-04-19 23:07 . 2001-08-17 18:56 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll
2012-04-19 23:06 . 2001-08-17 18:07 32640 -c--a-w- c:\windows\system32\dllcache\symc8xx.sys
2012-04-19 23:05 . 2001-08-17 17:51 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys
2012-04-19 23:04 . 2008-04-14 03:53 404990 -c--a-w- c:\windows\system32\dllcache\slntamr.sys
2012-04-19 23:03 . 2001-08-17 17:53 6912 -c--a-w- c:\windows\system32\dllcache\seaddsmc.sys
2012-04-19 23:02 . 2001-08-18 02:36 79872 -c--a-w- c:\windows\system32\dllcache\rwia430.dll
2012-04-19 23:01 . 2001-08-17 17:52 33152 -c--a-w- c:\windows\system32\dllcache\ql10wnt.sys
2012-04-19 23:00 . 2001-08-17 18:07 27296 -c--a-w- c:\windows\system32\dllcache\perc2.sys
2012-04-19 22:59 . 2008-04-14 04:16 61696 -c--a-w- c:\windows\system32\dllcache\ohci1394.sys
2012-04-19 22:58 . 2001-08-18 02:36 59104 -c--a-w- c:\windows\system32\dllcache\n9i128v2.dll
2012-04-19 22:57 . 2001-08-17 17:48 6016 -c--a-w- c:\windows\system32\dllcache\msfsio.sys
2012-04-19 22:56 . 2001-08-17 17:28 576746 -c--a-w- c:\windows\system32\dllcache\ltmdmntl.sys
2012-04-19 22:55 . 2001-08-17 16:12 45632 -c--a-w- c:\windows\system32\dllcache\ip5515.sys
2012-04-19 22:54 . 2001-08-17 16:12 100936 -c--a-w- c:\windows\system32\dllcache\ibmtok.sys
2012-04-19 22:53 . 2001-08-18 02:36 13312 -c--a-w- c:\windows\system32\dllcache\hpsjmcro.dll
2012-04-19 22:52 . 2001-08-18 02:36 92160 -c--a-w- c:\windows\system32\dllcache\fuusd.dll
2012-04-19 22:51 . 2001-08-18 02:36 53248 -c--a-w- c:\windows\system32\dllcache\eqndiag.exe
2012-04-19 22:50 . 2001-08-17 16:13 91305 -c--a-w- c:\windows\system32\dllcache\dimaint.sys
2012-04-19 22:49 . 2008-04-14 04:06 10240 -c--a-w- c:\windows\system32\dllcache\compbatt.sys
2012-04-19 22:48 . 2001-08-18 02:36 102400 -c--a-w- c:\windows\system32\dllcache\binlsvc.dll
2012-04-19 22:47 . 2008-04-14 02:06 10880 -c--a-w- c:\windows\system32\dllcache\admjoy.sys
2012-04-19 17:53 . 2012-04-19 17:53 -------- d-----w- c:\documents and settings\Andrea\Application Data\Malwarebytes
2012-04-19 15:39 . 2008-04-13 23:00 162816 -c--a-w- c:\windows\system32\dllcache\netbt.sys
2012-04-19 15:39 . 2008-04-13 23:00 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
2012-04-19 14:16 . 2012-04-19 14:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-04-19 14:16 . 2012-04-04 19:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-19 14:16 . 2012-04-19 14:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-04-19 13:57 . 2012-04-19 17:29 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2012-04-19 13:18 . 2012-04-19 13:18 -------- d-----w- c:\windows\Downloaded Installations
2012-04-19 13:18 . 2012-04-19 13:18 -------- d-----w- c:\program files\Broadcom
2012-04-19 12:54 . 2012-04-19 12:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Hitman Pro
2012-04-17 14:20 . 2012-04-17 14:20 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
2012-04-12 22:36 . 2012-04-12 22:38 -------- d-----w- c:\documents and settings\Administrator
2012-04-11 11:00 . 2012-04-11 11:00 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple Computer
2012-04-11 03:22 . 2012-04-11 03:22 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
2012-04-10 19:52 . 2012-04-10 19:52 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-14 02:15 . 2011-12-01 22:39 6582328 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-03-01 11:01 . 2008-04-13 23:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 11:01 . 2008-04-13 23:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-03-01 11:01 . 2008-04-13 23:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2008-04-13 23:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2008-04-13 23:00 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2008-04-13 23:00 385024 ------w- c:\windows\system32\html.iec
2012-02-09 11:18 . 2012-02-09 11:18 83968 ----a-w- c:\windows\system32\MDNTFGPC.dll
2012-02-09 11:18 . 2012-02-09 11:18 43008 ----a-w- c:\windows\system32\RPFGPU.exe
2012-02-03 09:22 . 2008-04-13 23:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-01-31 12:44 . 2011-11-30 22:33 237072 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-04-19_15.43.28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-04-20 12:00 . 2012-04-20 12:00 16384 c:\windows\temp\Perflib_Perfdata_a08.dat
+ 2012-04-20 12:01 . 2012-04-20 12:01 16384 c:\windows\temp\Perflib_Perfdata_314.dat
- 2008-04-13 23:00 . 2008-04-13 23:00 75264 c:\windows\system32\drivers\ipsec.sys
+ 2008-04-13 23:00 . 2008-04-14 04:49 75264 c:\windows\system32\drivers\ipsec.sys
+ 2008-04-14 05:42 . 2008-04-13 23:00 52736 c:\windows\system32\dllcache\wzcsapi.dll
+ 2012-04-19 23:10 . 2008-04-14 04:16 19200 c:\windows\system32\dllcache\wstcodec.sys
+ 2012-04-19 23:10 . 2008-04-14 02:04 12063 c:\windows\system32\dllcache\wsiintxx.sys
+ 2012-04-19 23:10 . 2001-08-17 16:12 34890 c:\windows\system32\dllcache\wlandrv2.sys
+ 2012-04-19 23:10 . 2001-08-18 02:36 53760 c:\windows\system32\dllcache\wiamsmud.dll
+ 2012-04-19 23:10 . 2001-08-18 02:36 87040 c:\windows\system32\dllcache\wiafbdrv.dll
+ 2008-04-13 23:00 . 2008-04-13 23:00 13600 c:\windows\system32\dllcache\wfwnet.drv
- 2011-03-26 01:03 . 2008-04-13 23:00 13600 c:\windows\system32\dllcache\wfwnet.drv
+ 2011-03-26 03:36 . 2001-08-23 11:00 31232 c:\windows\system32\dllcache\weitekp9.sys
- 2011-03-26 03:36 . 2008-04-13 23:00 31232 c:\windows\system32\dllcache\weitekp9.sys
+ 2011-03-26 03:36 . 2001-08-23 11:00 41600 c:\windows\system32\dllcache\weitekp9.dll
- 2011-03-26 03:36 . 2008-04-13 23:00 41600 c:\windows\system32\dllcache\weitekp9.dll
+ 2012-04-19 23:10 . 2008-04-14 02:04 23615 c:\windows\system32\dllcache\wch7xxnt.sys
+ 2012-04-19 23:10 . 2008-04-14 04:15 31744 c:\windows\system32\dllcache\wceusbsh.sys
+ 2012-04-19 23:10 . 2001-08-17 16:10 35871 c:\windows\system32\dllcache\wbfirdma.sys
+ 2012-04-19 23:10 . 2008-04-14 02:04 25471 c:\windows\system32\dllcache\watv10nt.sys
+ 2012-04-19 23:10 . 2008-04-14 02:04 22271 c:\windows\system32\dllcache\watv06nt.sys
+ 2012-04-19 23:10 . 2008-04-14 02:04 33599 c:\windows\system32\dllcache\watv04nt.sys
+ 2012-04-19 23:10 . 2008-04-14 02:04 19551 c:\windows\system32\dllcache\watv02nt.sys
+ 2012-04-19 23:10 . 2008-04-14 02:04 29311 c:\windows\system32\dllcache\watv01nt.sys
- 2011-03-26 03:36 . 2008-04-13 23:00 53248 c:\windows\system32\dllcache\wamreg51.dll
+ 2011-03-26 03:36 . 2008-04-14 04:42 53248 c:\windows\system32\dllcache\wamreg51.dll
+ 2011-03-26 03:36 . 2008-04-14 04:42 76800 c:\windows\system32\dllcache\wam51.dll
- 2011-03-26 03:36 . 2008-04-13 23:00 76800 c:\windows\system32\dllcache\wam51.dll
+ 2012-04-19 23:10 . 2008-04-14 02:04 11935 c:\windows\system32\dllcache\wadv11nt.sys
+ 2012-04-19 23:10 . 2008-04-14 02:04 11871 c:\windows\system32\dllcache\wadv09nt.sys
+ 2012-04-19 23:10 . 2008-04-14 02:04 11295 c:\windows\system32\dllcache\wadv08nt.sys
+ 2012-04-19 23:10 . 2008-04-14 02:04 11807 c:\windows\system32\dllcache\wadv07nt.sys
+ 2012-04-19 23:10 . 2008-04-14 02:04 11775 c:\windows\system32\dllcache\wadv05nt.sys
+ 2012-04-19 23:10 . 2008-04-14 02:04 12127 c:\windows\system32\dllcache\wadv02nt.sys
+ 2012-04-19 23:10 . 2008-04-14 02:04 12415 c:\windows\system32\dllcache\wadv01nt.sys
+ 2012-04-19 23:10 . 2008-04-14 04:13 14208 c:\windows\system32\dllcache\wacompen.sys
+ 2012-04-19 23:10 . 2001-08-17 16:13 16925 c:\windows\system32\dllcache\w940nd.sys
+ 2012-04-19 23:09 . 2001-08-17 16:13 19528 c:\windows\system32\dllcache\w840nd.sys
- 2011-03-26 03:36 . 2008-04-13 23:00 73728 c:\windows\system32\dllcache\w3ext.dll
+ 2011-03-26 03:36 . 2001-08-23 11:00 73728 c:\windows\system32\dllcache\w3ext.dll
+ 2011-03-26 03:36 . 2001-08-23 11:00 48256 c:\windows\system32\dllcache\w32.dll
- 2011-03-26 03:36 . 2008-04-13 23:00 48256 c:\windows\system32\dllcache\w32.dll
+ 2012-04-19 23:09 . 2001-08-17 17:28 64605 c:\windows\system32\dllcache\vvoice.sys
+ 2011-03-26 03:36 . 2008-04-14 04:41 86073 c:\windows\system32\dllcache\voicesub.dll
- 2011-03-26 03:36 . 2008-04-13 23:00 86073 c:\windows\system32\dllcache\voicesub.dll
+ 2012-04-19 23:09 . 2001-08-17 17:49 24576 c:\windows\system32\dllcache\viairda.sys
+ 2012-04-19 23:09 . 2008-04-14 04:06 42240 c:\windows\system32\dllcache\viaagp.sys
+ 2012-04-19 23:09 . 2008-04-14 09:42 53760 c:\windows\system32\dllcache\vfwwdm32.dll
+ 2001-08-17 14:02 . 2008-04-13 23:00 58112 c:\windows\system32\dllcache\vdmindvd.sys
+ 2012-04-19 23:09 . 2008-04-14 09:42 11325 c:\windows\system32\dllcache\vchnt5.dll
+ 2008-04-13 23:00 . 2008-04-13 23:00 20608 c:\windows\system32\dllcache\usbuhci.sys
+ 2011-03-26 03:29 . 2008-04-14 05:15 26368 c:\windows\system32\dllcache\usbstor.sys
+ 2012-04-19 23:09 . 2008-04-14 04:15 26112 c:\windows\system32\dllcache\usbser.sys
+ 2012-04-19 23:09 . 2008-04-14 04:15 17152 c:\windows\system32\dllcache\usbohci.sys
+ 2008-04-14 00:15 . 2008-04-13 23:00 15872 c:\windows\system32\dllcache\usbintel.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 59520 c:\windows\system32\dllcache\usbhub.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 30208 c:\windows\system32\dllcache\usbehci.sys
+ 2008-04-14 00:15 . 2008-04-13 23:00 25728 c:\windows\system32\dllcache\usbcamd2.sys
+ 2008-04-14 00:15 . 2008-04-13 23:00 25600 c:\windows\system32\dllcache\usbcamd.sys
+ 2012-04-19 23:09 . 2008-04-14 04:15 60032 c:\windows\system32\dllcache\usbaudio.sys
+ 2012-04-19 23:09 . 2008-04-14 04:26 12800 c:\windows\system32\dllcache\usb8023x.sys
+ 2011-03-26 03:36 . 2008-04-14 04:41 76288 c:\windows\system32\dllcache\uniime.dll
- 2011-03-26 03:36 . 2008-04-13 23:00 76288 c:\windows\system32\dllcache\uniime.dll
+ 2012-04-19 23:08 . 2001-08-18 02:36 94720 c:\windows\system32\dllcache\umaxud32.dll
+ 2012-04-19 23:08 . 2001-08-18 02:36 28160 c:\windows\system32\dllcache\umaxu40.dll
+ 2012-04-19 23:08 . 2001-08-18 02:36 26624 c:\windows\system32\dllcache\umaxu22.dll
+ 2012-04-19 23:08 . 2001-08-18 02:36 69632 c:\windows\system32\dllcache\umaxu12.dll
+ 2012-04-19 23:08 . 2001-08-18 02:36 50688 c:\windows\system32\dllcache\umaxscan.dll
+ 2012-04-19 23:08 . 2001-08-17 17:58 22912 c:\windows\system32\dllcache\umaxpcls.sys
+ 2012-04-19 23:08 . 2001-08-18 02:36 50176 c:\windows\system32\dllcache\umaxp60.dll
+ 2012-04-19 23:08 . 2001-08-18 02:36 47616 c:\windows\system32\dllcache\umaxcam.dll
+ 2012-04-19 23:08 . 2001-08-17 17:52 36736 c:\windows\system32\dllcache\ultra.sys
+ 2012-04-19 23:08 . 2008-04-14 04:06 44672 c:\windows\system32\dllcache\uagp35.sys
+ 2012-04-19 23:08 . 2001-08-17 17:48 11520 c:\windows\system32\dllcache\twotrack.sys
+ 2008-04-14 00:26 . 2008-04-13 23:00 12288 c:\windows\system32\dllcache\tunmp.sys
- 2011-03-26 03:36 . 2008-04-13 23:00 14336 c:\windows\system32\dllcache\tsprof.exe
+ 2011-03-26 03:36 . 2001-08-23 11:00 14336 c:\windows\system32\dllcache\tsprof.exe
+ 2001-08-17 14:06 . 2008-04-13 23:00 21376 c:\windows\system32\dllcache\tsbvcap.sys
+ 2012-04-19 23:07 . 2001-08-17 16:12 34375 c:\windows\system32\dllcache\tpro4.sys
+ 2012-04-19 23:07 . 2001-08-18 02:35 42496 c:\windows\system32\dllcache\tp4res.dll
+ 2012-04-19 23:07 . 2008-04-14 09:42 82944 c:\windows\system32\dllcache\tp4mon.exe
+ 2012-04-19 23:07 . 2001-08-18 02:36 31744 c:\windows\system32\dllcache\tp4.dll
+ 2001-08-17 14:01 . 2008-04-13 23:00 51712 c:\windows\system32\dllcache\tosdvd.sys
+ 2012-04-19 23:07 . 2001-08-17 16:10 28232 c:\windows\system32\dllcache\tos4mo.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 33792 c:\windows\system32\dllcache\tools.dll
+ 2011-03-26 03:35 . 2008-04-14 04:42 33792 c:\windows\system32\dllcache\tools.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 10240 c:\windows\system32\dllcache\tmigrate.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 10240 c:\windows\system32\dllcache\tmigrate.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 44032 c:\windows\system32\dllcache\tintlphr.exe
+ 2011-03-26 03:35 . 2008-04-13 21:13 44032 c:\windows\system32\dllcache\tintlphr.exe
+ 2012-04-19 23:07 . 2001-08-17 18:56 81408 c:\windows\system32\dllcache\tgiul50.dll
+ 2011-03-26 03:29 . 2008-04-14 10:43 40840 c:\windows\system32\dllcache\termdd.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 19464 c:\windows\system32\dllcache\tdspx.sys
+ 2011-03-26 03:35 . 2001-08-23 11:00 19464 c:\windows\system32\dllcache\tdspx.sys
+ 2012-04-19 23:07 . 2001-08-17 16:13 17129 c:\windows\system32\dllcache\tdkcd31.sys
+ 2012-04-19 23:07 . 2001-08-17 16:13 37961 c:\windows\system32\dllcache\tdk100b.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 21896 c:\windows\system32\dllcache\tdipx.sys
+ 2011-03-26 03:35 . 2001-08-23 11:00 21896 c:\windows\system32\dllcache\tdipx.sys
+ 2011-03-26 03:35 . 2001-08-23 11:00 13192 c:\windows\system32\dllcache\tdasync.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 13192 c:\windows\system32\dllcache\tdasync.sys
- 2011-03-26 03:34 . 2003-03-24 21:52 16384 c:\windows\system32\dllcache\tcptsat.dll
+ 2011-03-26 03:34 . 2003-03-24 20:52 16384 c:\windows\system32\dllcache\tcptsat.dll
+ 2011-03-26 03:34 . 2003-03-24 20:52 32827 c:\windows\system32\dllcache\tcptest.exe
- 2011-03-26 03:34 . 2003-03-24 21:52 32827 c:\windows\system32\dllcache\tcptest.exe
+ 2012-04-19 23:07 . 2001-08-17 17:49 30464 c:\windows\system32\dllcache\tbatm155.sys
+ 2012-04-19 23:07 . 2001-08-17 16:50 36640 c:\windows\system32\dllcache\t2r4mini.sys
+ 2012-04-19 23:06 . 2001-08-17 18:07 16256 c:\windows\system32\dllcache\symc810.sys
+ 2012-04-19 23:06 . 2001-08-17 18:07 30688 c:\windows\system32\dllcache\sym_u3.sys
+ 2012-04-19 23:06 . 2001-08-17 18:07 28384 c:\windows\system32\dllcache\sym_hi.sys
+ 2012-04-19 23:06 . 2001-08-18 02:36 94293 c:\windows\system32\dllcache\sxports.dll
+ 2012-04-19 23:06 . 2001-08-18 02:36 10240 c:\windows\system32\dllcache\swpidflt.dll
+ 2012-04-19 23:06 . 2001-08-18 02:36 10240 c:\windows\system32\dllcache\swpdflt2.dll
+ 2012-04-19 23:06 . 2001-08-18 02:36 53760 c:\windows\system32\dllcache\sw_wheel.dll
+ 2012-04-19 23:06 . 2001-08-18 02:36 41472 c:\windows\system32\dllcache\sw_effct.dll
+ 2011-03-26 03:35 . 2008-04-14 04:42 46592 c:\windows\system32\dllcache\svcext51.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 46592 c:\windows\system32\dllcache\svcext51.dll
+ 2012-04-19 23:06 . 2008-04-14 04:16 15232 c:\windows\system32\dllcache\streamip.sys
+ 2012-04-19 23:06 . 2001-08-18 02:36 53248 c:\windows\system32\dllcache\stlncoin.dll
+ 2012-04-19 23:06 . 2001-08-17 17:51 16896 c:\windows\system32\dllcache\stcusb.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 16896 c:\windows\system32\dllcache\status.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 16896 c:\windows\system32\dllcache\status.dll
+ 2011-03-26 03:35 . 2008-04-14 04:42 46592 c:\windows\system32\dllcache\sspifilt.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 46592 c:\windows\system32\dllcache\sspifilt.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 45056 c:\windows\system32\dllcache\ssinc51.dll
+ 2011-03-26 03:35 . 2008-04-14 04:42 45056 c:\windows\system32\dllcache\ssinc51.dll
+ 2012-04-19 23:06 . 2001-08-17 16:11 48736 c:\windows\system32\dllcache\srwlnd5.sys
+ 2012-04-19 23:06 . 2001-08-18 02:36 99328 c:\windows\system32\dllcache\srusd.dll
+ 2012-04-19 23:06 . 2001-08-18 02:36 24660 c:\windows\system32\dllcache\spxupchk.dll
+ 2012-04-19 23:05 . 2001-08-17 18:07 19072 c:\windows\system32\dllcache\sparrow.sys
+ 2012-04-19 23:05 . 2001-08-17 16:51 37040 c:\windows\system32\dllcache\sonypi.sys
+ 2012-04-19 23:05 . 2001-08-17 16:51 20752 c:\windows\system32\dllcache\sonync.sys
+ 2008-04-14 00:16 . 2008-04-13 23:00 25344 c:\windows\system32\dllcache\sonydcam.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 39936 c:\windows\system32\dllcache\snmpthrd.dll
+ 2011-03-26 03:35 . 2008-04-14 04:42 39936 c:\windows\system32\dllcache\snmpthrd.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 10240 c:\windows\system32\dllcache\snmpstup.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 10240 c:\windows\system32\dllcache\snmpstup.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 33280 c:\windows\system32\dllcache\snmp.exe
+ 2011-03-26 03:35 . 2008-04-14 04:42 33280 c:\windows\system32\dllcache\snmp.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 10752 c:\windows\system32\dllcache\smtpapi.dll
+ 2011-03-26 03:35 . 2008-04-14 04:42 10752 c:\windows\system32\dllcache\smtpapi.dll
+ 2012-04-19 23:05 . 2001-08-17 16:51 58368 c:\windows\system32\dllcache\smiminib.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 15872 c:\windows\system32\dllcache\smierrsm.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 15872 c:\windows\system32\dllcache\smierrsm.dll
+ 2012-04-19 23:05 . 2001-08-17 16:12 25034 c:\windows\system32\dllcache\smcpwr2n.sys
+ 2012-04-19 23:05 . 2001-08-17 16:10 35913 c:\windows\system32\dllcache\smcirda.sys
+ 2012-04-19 23:05 . 2001-08-17 16:12 24576 c:\windows\system32\dllcache\smc8000n.sys
+ 2012-04-19 23:05 . 2008-04-14 04:06 16000 c:\windows\system32\dllcache\smbbatt.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 31744 c:\windows\system32\dllcache\smb6w.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 31744 c:\windows\system32\dllcache\smb6w.dll
+ 2012-04-19 23:05 . 2001-08-18 02:36 45568 c:\windows\system32\dllcache\smb3w.dll
+ 2012-04-19 23:05 . 2001-08-18 02:36 33792 c:\windows\system32\dllcache\smb0w.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 31744 c:\windows\system32\dllcache\sma3w.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 31744 c:\windows\system32\dllcache\sma3w.dll
+ 2012-04-19 23:05 . 2001-08-18 02:36 28672 c:\windows\system32\dllcache\sma0w.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 38912 c:\windows\system32\dllcache\sm9aw.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 38912 c:\windows\system32\dllcache\sm9aw.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 26624 c:\windows\system32\dllcache\sm93w.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 26624 c:\windows\system32\dllcache\sm93w.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 26624 c:\windows\system32\dllcache\sm92w.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 26624 c:\windows\system32\dllcache\sm92w.dll
+ 2012-04-19 23:05 . 2001-08-18 02:36 28160 c:\windows\system32\dllcache\sm91w.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 26112 c:\windows\system32\dllcache\sm90w.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 26112 c:\windows\system32\dllcache\sm90w.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 26112 c:\windows\system32\dllcache\sm8dw.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 26112 c:\windows\system32\dllcache\sm8dw.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 29184 c:\windows\system32\dllcache\sm8cw.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 29184 c:\windows\system32\dllcache\sm8cw.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 26112 c:\windows\system32\dllcache\sm8aw.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 26112 c:\windows\system32\dllcache\sm8aw.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 26112 c:\windows\system32\dllcache\sm89w.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 26112 c:\windows\system32\dllcache\sm89w.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 30208 c:\windows\system32\dllcache\sm87w.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 30208 c:\windows\system32\dllcache\sm87w.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 30208 c:\windows\system32\dllcache\sm81w.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 30208 c:\windows\system32\dllcache\sm81w.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 25088 c:\windows\system32\dllcache\sm59w.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 25088 c:\windows\system32\dllcache\sm59w.dll
+ 2012-04-19 23:05 . 2008-04-14 03:53 13240 c:\windows\system32\dllcache\slwdmsup.sys
+ 2012-04-19 23:05 . 2008-04-14 09:42 73796 c:\windows\system32\dllcache\slserv.exe
+ 2012-04-19 23:05 . 2008-04-14 09:42 32866 c:\windows\system32\dllcache\slrundll.exe
+ 2012-04-19 23:05 . 2008-04-14 03:53 95424 c:\windows\system32\dllcache\slnthal.sys
+ 2012-04-19 23:04 . 2008-04-14 04:16 11136 c:\windows\system32\dllcache\slip.sys
+ 2012-04-19 23:04 . 2008-04-14 09:42 73832 c:\windows\system32\dllcache\slcoinst.dll
+ 2012-04-19 23:04 . 2008-04-14 02:05 63547 c:\windows\system32\dllcache\sla30nd5.sys
+ 2012-04-19 23:04 . 2001-08-17 16:12 91294 c:\windows\system32\dllcache\skfpwin.sys
+ 2012-04-19 23:04 . 2001-08-17 16:12 94698 c:\windows\system32\dllcache\sk98xwin.sys
+ 2012-04-19 23:04 . 2001-08-17 16:50 50432 c:\windows\system32\dllcache\sisv.sys
+ 2012-04-19 23:04 . 2008-04-14 02:05 32768 c:\windows\system32\dllcache\sisnic.sys
+ 2012-04-19 23:04 . 2008-04-14 04:06 40960 c:\windows\system32\dllcache\sisagp.sys
+ 2012-04-19 23:04 . 2001-08-17 16:50 68608 c:\windows\system32\dllcache\sis6306p.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 18944 c:\windows\system32\dllcache\simptcp.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 18944 c:\windows\system32\dllcache\simptcp.dll
+ 2011-03-26 03:34 . 2003-03-24 20:52 16437 c:\windows\system32\dllcache\shtml.exe
- 2011-03-26 03:34 . 2003-03-24 21:52 16437 c:\windows\system32\dllcache\shtml.exe
- 2011-03-26 03:34 . 2003-03-24 21:52 20536 c:\windows\system32\dllcache\shtml.dll
+ 2011-03-26 03:34 . 2003-03-24 20:52 20536 c:\windows\system32\dllcache\shtml.dll
+ 2012-04-19 23:04 . 2001-07-21 18:29 18400 c:\windows\system32\dllcache\sgsmld.sys
+ 2012-04-19 23:04 . 2001-08-17 16:51 98080 c:\windows\system32\dllcache\sgiulnt5.sys
+ 2012-04-19 23:04 . 2001-08-17 16:19 36480 c:\windows\system32\dllcache\sfmanm.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 11392 c:\windows\system32\dllcache\sfloppy.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 11008 c:\windows\system32\dllcache\sffp_sd.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 11904 c:\windows\system32\dllcache\sffdisk.sys
+ 2012-04-19 23:04 . 2001-08-17 17:48 17664 c:\windows\system32\dllcache\sermouse.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 64512 c:\windows\system32\dllcache\serial.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 15744 c:\windows\system32\dllcache\serenum.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 79232 c:\windows\system32\dllcache\sdbus.sys
+ 2012-04-19 23:03 . 2008-04-14 04:15 11520 c:\windows\system32\dllcache\scsiscan.sys
+ 2012-04-19 23:03 . 2001-08-17 17:52 11648 c:\windows\system32\dllcache\scsiprnt.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 96384 c:\windows\system32\dllcache\scsiport.sys
+ 2012-04-19 23:03 . 2001-08-17 17:51 17280 c:\windows\system32\dllcache\scr111.sys
+ 2012-04-19 23:03 . 2001-08-17 17:51 16640 c:\windows\system32\dllcache\scmstcs.sys
+ 2012-04-19 23:03 . 2001-08-17 17:51 23936 c:\windows\system32\dllcache\sccmusbm.sys
+ 2012-04-19 23:03 . 2001-08-17 17:51 23936 c:\windows\system32\dllcache\sccmn50m.sys
+ 2012-04-19 23:03 . 2008-04-14 04:10 43904 c:\windows\system32\dllcache\sbp2port.sys
+ 2012-04-19 23:03 . 2001-08-17 16:50 75392 c:\windows\system32\dllcache\s3savmxm.sys
+ 2012-04-19 23:03 . 2001-08-17 16:50 77824 c:\windows\system32\dllcache\s3sav4m.sys
+ 2012-04-19 23:03 . 2001-08-17 16:50 61504 c:\windows\system32\dllcache\s3sav3dm.sys
+ 2012-04-19 23:03 . 2001-08-18 02:36 62496 c:\windows\system32\dllcache\s3mtrio.dll
+ 2012-04-19 23:03 . 2001-08-17 16:50 41216 c:\windows\system32\dllcache\s3mt3d.sys
+ 2012-04-19 23:03 . 2001-08-17 17:57 65664 c:\windows\system32\dllcache\s3legacy.sys
+ 2012-04-19 22:47 . 2001-08-17 18:56 66048 c:\windows\system32\dllcache\s3legacy.dll
+ 2012-04-19 23:03 . 2001-08-18 02:36 82432 c:\windows\system32\dllcache\rwia450.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 79872 c:\windows\system32\dllcache\rwia330.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 79872 c:\windows\system32\dllcache\rwia330.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 79872 c:\windows\system32\dllcache\rwia001.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 79872 c:\windows\system32\dllcache\rwia001.dll
+ 2012-04-19 23:02 . 2008-04-14 09:42 29696 c:\windows\system32\dllcache\rw450ext.dll
+ 2012-04-19 23:02 . 2008-04-14 09:42 27648 c:\windows\system32\dllcache\rw430ext.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 29184 c:\windows\system32\dllcache\rw330ext.dll
+ 2011-03-26 03:35 . 2008-04-14 04:42 29184 c:\windows\system32\dllcache\rw330ext.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 27648 c:\windows\system32\dllcache\rw001ext.dll
+ 2011-03-26 03:35 . 2008-04-14 04:42 27648 c:\windows\system32\dllcache\rw001ext.dll
+ 2012-04-19 23:02 . 2008-04-14 02:05 20992 c:\windows\system32\dllcache\rtl8139.sys
+ 2012-04-19 23:02 . 2001-08-17 16:12 19017 c:\windows\system32\dllcache\rtl8029.sys
+ 2012-04-19 23:02 . 2001-08-17 16:19 30720 c:\windows\system32\dllcache\rthwcls.sys
+ 2012-04-19 23:02 . 2008-04-14 04:10 79104 c:\windows\system32\dllcache\rocket.sys
+ 2012-04-19 23:02 . 2008-04-14 04:26 30592 c:\windows\system32\dllcache\rndismpx.sys
+ 2012-04-19 23:02 . 2001-08-17 16:12 37563 c:\windows\system32\dllcache\rlnet5.sys
+ 2001-08-17 13:24 . 2008-04-13 23:00 12032 c:\windows\system32\dllcache\riodrv.sys
+ 2001-08-17 13:24 . 2008-04-13 23:00 12032 c:\windows\system32\dllcache\rio8drv.sys
+ 2012-04-19 23:02 . 2008-04-14 04:16 59136 c:\windows\system32\dllcache\rfcomm.sys
+ 2012-04-19 23:02 . 2001-08-18 02:36 86097 c:\windows\system32\dllcache\reslog32.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 14848 c:\windows\system32\dllcache\register.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 14848 c:\windows\system32\dllcache\register.exe
+ 2011-03-26 01:05 . 2008-04-14 00:10 57600 c:\windows\system32\dllcache\redbook.sys
+ 2012-04-19 23:02 . 2008-04-14 03:53 13776 c:\windows\system32\dllcache\recagent.sys
+ 2012-04-19 23:02 . 2001-08-17 17:51 19584 c:\windows\system32\dllcache\rasirda.sys
+ 2011-03-26 03:35 . 2008-04-13 23:11 20736 c:\windows\system32\dllcache\ramdisk.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 20736 c:\windows\system32\dllcache\ramdisk.sys
+ 2012-04-19 23:02 . 2001-08-18 02:36 41472 c:\windows\system32\dllcache\qvusd.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 16384 c:\windows\system32\dllcache\quser.exe
+ 2011-03-26 03:35 . 2001-08-23 11:00 16384 c:\windows\system32\dllcache\quser.exe
+ 2012-04-19 23:02 . 2001-08-17 17:52 49024 c:\windows\system32\dllcache\ql1280.sys
+ 2012-04-19 23:02 . 2001-08-17 17:52 40448 c:\windows\system32\dllcache\ql1240.sys
+ 2012-04-19 23:02 . 2001-08-17 17:52 45312 c:\windows\system32\dllcache\ql12160.sys
+ 2012-04-19 23:01 . 2001-08-17 17:52 40320 c:\windows\system32\dllcache\ql1080.sys
+ 2012-04-19 23:01 . 2001-08-18 02:36 35328 c:\windows\system32\dllcache\psisload.dll
+ 2012-04-19 23:01 . 2001-08-17 17:51 16128 c:\windows\system32\dllcache\pscr.sys
+ 2008-04-14 00:01 . 2008-04-13 23:00 35840 c:\windows\system32\dllcache\processr.sys
+ 2012-04-19 23:01 . 2008-04-14 04:11 17664 c:\windows\system32\dllcache\ppa3.sys
+ 2012-04-19 23:01 . 2001-08-17 17:53 17792 c:\windows\system32\dllcache\ppa.sys
+ 2011-03-26 03:35 . 2001-08-23 11:00 11264 c:\windows\system32\dllcache\pmxmcro.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 11264 c:\windows\system32\dllcache\pmxmcro.dll
+ 2011-03-26 03:35 . 2008-04-14 04:40 67584 c:\windows\system32\dllcache\pmigrate.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 67584 c:\windows\system32\dllcache\pmigrate.dll
+ 2008-04-14 05:42 . 2008-04-13 23:00 15360 c:\windows\system32\dllcache\pjlmon.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 70144 c:\windows\system32\dllcache\pintlphr.exe
+ 2011-03-26 03:35 . 2008-04-13 21:13 70144 c:\windows\system32\dllcache\pintlphr.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 53760 c:\windows\system32\dllcache\pintlcsd.dll
+ 2011-03-26 03:35 . 2008-04-14 04:40 53760 c:\windows\system32\dllcache\pintlcsd.dll
+ 2012-04-19 23:01 . 2001-08-17 18:07 19840 c:\windows\system32\dllcache\philtune.sys
+ 2012-04-19 23:01 . 2001-08-17 18:04 92416 c:\windows\system32\dllcache\phildec.sys
+ 2012-04-19 23:01 . 2001-08-17 18:04 75776 c:\windows\system32\dllcache\philcam1.sys
+ 2012-04-19 23:01 . 2001-08-18 02:36 16384 c:\windows\system32\dllcache\philcam1.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 20992 c:\windows\system32\dllcache\permchk.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 20992 c:\windows\system32\dllcache\permchk.dll
+ 2012-04-19 23:01 . 2008-04-14 04:14 28032 c:\windows\system32\dllcache\perm3.sys
+ 2012-04-19 23:01 . 2008-04-14 04:14 27904 c:\windows\system32\dllcache\perm2.sys
+ 2012-04-19 23:00 . 2001-08-18 02:36 86016 c:\windows\system32\dllcache\pctspk.exe
+ 2012-04-19 23:00 . 2001-08-17 16:11 35328 c:\windows\system32\dllcache\pcntpci5.sys
+ 2012-04-19 23:00 . 2001-08-17 16:11 29769 c:\windows\system32\dllcache\pcntn5m.sys
+ 2012-04-19 23:00 . 2001-08-17 16:11 30282 c:\windows\system32\dllcache\pcntn5hl.sys
+ 2012-04-19 23:00 . 2001-08-17 16:12 26153 c:\windows\system32\dllcache\pcmlm56.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 24960 c:\windows\system32\dllcache\pciidex.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 68224 c:\windows\system32\dllcache\pci.sys
+ 2012-04-19 23:00 . 2008-04-14 02:05 29502 c:\windows\system32\dllcache\pca200e.sys
+ 2012-04-19 23:00 . 2001-08-17 16:12 30495 c:\windows\system32\dllcache\pc100nds.sys
+ 2008-04-14 00:10 . 2008-04-13 23:00 80128 c:\windows\system32\dllcache\parport.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 31744 c:\windows\system32\dllcache\pagecnt.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 31744 c:\windows\system32\dllcache\pagecnt.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 15360 c:\windows\system32\dllcache\padrs804.dll
+ 2011-03-26 03:35 . 2008-04-14 04:40 15360 c:\windows\system32\dllcache\padrs804.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 14336 c:\windows\system32\dllcache\padrs412.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 14336 c:\windows\system32\dllcache\padrs412.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 36927 c:\windows\system32\dllcache\padrs411.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 36927 c:\windows\system32\dllcache\padrs411.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 15872 c:\windows\system32\dllcache\padrs404.dll
+ 2011-03-26 03:35 . 2008-04-14 04:40 15872 c:\windows\system32\dllcache\padrs404.dll
+ 2008-04-14 00:01 . 2008-04-13 23:00 42752 c:\windows\system32\dllcache\p3.sys
+ 2012-04-19 23:00 . 2001-08-18 02:36 41984 c:\windows\system32\dllcache\ovui2rc.dll
+ 2012-04-19 23:00 . 2001-08-18 02:36 44544 c:\windows\system32\dllcache\ovui2.dll
+ 2012-04-19 23:00 . 2001-08-17 18:05 25216 c:\windows\system32\dllcache\ovsound2.sys
+ 2012-04-19 23:00 . 2001-08-18 02:36 39424 c:\windows\system32\dllcache\ovcoms.exe
+ 2012-04-19 23:00 . 2001-08-18 02:36 20480 c:\windows\system32\dllcache\ovcomc.dll
+ 2012-04-19 23:00 . 2001-08-17 18:05 31872 c:\windows\system32\dllcache\ovce.sys
+ 2012-04-19 23:00 . 2001-08-17 18:05 28032 c:\windows\system32\dllcache\ovcd.sys
+ 2012-04-19 23:00 . 2001-08-17 18:05 48000 c:\windows\system32\dllcache\ovcam2.sys
+ 2012-04-19 23:00 . 2001-08-17 18:05 25088 c:\windows\system32\dllcache\ovca.sys
+ 2012-04-19 23:00 . 2001-08-17 17:28 54186 c:\windows\system32\dllcache\otcsercb.sys
+ 2012-04-19 23:00 . 2001-08-17 16:12 43689 c:\windows\system32\dllcache\otceth5.sys
+ 2012-04-19 23:00 . 2001-08-17 16:12 27209 c:\windows\system32\dllcache\otc06x5.sys
+ 2012-04-19 23:00 . 2001-08-17 16:20 54528 c:\windows\system32\dllcache\opl3sax.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 24064 c:\windows\system32\dllcache\olesvr.dll
- 2011-03-26 01:03 . 2008-04-13 23:00 24064 c:\windows\system32\dllcache\olesvr.dll
- 2011-03-26 01:03 . 2008-04-13 23:00 82944 c:\windows\system32\dllcache\olecli.dll
+ 2008-04-13 23:00 . 2008-04-13 23:00 82944 c:\windows\system32\dllcache\olecli.dll
+ 2012-04-19 22:59 . 2001-08-17 16:49 51552 c:\windows\system32\dllcache\ntgrip.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 44544 c:\windows\system32\dllcache\nsepm.dll
+ 2011-03-26 03:35 . 2008-04-14 04:42 44544 c:\windows\system32\dllcache\nsepm.dll
+ 2012-04-19 22:59 . 2008-04-14 04:24 28672 c:\windows\system32\dllcache\nscirda.sys
- 2011-03-26 01:03 . 2008-04-13 23:00 69120 c:\windows\system32\dllcache\notepad.exe
+ 2008-04-13 23:00 . 2008-04-13 23:00 69120 c:\windows\system32\dllcache\notepad.exe
+ 2012-04-19 22:59 . 2001-08-17 16:20 87040 c:\windows\system32\dllcache\nm6wdm.sys
+ 2001-08-17 13:24 . 2008-04-13 23:00 12032 c:\windows\system32\dllcache\nikedrv.sys
+ 2008-04-14 00:21 . 2008-04-13 23:00 61824 c:\windows\system32\dllcache\nic1394.sys
+ 2012-04-19 22:59 . 2001-08-17 16:12 32840 c:\windows\system32\dllcache\ngrpci.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 53248 c:\windows\system32\dllcache\nextlink.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 53248 c:\windows\system32\dllcache\nextlink.dll
+ 2012-04-19 22:59 . 2001-08-17 16:11 65278 c:\windows\system32\dllcache\netflx3.sys
+ 2012-04-19 22:59 . 2001-08-17 16:50 39264 c:\windows\system32\dllcache\neo20xx.sys
+ 2012-04-19 22:59 . 2001-08-18 02:36 60480 c:\windows\system32\dllcache\neo20xx.dll
+ 2012-04-19 22:59 . 2001-08-17 17:49 15872 c:\windows\system32\dllcache\ne2000.sys
+ 2008-04-14 00:26 . 2008-04-13 23:00 14592 c:\windows\system32\dllcache\ndisuio.sys
+ 2012-04-19 22:59 . 2008-04-14 04:16 10880 c:\windows\system32\dllcache\ndisip.sys
+ 2012-04-19 22:59 . 2008-04-14 04:16 85248 c:\windows\system32\dllcache\nabtsfec.sys
+ 2012-04-19 22:59 . 2001-08-17 18:56 91488 c:\windows\system32\dllcache\n9i3disp.dll
+ 2012-04-19 22:59 . 2001-08-17 16:50 27936 c:\windows\system32\dllcache\n9i3d.sys
+ 2012-04-19 22:59 . 2001-08-17 16:50 33088 c:\windows\system32\dllcache\n9i128v2.sys
+ 2012-04-19 22:58 . 2001-08-17 16:50 13664 c:\windows\system32\dllcache\n9i128.sys
+ 2012-04-19 22:58 . 2001-08-17 18:56 35392 c:\windows\system32\dllcache\n9i128.dll
+ 2012-04-19 22:58 . 2001-08-17 16:11 52255 c:\windows\system32\dllcache\n1000nt5.sys
+ 2012-04-19 22:58 . 2001-08-17 17:50 75520 c:\windows\system32\dllcache\mxport.sys
+ 2012-04-19 22:58 . 2001-08-17 17:49 19968 c:\windows\system32\dllcache\mxnic.sys
+ 2012-04-19 22:58 . 2001-08-18 02:36 19968 c:\windows\system32\dllcache\mxicfg.dll
+ 2012-04-19 22:58 . 2001-08-17 17:50 21888 c:\windows\system32\dllcache\mxcard.sys
+ 2012-04-19 22:58 . 2008-04-14 04:13 12672 c:\windows\system32\dllcache\mutohpen.sys
- 2009-11-27 17:11 . 2009-11-27 17:11 17920 c:\windows\system32\dllcache\msyuv.dll
+ 2008-04-14 05:42 . 2009-11-27 17:11 17920 c:\windows\system32\dllcache\msyuv.dll
+ 2012-04-19 22:58 . 2008-04-14 04:16 49024 c:\windows\system32\dllcache\mstape.sys
+ 2008-04-14 00:06 . 2008-04-13 23:00 15488 c:\windows\system32\dllcache\mssmbios.sys
+ 2012-04-19 22:58 . 2001-08-17 17:48 12416 c:\windows\system32\dllcache\msriffwv.sys
+ 2011-03-26 03:35 . 2008-04-14 04:42 40960 c:\windows\system32\dllcache\msiregmv.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 40960 c:\windows\system32\dllcache\msiregmv.exe
+ 2012-04-19 22:58 . 2008-04-14 04:24 22016 c:\windows\system32\dllcache\msircomm.sys
+ 2011-03-26 03:35 . 2001-08-23 11:00 98304 c:\windows\system32\dllcache\msir3jp.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 98304 c:\windows\system32\dllcache\msir3jp.dll
+ 2012-04-19 22:58 . 2001-08-17 18:02 35200 c:\windows\system32\dllcache\msgame.sys
+ 2012-04-19 22:57 . 2008-04-14 04:16 51200 c:\windows\system32\dllcache\msdv.sys
+ 2012-04-19 22:57 . 2001-08-17 17:52 17280 c:\windows\system32\dllcache\mraid35x.sys
+ 2012-04-19 22:57 . 2008-04-14 04:16 15232 c:\windows\system32\dllcache\mpe.sys
+ 2012-04-19 22:57 . 2001-08-17 17:57 16128 c:\windows\system32\dllcache\modemcsa.sys
+ 2008-04-14 00:30 . 2008-04-13 23:00 30080 c:\windows\system32\dllcache\modem.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 68768 c:\windows\system32\dllcache\mmsystem.dll
- 2011-03-26 01:03 . 2008-04-13 23:00 68768 c:\windows\system32\dllcache\mmsystem.dll
+ 2008-04-13 23:00 . 2001-08-23 11:00 34304 c:\windows\system32\dllcache\migisol.exe
- 2008-04-13 23:00 . 2008-04-13 23:00 34304 c:\windows\system32\dllcache\migisol.exe
+ 2011-03-26 03:35 . 2001-08-23 11:00 92416 c:\windows\system32\dllcache\mga.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 92416 c:\windows\system32\dllcache\mga.sys
+ 2011-03-26 03:35 . 2001-08-23 11:00 92032 c:\windows\system32\dllcache\mga.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 92032 c:\windows\system32\dllcache\mga.dll
+ 2008-04-14 00:06 . 2008-04-13 23:00 63744 c:\windows\system32\dllcache\mf.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 85504 c:\windows\system32\dllcache\metada51.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 85504 c:\windows\system32\dllcache\metada51.dll
+ 2012-04-19 22:57 . 2008-04-14 04:11 26112 c:\windows\system32\dllcache\memstpci.sys
+ 2012-04-19 22:57 . 2001-08-18 02:36 47616 c:\windows\system32\dllcache\memgrp.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 26624 c:\windows\system32\dllcache\mdsync.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 26624 c:\windows\system32\dllcache\mdsync.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 37888 c:\windows\system32\dllcache\md5filt.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 37888 c:\windows\system32\dllcache\md5filt.dll
- 2011-03-26 01:03 . 2008-04-13 23:00 28160 c:\windows\system32\dllcache\mciwave.drv
+ 2008-04-13 23:00 . 2008-04-13 23:00 28160 c:\windows\system32\dllcache\mciwave.drv
+ 2008-04-13 23:00 . 2008-04-13 23:00 25264 c:\windows\system32\dllcache\mciseq.drv
- 2011-03-26 01:03 . 2008-04-13 23:00 25264 c:\windows\system32\dllcache\mciseq.drv
+ 2008-04-13 23:00 . 2008-04-13 23:00 73376 c:\windows\system32\dllcache\mciavi.drv
- 2011-03-26 01:03 . 2008-04-13 23:00 73376 c:\windows\system32\dllcache\mciavi.drv
+ 2012-04-19 22:57 . 2001-08-17 16:19 48768 c:\windows\system32\dllcache\maestro.sys
+ 2012-04-19 22:57 . 2001-08-18 02:36 58880 c:\windows\system32\dllcache\m3092dc.dll
+ 2012-04-19 22:57 . 2001-08-18 02:36 58368 c:\windows\system32\dllcache\m3091dc.dll
+ 2012-04-19 22:57 . 2001-08-17 16:49 22848 c:\windows\system32\dllcache\lwusbhid.sys
+ 2012-04-19 22:57 . 2008-04-14 02:09 20864 c:\windows\system32\dllcache\lwadihid.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 18944 c:\windows\system32\dllcache\lprmon.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 18944 c:\windows\system32\dllcache\lprmon.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 22528 c:\windows\system32\dllcache\lpdsvc.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 22528 c:\windows\system32\dllcache\lpdsvc.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 13312 c:\windows\system32\dllcache\lonsint.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 13312 c:\windows\system32\dllcache\lonsint.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 22016 c:\windows\system32\dllcache\logscrpt.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 22016 c:\windows\system32\dllcache\logscrpt.dll
+ 2012-04-19 22:56 . 2001-08-17 16:12 70730 c:\windows\system32\dllcache\lne100tx.sys
+ 2012-04-19 22:56 . 2001-08-17 16:12 20573 c:\windows\system32\dllcache\lne100.sys
+ 2012-04-19 22:56 . 2001-08-17 16:11 25065 c:\windows\system32\dllcache\lmndis3.sys
+ 2011-03-26 03:35 . 2008-04-14 04:41 33792 c:\windows\system32\dllcache\lmmib2.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 33792 c:\windows\system32\dllcache\lmmib2.dll
+ 2012-04-19 22:56 . 2001-08-17 17:51 15744 c:\windows\system32\dllcache\lit220p.sys
+ 2012-04-19 22:56 . 2008-04-14 04:10 34688 c:\windows\system32\dllcache\lbrtfdc.sys
+ 2012-04-19 22:56 . 2001-08-17 16:12 26442 c:\windows\system32\dllcache\lanepic5.sys
+ 2012-04-19 22:56 . 2001-08-17 16:12 19016 c:\windows\system32\dllcache\ktc111.sys
+ 2012-04-19 22:56 . 2001-08-18 02:36 37376 c:\windows\system32\dllcache\kousd.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 70656 c:\windows\system32\dllcache\korwbrkr.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 70656 c:\windows\system32\dllcache\korwbrkr.dll
+ 2012-04-19 22:56 . 2008-04-14 09:41 48640 c:\windows\system32\dllcache\kdsui.dll
+ 2008-04-13 23:00 . 2008-04-13 23:00 14592 c:\windows\system32\dllcache\kbdhid.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 24576 c:\windows\system32\dllcache\kbdclass.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 18432 c:\windows\system32\dllcache\jupiw.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 18432 c:\windows\system32\dllcache\jupiw.dll
+ 2008-04-14 05:41 . 2009-11-27 16:07 48128 c:\windows\system32\dllcache\iyuv_32.dll
- 2009-11-27 16:07 . 2009-11-27 16:07 48128 c:\windows\system32\dllcache\iyuv_32.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 26624 c:\windows\system32\dllcache\iscomlog.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 26624 c:\windows\system32\dllcache\iscomlog.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 68608 c:\windows\system32\dllcache\isatq.dll
+ 2011-03-26 03:34 . 2008-04-14 04:41 68608 c:\windows\system32\dllcache\isatq.dll
+ 2008-04-13 23:00 . 2008-04-13 23:00 37248 c:\windows\system32\dllcache\isapnp.sys
+ 2012-04-19 22:56 . 2001-08-17 17:49 26624 c:\windows\system32\dllcache\irstusb.sys
+ 2012-04-19 22:56 . 2001-08-17 17:51 18688 c:\windows\system32\dllcache\irsir.sys
+ 2012-04-19 22:56 . 2008-04-14 09:41 28160 c:\windows\system32\dllcache\irmon.dll
+ 2012-04-19 22:56 . 2001-08-17 17:49 23552 c:\windows\system32\dllcache\irmk7.sys
+ 2012-04-19 22:56 . 2008-04-14 04:24 88192 c:\windows\system32\dllcache\irda.sys
+ 2012-04-19 22:56 . 2008-04-14 04:15 46592 c:\windows\system32\dllcache\irbus.sys
+ 2008-04-13 23:00 . 2008-04-14 04:49 75264 c:\windows\system32\dllcache\ipsec.sys
- 2008-04-13 23:00 . 2008-04-13 23:00 75264 c:\windows\system32\dllcache\ipsec.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 35328 c:\windows\system32\dllcache\iprip.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 35328 c:\windows\system32\dllcache\iprip.dll
+ 2012-04-19 22:55 . 2001-08-18 02:36 90200 c:\windows\system32\dllcache\io8ports.dll
+ 2012-04-19 22:55 . 2001-08-17 17:50 38784 c:\windows\system32\dllcache\io8.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 36352 c:\windows\system32\dllcache\intelppm.sys
+ 2012-04-19 22:55 . 2001-08-17 17:47 13056 c:\windows\system32\dllcache\inport.sys
+ 2012-04-19 22:55 . 2001-08-17 17:52 16000 c:\windows\system32\dllcache\ini910u.sys
- 2011-03-26 03:34 . 2008-04-13 23:00 13312 c:\windows\system32\dllcache\infoadmn.dll
+ 2011-03-26 03:34 . 2008-04-14 04:41 13312 c:\windows\system32\dllcache\infoadmn.dll
+ 2011-03-26 03:34 . 2001-08-23 11:00 19968 c:\windows\system32\dllcache\inetsloc.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 19968 c:\windows\system32\dllcache\inetsloc.dll
+ 2011-03-26 03:35 . 2008-04-14 04:42 15360 c:\windows\system32\dllcache\inetin51.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 15360 c:\windows\system32\dllcache\inetin51.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 59392 c:\windows\system32\dllcache\imscinst.exe
+ 2011-03-26 03:35 . 2008-04-13 21:13 59392 c:\windows\system32\dllcache\imscinst.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 59904 c:\windows\system32\dllcache\imkrinst.exe
+ 2011-03-26 03:35 . 2001-08-23 11:00 59904 c:\windows\system32\dllcache\imkrinst.exe
+ 2011-03-26 03:35 . 2001-08-23 11:00 45109 c:\windows\system32\dllcache\imjpuex.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 45109 c:\windows\system32\dllcache\imjpuex.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 81976 c:\windows\system32\dllcache\imjpdct.dll
+ 2011-03-26 03:35 . 2008-04-14 04:39 81976 c:\windows\system32\dllcache\imjpdct.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 57398 c:\windows\system32\dllcache\imjpdadm.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 57398 c:\windows\system32\dllcache\imjpdadm.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 44032 c:\windows\system32\dllcache\imekrmig.exe
+ 2011-03-26 03:35 . 2001-08-23 11:00 44032 c:\windows\system32\dllcache\imekrmig.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 86016 c:\windows\system32\dllcache\imekrmbx.dll
+ 2011-03-26 03:35 . 2008-04-14 04:39 86016 c:\windows\system32\dllcache\imekrmbx.dll
+ 2008-04-13 23:00 . 2008-04-13 23:00 42112 c:\windows\system32\dllcache\imapi.sys
+ 2011-03-26 03:34 . 2008-04-14 04:42 30720 c:\windows\system32\dllcache\iisrstas.exe
- 2011-03-26 03:34 . 2008-04-13 23:00 30720 c:\windows\system32\dllcache\iisrstas.exe
- 2011-03-26 03:34 . 2008-04-13 23:00 14336 c:\windows\system32\dllcache\iisreset.exe
+ 2011-03-26 03:34 . 2001-08-23 11:00 14336 c:\windows\system32\dllcache\iisreset.exe
- 2011-03-26 03:34 . 2008-04-13 23:00 64512 c:\windows\system32\dllcache\iismap.dll
+ 2011-03-26 03:34 . 2008-04-14 04:41 64512 c:\windows\system32\dllcache\iismap.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 79872 c:\windows\system32\dllcache\iislog51.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 79872 c:\windows\system32\dllcache\iislog51.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 68608 c:\windows\system32\dllcache\iisext51.dll
+ 2011-03-26 03:34 . 2008-04-14 04:41 68608 c:\windows\system32\dllcache\iisext51.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 19456 c:\windows\system32\dllcache\iiscrmap.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 19456 c:\windows\system32\dllcache\iiscrmap.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 60928 c:\windows\system32\dllcache\iisclex4.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 60928 c:\windows\system32\dllcache\iisclex4.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 25088 c:\windows\system32\dllcache\iisadmin.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 25088 c:\windows\system32\dllcache\iisadmin.dll
+ 2012-04-19 22:55 . 2001-08-18 02:36 20480 c:\windows\system32\dllcache\icam5ext.dll
+ 2012-04-19 22:55 . 2001-08-18 02:36 45056 c:\windows\system32\dllcache\icam5com.dll
+ 2012-04-19 22:55 . 2001-08-18 02:36 61952 c:\windows\system32\dllcache\icam4ext.dll
+ 2012-04-19 22:55 . 2001-08-18 02:36 91136 c:\windows\system32\dllcache\icam4com.dll
+ 2012-04-19 22:55 . 2001-08-18 02:36 26624 c:\windows\system32\dllcache\icam3ext.dll
+ 2012-04-19 22:55 . 2001-08-17 18:06 38528 c:\windows\system32\dllcache\ibmvcap.sys
+ 2012-04-19 22:54 . 2001-08-17 16:11 28700 c:\windows\system32\dllcache\ibmexmp.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 52480 c:\windows\system32\dllcache\i8042prt.sys
+ 2012-04-19 22:54 . 2001-08-17 16:49 58592 c:\windows\system32\dllcache\i740nt5.sys
+ 2012-04-19 22:54 . 2008-04-14 04:11 18560 c:\windows\system32\dllcache\i2omp.sys
+ 2011-03-26 03:35 . 2008-04-14 04:41 61440 c:\windows\system32\dllcache\httpod51.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 61440 c:\windows\system32\dllcache\httpod51.dll
+ 2012-04-19 22:54 . 2008-04-14 09:41 32285 c:\windows\system32\dllcache\hsfcisp2.dll
+ 2012-04-19 22:54 . 2001-08-17 17:28 50751 c:\windows\system32\dllcache\hsf_tone.sys
+ 2012-04-19 22:54 . 2001-08-17 17:28 73279 c:\windows\system32\dllcache\hsf_spkp.sys
+ 2012-04-19 22:54 . 2001-08-17 17:28 44863 c:\windows\system32\dllcache\hsf_soar.sys
+ 2012-04-19 22:54 . 2001-08-17 17:28 57471 c:\windows\system32\dllcache\hsf_samp.sys
+ 2012-04-19 22:54 . 2001-08-17 17:28 67167 c:\windows\system32\dllcache\hsf_bsc2.sys
+ 2012-04-19 22:54 . 2001-08-18 02:36 19456 c:\windows\system32\dllcache\hr1w.dll
+ 2012-04-19 22:53 . 2001-08-17 18:07 25952 c:\windows\system32\dllcache\hpn.sys
+ 2012-04-19 22:53 . 2001-08-18 02:36 32768 c:\windows\system32\dllcache\hpgtmcro.dll
+ 2012-04-19 22:53 . 2001-08-18 02:36 68608 c:\windows\system32\dllcache\hpgt53tk.dll
+ 2012-04-19 22:53 . 2001-08-18 02:36 31232 c:\windows\system32\dllcache\hpgt42tk.dll
+ 2012-04-19 22:53 . 2001-08-18 02:36 93696 c:\windows\system32\dllcache\hpgt42.dll
+ 2012-04-19 22:53 . 2001-08-18 02:36 48128 c:\windows\system32\dllcache\hpgt33tk.dll
+ 2012-04-19 22:53 . 2001-08-18 02:36 89088 c:\windows\system32\dllcache\hpgt33.dll
+ 2012-04-19 22:53 . 2001-08-18 02:36 83968 c:\windows\system32\dllcache\hpgt21.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 39936 c:\windows\system32\dllcache\hostmib.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 39936 c:\windows\system32\dllcache\hostmib.dll
+ 2008-04-13 23:00 . 2008-04-13 23:00 10368 c:\windows\system32\dllcache\hidusb.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 24960 c:\windows\system32\dllcache\hidparse.sys
+ 2012-04-19 22:53 . 2008-04-14 04:15 19200 c:\windows\system32\dllcache\hidir.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 36864 c:\windows\system32\dllcache\hidclass.sys
+ 2012-04-19 22:53 . 2008-04-14 04:16 25600 c:\windows\system32\dllcache\hidbth.sys
+ 2012-04-19 22:53 . 2008-04-14 04:06 20352 c:\windows\system32\dllcache\hidbatt.sys
+ 2008-04-14 05:41 . 2008-04-13 23:00 20992 c:\windows\system32\dllcache\hid.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 36864 c:\windows\system32\dllcache\hanjadic.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 36864 c:\windows\system32\dllcache\hanjadic.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 32256 c:\windows\system32\dllcache\gzip.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 32256 c:\windows\system32\dllcache\gzip.dll
+ 2012-04-19 22:53 . 2008-04-14 04:10 28288 c:\windows\system32\dllcache\grserial.sys
+ 2012-04-19 22:53 . 2001-08-17 17:51 82304 c:\windows\system32\dllcache\grclass.sys
+ 2012-04-19 22:53 . 2001-08-17 17:51 17408 c:\windows\system32\dllcache\gpr400.sys
+ 2012-04-19 22:53 . 2008-04-14 04:15 59136 c:\windows\system32\dllcache\gckernel.sys
+ 2012-04-19 22:53 . 2008-04-14 04:15 10624 c:\windows\system32\dllcache\gameenum.sys
+ 2012-04-19 22:53 . 2008-04-14 04:06 46464 c:\windows\system32\dllcache\gagp30kx.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 11264 c:\windows\system32\dllcache\fxssend.exe
+ 2011-03-26 03:35 . 2001-08-23 11:00 11264 c:\windows\system32\dllcache\fxssend.exe
+ 2011-03-26 03:35 . 2001-08-23 11:00 31744 c:\windows\system32\dllcache\fxsroute.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 31744 c:\windows\system32\dllcache\fxsroute.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 23552 c:\windows\system32\dllcache\fxsmon.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 23552 c:\windows\system32\dllcache\fxsmon.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 23552 c:\windows\system32\dllcache\fxsext32.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 23552 c:\windows\system32\dllcache\fxsext32.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 55296 c:\windows\system32\dllcache\fxsevent.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 55296 c:\windows\system32\dllcache\fxsevent.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 26624 c:\windows\system32\dllcache\fxsdrv.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 26624 c:\windows\system32\dllcache\fxsdrv.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 72192 c:\windows\system32\dllcache\fxscom.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 72192 c:\windows\system32\dllcache\fxscom.dll
+ 2001-08-17 13:57 . 2008-04-13 23:00 12160 c:\windows\system32\dllcache\fsvga.sys
+ 2011-03-26 03:34 . 2003-03-24 20:52 20538 c:\windows\system32\dllcache\fpremadm.exe
- 2011-03-26 03:34 . 2003-03-24 21:52 20538 c:\windows\system32\dllcache\fpremadm.exe
+ 2011-03-26 03:34 . 2003-03-24 20:52 20541 c:\windows\system32\dllcache\fpexedll.dll
- 2011-03-26 03:34 . 2003-03-24 21:52 20541 c:\windows\system32\dllcache\fpexedll.dll
+ 2011-03-26 03:35 . 2003-03-24 20:52 94208 c:\windows\system32\dllcache\fpencode.dll
- 2011-03-26 03:35 . 2003-03-24 21:52 94208 c:\windows\system32\dllcache\fpencode.dll
- 2011-03-26 03:35 . 2003-03-24 21:52 20541 c:\windows\system32\dllcache\fpadmdll.dll
+ 2011-03-26 03:35 . 2003-03-24 20:52 20541 c:\windows\system32\dllcache\fpadmdll.dll
+ 2011-03-26 03:35 . 2003-03-24 20:52 24632 c:\windows\system32\dllcache\fpadmcgi.exe
- 2011-03-26 03:35 . 2003-03-24 21:52 24632 c:\windows\system32\dllcache\fpadmcgi.exe
+ 2011-03-26 03:34 . 2003-03-24 20:52 14608 c:\windows\system32\dllcache\fp98sadm.exe
- 2011-03-26 03:34 . 2003-03-24 21:52 14608 c:\windows\system32\dllcache\fp98sadm.exe
- 2011-03-26 03:34 . 2003-03-24 21:52 49212 c:\windows\system32\dllcache\fp4awebs.dll
+ 2011-03-26 03:34 . 2003-03-24 20:52 49212 c:\windows\system32\dllcache\fp4awebs.dll
- 2011-03-26 03:34 . 2003-03-24 21:52 32826 c:\windows\system32\dllcache\fp4avss.dll
+ 2011-03-26 03:34 . 2003-03-24 20:52 32826 c:\windows\system32\dllcache\fp4avss.dll
- 2011-03-26 03:34 . 2003-03-24 21:52 41020 c:\windows\system32\dllcache\fp4avnb.dll
+ 2011-03-26 03:34 . 2003-03-24 20:52 41020 c:\windows\system32\dllcache\fp4avnb.dll
- 2011-03-26 03:34 . 2003-03-24 21:52 49210 c:\windows\system32\dllcache\fp4areg.dll
+ 2011-03-26 03:34 . 2003-03-24 20:52 49210 c:\windows\system32\dllcache\fp4areg.dll
- 2011-03-26 03:34 . 2003-03-24 21:52 82035 c:\windows\system32\dllcache\fp4anscp.dll
+ 2011-03-26 03:34 . 2003-03-24 20:52 82035 c:\windows\system32\dllcache\fp4anscp.dll
+ 2012-04-19 22:52 . 2008-04-14 02:05 34173 c:\windows\system32\dllcache\forehe.sys
+ 2012-04-19 22:52 . 2001-08-18 02:36 71680 c:\windows\system32\dllcache\fnfilter.dll
+ 2008-04-13 23:00 . 2008-04-13 23:00 20480 c:\windows\system32\dllcache\flpydisk.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 14848 c:\windows\system32\dllcache\flattemp.exe
+ 2011-03-26 03:35 . 2001-08-23 11:00 14848 c:\windows\system32\dllcache\flattemp.exe
+ 2012-04-19 22:52 . 2001-08-17 16:13 27165 c:\windows\system32\dllcache\fetnd5.sys
+ 2012-04-19 22:52 . 2001-08-17 16:10 22090 c:\windows\system32\dllcache\fem556n5.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 27392 c:\windows\system32\dllcache\fdc.sys
+ 2012-04-19 22:52 . 2001-08-17 16:12 24618 c:\windows\system32\dllcache\fa410nd5.sys
+ 2012-04-19 22:52 . 2001-08-17 16:12 16074 c:\windows\system32\dllcache\fa312nd5.sys
+ 2012-04-19 22:52 . 2001-08-17 16:11 11850 c:\windows\system32\dllcache\f3ab18xj.sys
+ 2012-04-19 22:52 . 2001-08-17 16:11 12362 c:\windows\system32\dllcache\f3ab18xi.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 14336 c:\windows\system32\dllcache\exstrace.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 14336 c:\windows\system32\dllcache\exstrace.dll
+ 2011-03-26 03:35 . 2001-08-18 02:36 12288 c:\windows\system32\dllcache\EXCH_smtpctrs.dll
- 2011-03-26 03:35 . 2001-08-18 03:36 12288 c:\windows\system32\dllcache\EXCH_smtpctrs.dll
- 2011-03-26 03:35 . 2001-08-18 03:36 26112 c:\windows\system32\dllcache\EXCH_seos.dll
+ 2011-03-26 03:35 . 2001-08-18 02:36 26112 c:\windows\system32\dllcache\EXCH_seos.dll
+ 2011-03-26 03:35 . 2001-08-18 02:36 57856 c:\windows\system32\dllcache\EXCH_scripto.dll
- 2011-03-26 03:35 . 2001-08-18 03:36 57856 c:\windows\system32\dllcache\EXCH_scripto.dll
+ 2011-03-26 03:35 . 2001-08-18 02:36 23040 c:\windows\system32\dllcache\EXCH_regtrace.exe
- 2011-03-26 03:35 . 2001-08-18 03:36 23040 c:\windows\system32\dllcache\EXCH_regtrace.exe
+ 2011-03-26 03:35 . 2001-08-18 02:36 38912 c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
- 2011-03-26 03:35 . 2001-08-18 03:36 38912 c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
+ 2011-03-26 03:35 . 2001-08-18 02:36 65536 c:\windows\system32\dllcache\EXCH_mailmsg.dll
- 2011-03-26 03:35 . 2001-08-18 03:36 65536 c:\windows\system32\dllcache\EXCH_mailmsg.dll
+ 2011-03-26 03:35 . 2001-08-18 02:36 43520 c:\windows\system32\dllcache\EXCH_fcachdll.dll
- 2011-03-26 03:35 . 2001-08-18 03:36 43520 c:\windows\system32\dllcache\EXCH_fcachdll.dll
+ 2011-03-26 03:34 . 2001-08-18 02:36 45056 c:\windows\system32\dllcache\EXCH_aqadmin.dll
- 2011-03-26 03:34 . 2001-08-18 03:36 45056 c:\windows\system32\dllcache\EXCH_aqadmin.dll
+ 2012-04-19 22:52 . 2001-08-17 16:12 16998 c:\windows\system32\dllcache\ex10.sys
+ 2011-03-26 03:35 . 2008-04-14 04:42 92160 c:\windows\system32\dllcache\evntwin.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 92160 c:\windows\system32\dllcache\evntwin.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 24064 c:\windows\system32\dllcache\evntcmd.exe
+ 2011-03-26 03:35 . 2008-04-14 04:42 24064 c:\windows\system32\dllcache\evntcmd.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 25856 c:\windows\system32\dllcache\et4000.sys
+ 2011-03-26 03:35 . 2001-08-23 11:00 25856 c:\windows\system32\dllcache\et4000.sys
+ 2011-03-26 03:35 . 2001-08-23 11:00 45056 c:\windows\system32\dllcache\esunid.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 45056 c:\windows\system32\dllcache\esunid.dll
+ 2012-04-19 22:52 . 2001-08-18 02:36 45568 c:\windows\system32\dllcache\esunib.dll
+ 2012-04-19 22:52 . 2001-08-18 02:36 45568 c:\windows\system32\dllcache\esuni.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 57856 c:\windows\system32\dllcache\esuimgd.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 57856 c:\windows\system32\dllcache\esuimgd.dll
+ 2012-04-19 22:52 . 2001-08-18 02:36 34816 c:\windows\system32\dllcache\esuimg.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 31744 c:\windows\system32\dllcache\esucmd.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 31744 c:\windows\system32\dllcache\esucmd.dll
+ 2012-04-19 22:52 . 2001-08-18 02:36 43008 c:\windows\system32\dllcache\esucm.dll
+ 2012-04-19 22:52 . 2001-08-17 16:19 63360 c:\windows\system32\dllcache\ess.sys
+ 2012-04-19 22:52 . 2001-08-17 16:19 72192 c:\windows\system32\dllcache\es1969.sys
+ 2012-04-19 22:52 . 2001-08-17 16:19 40704 c:\windows\system32\dllcache\es1371mp.sys
+ 2012-04-19 22:52 . 2001-08-17 16:19 37120 c:\windows\system32\dllcache\es1370mp.sys
+ 2012-04-19 22:52 . 2001-08-18 02:36 61952 c:\windows\system32\dllcache\eqnloop.exe
+ 2012-04-19 22:52 . 2001-08-18 02:36 51200 c:\windows\system32\dllcache\eqnlogr.exe
+ 2012-04-19 22:51 . 2001-08-17 16:12 18503 c:\windows\system32\dllcache\epro4.sys
+ 2012-04-19 22:51 . 2001-08-17 16:10 19996 c:\windows\system32\dllcache\em556n4.sys
+ 2012-04-19 22:51 . 2001-08-17 16:10 25159 c:\windows\system32\dllcache\elnk3.sys
+ 2012-04-19 22:51 . 2001-08-17 16:11 70174 c:\windows\system32\dllcache\el98xn5.sys
+ 2012-04-19 22:51 . 2001-08-17 16:11 66591 c:\windows\system32\dllcache\el90xbc5.sys
+ 2012-04-19 22:51 . 2001-08-17 16:11 77386 c:\windows\system32\dllcache\el656nd5.sys
+ 2012-04-19 22:51 . 2001-08-17 16:11 69194 c:\windows\system32\dllcache\el656cd5.sys
+ 2012-04-19 22:51 . 2001-08-17 16:10 26141 c:\windows\system32\dllcache\el589nd5.sys
+ 2012-04-19 22:51 . 2001-08-17 16:10 69692 c:\windows\system32\dllcache\el575nd5.sys
+ 2012-04-19 22:51 . 2001-08-17 16:10 24653 c:\windows\system32\dllcache\el574nd4.sys
+ 2012-04-19 22:51 . 2001-08-17 16:10 55999 c:\windows\system32\dllcache\el556nd5.sys
+ 2012-04-19 22:51 . 2001-08-17 16:10 44103 c:\windows\system32\dllcache\el515.sys
+ 2012-04-19 22:51 . 2001-08-17 16:12 19594 c:\windows\system32\dllcache\e100isa4.sys
+ 2012-04-19 22:51 . 2001-08-17 16:12 50719 c:\windows\system32\dllcache\e1000nt5.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 71168 c:\windows\system32\dllcache\dxg.sys
+ 2012-04-19 22:51 . 2001-08-17 18:07 20192 c:\windows\system32\dllcache\dpti2o.sys
+ 2012-04-19 22:51 . 2001-08-17 16:12 28062 c:\windows\system32\dllcache\dp83820.sys
+ 2012-04-19 22:51 . 2001-08-17 16:11 29696 c:\windows\system32\dllcache\dm9pci5.sys
+ 2012-04-19 22:51 . 2001-08-17 16:11 26698 c:\windows\system32\dllcache\dlh5xnd5.sys
+ 2012-04-19 22:51 . 2001-08-18 02:36 29768 c:\windows\system32\dllcache\divasu.dll
+ 2012-04-19 22:51 . 2001-08-18 02:36 37962 c:\windows\system32\dllcache\divaprop.dll
+ 2012-04-19 22:51 . 2001-08-18 02:36 38985 c:\windows\system32\dllcache\disrvsu.dll
+ 2012-04-19 22:51 . 2001-08-18 02:36 31305 c:\windows\system32\dllcache\disrvpp.dll
+ 2008-04-13 23:00 . 2008-04-13 23:00 36352 c:\windows\system32\dllcache\disk.sys
+ 2012-04-19 22:50 . 2001-08-17 16:17 42432 c:\windows\system32\dllcache\digirlpt.sys
+ 2012-04-19 22:50 . 2001-08-17 16:14 21606 c:\windows\system32\dllcache\digiisdn.sys
+ 2012-04-19 22:50 . 2001-08-18 02:36 41046 c:\windows\system32\dllcache\digiisdn.dll
+ 2012-04-19 22:50 . 2001-08-17 16:17 90525 c:\windows\system32\dllcache\digifep5.sys
+ 2012-04-19 22:50 . 2001-08-17 16:13 37735 c:\windows\system32\dllcache\digiasyn.sys
+ 2012-04-19 22:50 . 2001-08-18 02:36 65622 c:\windows\system32\dllcache\digiasyn.dll
+ 2012-04-19 22:49 . 2001-08-18 02:36 32256 c:\windows\system32\dllcache\diapi2NT.dll
+ 2012-04-19 22:50 . 2001-08-17 16:17 29531 c:\windows\system32\dllcache\dgapci.sys
+ 2012-04-19 22:50 . 2001-08-17 16:11 24649 c:\windows\system32\dllcache\dfe650d.sys
+ 2012-04-19 22:50 . 2001-08-17 16:11 24648 c:\windows\system32\dllcache\dfe650.sys
+ 2012-04-19 22:50 . 2001-08-18 02:36 24064 c:\windows\system32\dllcache\devldr32.exe
+ 2012-04-19 22:50 . 2001-08-17 16:11 20928 c:\windows\system32\dllcache\defpa.sys
+ 2012-04-19 22:50 . 2001-08-18 02:36 86016 c:\windows\system32\dllcache\dc240usd.dll
+ 2012-04-19 22:50 . 2001-08-17 16:12 63208 c:\windows\system32\dllcache\dc21x4.sys
+ 2012-04-19 22:50 . 2001-08-18 02:36 80896 c:\windows\system32\dllcache\dc210usd.dll
+ 2012-04-19 22:50 . 2001-08-18 02:36 25600 c:\windows\system32\dllcache\dc210_32.dll
+ 2011-03-26 03:34 . 2008-04-14 04:42 42496 c:\windows\system32\dllcache\davcdata.exe
- 2011-03-26 03:34 . 2008-04-13 23:00 42496 c:\windows\system32\dllcache\davcdata.exe
+ 2012-04-19 22:50 . 2001-08-17 17:52 14720 c:\windows\system32\dllcache\dac960nt.sys
+ 2012-04-19 22:50 . 2001-08-18 02:36 27648 c:\windows\system32\dllcache\cyzports.dll
+ 2012-04-19 22:50 . 2001-08-17 17:50 49792 c:\windows\system32\dllcache\cyzport.sys
+ 2012-04-19 22:50 . 2001-08-18 02:36 27136 c:\windows\system32\dllcache\cyzcoins.dll
+ 2012-04-19 22:50 . 2001-08-18 02:36 27648 c:\windows\system32\dllcache\cyyports.dll
+ 2012-04-19 22:50 . 2001-08-17 17:50 50176 c:\windows\system32\dllcache\cyyport.sys
+ 2012-04-19 22:50 . 2001-08-18 02:36 28672 c:\windows\system32\dllcache\cyycoins.dll
+ 2012-04-19 22:50 . 2001-08-17 17:50 14848 c:\windows\system32\dllcache\cyclom-y.sys
+ 2012-04-19 22:50 . 2001-08-17 17:50 17152 c:\windows\system32\dllcache\cyclad-z.sys
+ 2012-04-19 22:50 . 2008-04-14 02:06 48640 c:\windows\system32\dllcache\cwrwdm.sys
+ 2012-04-19 22:50 . 2001-08-17 16:19 93952 c:\windows\system32\dllcache\cwcwdm.sys
+ 2012-04-19 22:50 . 2001-08-17 16:19 72832 c:\windows\system32\dllcache\cwbwdm.sys
+ 2012-04-19 22:50 . 2001-08-17 16:19 96256 c:\windows\system32\dllcache\ctlsb16.sys
+ 2008-04-14 00:01 . 2008-04-13 23:00 36736 c:\windows\system32\dllcache\crusoe.sys
+ 2012-04-19 22:50 . 2001-08-17 16:19 42112 c:\windows\system32\dllcache\crtaud.sys
- 2011-03-26 03:34 . 2008-04-13 23:00 18944 c:\windows\system32\dllcache\cprofile.exe
+ 2011-03-26 03:34 . 2001-08-23 11:00 18944 c:\windows\system32\dllcache\cprofile.exe
+ 2012-04-19 22:50 . 2001-08-17 16:11 60970 c:\windows\system32\dllcache\cpqtrnd5.sys
+ 2012-04-19 22:50 . 2001-08-17 16:13 21533 c:\windows\system32\dllcache\cpqndis5.sys
+ 2001-08-17 13:24 . 2008-04-13 23:00 11776 c:\windows\system32\dllcache\cpqdap01.sys
+ 2012-04-19 22:50 . 2001-08-17 17:52 14976 c:\windows\system32\dllcache\cpqarray.sys
+ 2011-03-26 03:34 . 2008-04-13 21:13 57399 c:\windows\system32\dllcache\cplexe.exe
- 2011-03-26 03:34 . 2008-04-13 23:00 57399 c:\windows\system32\dllcache\cplexe.exe
- 2011-03-26 03:34 . 2008-04-13 23:00 20480 c:\windows\system32\dllcache\counters.dll
+ 2011-03-26 03:34 . 2001-08-23 11:00 20480 c:\windows\system32\dllcache\counters.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 56320 c:\windows\system32\dllcache\convlog.exe
+ 2011-03-26 03:34 . 2001-08-23 11:00 56320 c:\windows\system32\dllcache\convlog.exe
+ 2011-03-26 03:34 . 2001-08-23 11:00 33792 c:\windows\system32\dllcache\controt.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 33792 c:\windows\system32\dllcache\controt.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 24064 c:\windows\system32\dllcache\compfilt.dll
+ 2011-03-26 03:34 . 2008-04-14 04:41 24064 c:\windows\system32\dllcache\compfilt.dll
+ 2008-04-13 23:00 . 2008-04-13 23:00 32816 c:\windows\system32\dllcache\commdlg.dll
- 2011-03-26 01:03 . 2008-04-13 23:00 32816 c:\windows\system32\dllcache\commdlg.dll
+ 2011-03-26 03:34 . 2008-04-14 04:41 46592 c:\windows\system32\dllcache\coadmin.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 46592 c:\windows\system32\dllcache\coadmin.dll
+ 2012-04-19 22:49 . 2001-08-17 16:11 39936 c:\windows\system32\dllcache\cnxt1803.sys
+ 2012-04-19 22:49 . 2001-08-18 02:36 44032 c:\windows\system32\dllcache\cnusd.dll
+ 2008-04-14 05:41 . 2008-04-13 23:00 47104 c:\windows\system32\dllcache\cnbjmon.dll
+ 2012-04-19 22:49 . 2001-08-17 17:51 20736 c:\windows\system32\dllcache\cmbp0wdm.sys
+ 2012-04-19 22:49 . 2008-04-14 04:06 13952 c:\windows\system32\dllcache\cmbatt.sys
+ 2012-04-19 22:49 . 2001-08-17 17:57 45696 c:\windows\system32\dllcache\cirrus.sys
+ 2012-04-19 22:49 . 2001-08-17 18:56 91264 c:\windows\system32\dllcache\cirrus.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 56320 c:\windows\system32\dllcache\chtskdic.dll
+ 2011-03-26 03:34 . 2008-04-14 04:39 56320 c:\windows\system32\dllcache\chtskdic.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 97792 c:\windows\system32\dllcache\chtmbx.dll
+ 2011-03-26 03:34 . 2008-04-14 04:39 97792 c:\windows\system32\dllcache\chtmbx.dll
+ 2011-03-26 03:34 . 2001-08-23 11:00 14336 c:\windows\system32\dllcache\chgusr.exe
- 2011-03-26 03:34 . 2008-04-13 23:00 14336 c:\windows\system32\dllcache\chgusr.exe
+ 2011-03-26 03:34 . 2001-08-23 11:00 15872 c:\windows\system32\dllcache\chgport.exe
- 2011-03-26 03:34 . 2008-04-13 23:00 15872 c:\windows\system32\dllcache\chgport.exe
- 2011-03-26 03:34 . 2008-04-13 23:00 13312 c:\windows\system32\dllcache\chglogon.exe
+ 2011-03-26 03:34 . 2001-08-23 11:00 13312 c:\windows\system32\dllcache\chglogon.exe
+ 2012-04-19 22:49 . 2008-04-14 09:41 15423 c:\windows\system32\dllcache\ch7xxnt5.dll
+ 2012-04-19 22:49 . 2001-08-17 16:13 49182 c:\windows\system32\dllcache\cem56n5.sys
+ 2012-04-19 22:49 . 2001-08-17 16:13 22044 c:\windows\system32\dllcache\cem33n5.sys
+ 2012-04-19 22:49 . 2001-08-17 16:13 22044 c:\windows\system32\dllcache\cem28n5.sys
+ 2012-04-19 22:49 . 2001-08-17 16:13 27164 c:\windows\system32\dllcache\ce3n5.sys
+ 2012-04-19 22:49 . 2001-08-17 16:13 21530 c:\windows\system32\dllcache\ce2n5.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 62976 c:\windows\system32\dllcache\cdrom.sys
+ 2001-08-17 13:52 . 2008-04-13 23:00 18688 c:\windows\system32\dllcache\cdaudio.sys
+ 2012-04-19 22:49 . 2008-04-14 04:16 17024 c:\windows\system32\dllcache\ccdecode.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 13952 c:\windows\system32\dllcache\cbidf2k.sys
+ 2012-04-19 22:49 . 2001-08-17 16:13 46108 c:\windows\system32\dllcache\cben5.sys
+ 2012-04-19 22:49 . 2001-08-17 16:12 39680 c:\windows\system32\dllcache\cb325.sys
+ 2012-04-19 22:49 . 2001-08-17 16:12 37916 c:\windows\system32\dllcache\cb102.sys
- 2011-03-26 03:34 . 2008-04-13 23:00 54528 c:\windows\system32\dllcache\cap7146.sys
+ 2011-03-26 03:34 . 2001-08-23 11:00 54528 c:\windows\system32\dllcache\cap7146.sys
+ 2012-04-19 22:49 . 2001-08-18 02:36 74240 c:\windows\system32\dllcache\camexo20.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 10752 c:\windows\system32\dllcache\c_iscii.dll
+ 2011-03-26 03:34 . 2001-08-23 11:00 10752 c:\windows\system32\dllcache\c_iscii.dll
+ 2012-04-19 22:49 . 2001-08-17 17:51 13824 c:\windows\system32\dllcache\bulltlp3.sys
+ 2012-04-19 22:49 . 2008-04-14 04:16 18944 c:\windows\system32\dllcache\bthusb.sys
+ 2012-04-19 22:49 . 2008-04-14 04:16 36480 c:\windows\system32\dllcache\bthprint.sys
+ 2012-04-19 22:49 . 2008-04-14 04:16 37888 c:\windows\system32\dllcache\bthmodem.sys
+ 2012-04-19 22:49 . 2008-04-14 04:16 17024 c:\windows\system32\dllcache\bthenum.sys
+ 2012-04-19 22:49 . 2001-08-17 16:11 31529 c:\windows\system32\dllcache\brzwlan.sys
+ 2012-04-19 22:49 . 2001-08-17 17:12 10368 c:\windows\system32\dllcache\brusbscn.sys
+ 2012-04-19 22:49 . 2001-08-17 17:12 11008 c:\windows\system32\dllcache\brusbmdm.sys
+ 2012-04-19 22:49 . 2001-08-17 17:12 60416 c:\windows\system32\dllcache\brserwdm.sys
+ 2012-04-19 22:49 . 2001-08-17 17:12 39552 c:\windows\system32\dllcache\brparwdm.sys
- 2011-03-26 03:34 . 2008-04-13 23:00 45568 c:\windows\system32\dllcache\browscap.dll
+ 2011-03-26 03:34 . 2001-08-23 11:00 45568 c:\windows\system32\dllcache\browscap.dll
+ 2012-04-19 22:49 . 2001-08-18 02:36 41472 c:\windows\system32\dllcache\brmfusb.dll
+ 2012-04-19 22:49 . 2001-08-18 02:36 32256 c:\windows\system32\dllcache\brmfrsmg.exe
+ 2012-04-19 22:49 . 2001-08-18 02:36 29696 c:\windows\system32\dllcache\brmflpt.dll
+ 2012-04-19 22:49 . 2001-08-18 02:36 81408 c:\windows\system32\dllcache\brmfcwia.dll
+ 2012-04-19 22:49 . 2001-08-18 02:36 15360 c:\windows\system32\dllcache\brmfbidi.dll
+ 2012-04-19 22:49 . 2001-08-17 17:12 12160 c:\windows\system32\dllcache\brfiltlo.sys
+ 2012-04-19 22:49 . 2001-08-18 02:36 12800 c:\windows\system32\dllcache\brevif.dll
+ 2012-04-19 22:49 . 2001-08-18 02:36 19456 c:\windows\system32\dllcache\brbidiif.dll
+ 2012-04-19 22:48 . 2008-04-14 04:16 11776 c:\windows\system32\dllcache\bdasup.sys
+ 2012-04-19 22:48 . 2001-08-17 16:11 26568 c:\windows\system32\dllcache\bcm4e5.sys
+ 2012-04-19 22:48 . 2001-08-17 16:11 54271 c:\windows\system32\dllcache\bcm42xx5.sys
+ 2012-04-19 22:48 . 2001-08-17 16:11 66557 c:\windows\system32\dllcache\bcm42u.sys
+ 2012-04-19 22:48 . 2008-04-14 04:06 14208 c:\windows\system32\dllcache\battc.sys
+ 2012-04-19 22:48 . 2001-08-17 16:48 36128 c:\windows\system32\dllcache\banshee.sys
+ 2012-04-19 22:48 . 2001-08-17 16:13 89952 c:\windows\system32\dllcache\b1cbase.sys
+ 2012-04-19 22:48 . 2001-08-17 16:19 36992 c:\windows\system32\dllcache\aztw2320.sys
+ 2012-04-19 22:48 . 2001-08-17 16:13 37568 c:\windows\system32\dllcache\avmwan.sys
+ 2012-04-19 22:48 . 2001-08-18 02:36 87552 c:\windows\system32\dllcache\avmcoxp.dll
- 2011-03-26 01:03 . 2008-04-13 23:00 69584 c:\windows\system32\dllcache\avicap.dll
+ 2008-04-13 23:00 . 2008-04-13 23:00 69584 c:\windows\system32\dllcache\avicap.dll
+ 2012-04-19 22:48 . 2008-04-14 04:16 13696 c:\windows\system32\dllcache\avcstrm.sys
+ 2012-04-19 22:48 . 2001-08-17 18:01 36096 c:\windows\system32\dllcache\avcaudio.sys
+ 2012-04-19 22:48 . 2008-04-14 04:16 38912 c:\windows\system32\dllcache\avc.sys
+ 2011-03-26 03:34 . 2003-03-24 20:52 16439 c:\windows\system32\dllcache\author.exe
- 2011-03-26 03:34 . 2003-03-24 21:52 16439 c:\windows\system32\dllcache\author.exe
+ 2011-03-26 03:34 . 2003-03-24 20:52 20540 c:\windows\system32\dllcache\author.dll
- 2011-03-26 03:34 . 2003-03-24 21:52 20540 c:\windows\system32\dllcache\author.dll
+ 2012-04-19 22:48 . 2008-04-14 09:41 17279 c:\windows\system32\dllcache\atv10nt5.dll
+ 2012-04-19 22:48 . 2008-04-14 09:41 14143 c:\windows\system32\dllcache\atv06nt5.dll
+ 2012-04-19 22:48 . 2008-04-14 09:41 25471 c:\windows\system32\dllcache\atv04nt5.dll
+ 2012-04-19 22:48 . 2008-04-14 09:41 11359 c:\windows\system32\dllcache\atv02nt5.dll
+ 2012-04-19 22:48 . 2008-04-14 09:41 21183 c:\windows\system32\dllcache\atv01nt5.dll
+ 2012-04-19 22:48 . 2001-08-17 16:49 23552 c:\windows\system32\dllcache\atixbar.sys
+ 2012-04-19 22:48 . 2001-08-17 16:49 26624 c:\windows\system32\dllcache\ativxbar.sys
+ 2012-04-19 22:48 . 2001-08-17 16:49 19456 c:\windows\system32\dllcache\ativttxx.sys
+ 2012-04-19 22:48 . 2008-04-14 09:41 32768 c:\windows\system32\dllcache\ativtmxx.dll
+ 2012-04-19 22:48 . 2001-08-17 16:49 17152 c:\windows\system32\dllcache\atitvsnd.sys
+ 2012-04-19 22:48 . 2001-08-17 16:49 17152 c:\windows\system32\dllcache\atitunep.sys
+ 2012-04-19 22:48 . 2001-08-17 16:49 26880 c:\windows\system32\dllcache\atirtsnd.sys
+ 2012-04-19 22:48 . 2001-08-17 16:49 49920 c:\windows\system32\dllcache\atirtcap.sys
+ 2012-04-19 22:48 . 2001-08-17 16:48 70528 c:\windows\system32\dllcache\atiragem.sys
+ 2012-04-19 22:48 . 2001-08-17 16:49 10240 c:\windows\system32\dllcache\atipcxxx.sys
+ 2012-04-19 22:48 . 2008-04-14 02:04 63488 c:\windows\system32\dllcache\atinxsxx.sys
+ 2012-04-19 22:48 . 2008-04-14 02:04 31744 c:\windows\system32\dllcache\atinxbxx.sys
+ 2012-04-19 22:48 . 2008-04-14 02:04 73216 c:\windows\system32\dllcache\atintuxx.sys
+ 2012-04-19 22:48 . 2008-04-14 02:04 13824 c:\windows\system32\dllcache\atinttxx.sys
+ 2012-04-19 22:48 . 2008-04-14 02:04 28672 c:\windows\system32\dllcache\atinsnxx.sys
+ 2012-04-19 22:48 . 2008-04-14 02:04 52224 c:\windows\system32\dllcache\atinraxx.sys
+ 2012-04-19 22:48 . 2008-04-14 02:04 14336 c:\windows\system32\dllcache\atinpdxx.sys
+ 2012-04-19 22:48 . 2008-04-14 02:04 13824 c:\windows\system32\dllcache\atinmdxx.sys
+ 2012-04-19 22:48 . 2008-04-14 02:04 57856 c:\windows\system32\dllcache\atinbtxx.sys
+ 2012-04-19 22:48 . 2001-08-17 16:49 75136 c:\windows\system32\dllcache\atimpae.sys
+ 2012-04-19 22:48 . 2001-08-18 02:36 37376 c:\windows\system32\dllcache\atievxx.exe
+ 2012-04-19 22:48 . 2001-08-17 16:49 46464 c:\windows\system32\dllcache\atibt829.sys
+ 2012-04-19 22:48 . 2008-04-14 02:04 34735 c:\windows\system32\dllcache\ati1xsxx.sys
+ 2012-04-19 22:48 . 2008-04-14 02:04 29455 c:\windows\system32\dllcache\ati1xbxx.sys
+ 2012-04-19 22:48 . 2008-04-14 02:04 36463 c:\windows\system32\dllcache\ati1tuxx.sys
+ 2012-04-19 22:48 . 2008-04-14 02:04 21343 c:\windows\system32\dllcache\ati1ttxx.sys
+ 2012-04-19 22:48 . 2008-04-14 02:04 26367 c:\windows\system32\dllcache\ati1snxx.sys
+ 2012-04-19 22:48 . 2008-04-14 02:04 63663 c:\windows\system32\dllcache\ati1rvxx.sys
+ 2012-04-19 22:48 . 2008-04-14 02:04 30671 c:\windows\system32\dllcache\ati1raxx.sys
+ 2012-04-19 22:48 . 2008-04-14 02:04 12047 c:\windows\system32\dllcache\ati1pdxx.sys
+ 2012-04-19 22:48 . 2008-04-14 02:04 11615 c:\windows\system32\dllcache\ati1mdxx.sys
+ 2012-04-19 22:48 . 2008-04-14 02:04 56623 c:\windows\system32\dllcache\ati1btxx.sys
+ 2012-04-19 22:48 . 2001-08-17 17:57 77568 c:\windows\system32\dllcache\ati.sys
+ 2012-04-19 22:48 . 2001-08-17 18:55 96128 c:\windows\system32\dllcache\ati.dll
+ 2008-04-13 23:00 . 2008-04-13 23:00 96512 c:\windows\system32\dllcache\atapi.sys
- 2011-03-26 03:34 . 2008-04-13 23:00 29184 c:\windows\system32\dllcache\asptxn.dll
+ 2011-03-26 03:34 . 2001-08-23 11:00 29184 c:\windows\system32\dllcache\asptxn.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 10240 c:\windows\system32\dllcache\aspperf.dll
+ 2011-03-26 03:34 . 2001-08-23 11:00 10240 c:\windows\system32\dllcache\aspperf.dll
+ 2012-04-19 22:48 . 2001-08-17 16:12 97354 c:\windows\system32\dllcache\aspndis3.sys
+ 2012-04-19 22:48 . 2001-08-17 17:51 14848 c:\windows\system32\dllcache\asc3550.sys
+ 2012-04-19 22:48 . 2001-08-17 17:52 22400 c:\windows\system32\dllcache\asc3350p.sys
+ 2012-04-19 22:48 . 2001-08-17 17:52 26496 c:\windows\system32\dllcache\asc.sys
+ 2008-04-14 00:21 . 2008-04-13 23:00 60800 c:\windows\system32\dllcache\arp1394.sys
+ 2012-04-19 22:48 . 2008-04-14 02:05 36224 c:\windows\system32\dllcache\an983.sys
+ 2012-04-19 22:48 . 2001-08-17 17:52 12032 c:\windows\system32\dllcache\amsint.sys
+ 2008-04-14 00:01 . 2008-04-13 23:00 37760 c:\windows\system32\dllcache\amdk7.sys
+ 2008-04-14 00:01 . 2008-04-13 23:00 37376 c:\windows\system32\dllcache\amdk6.sys
+ 2012-04-19 22:48 . 2008-04-14 04:06 43008 c:\windows\system32\dllcache\amdagp.sys
+ 2012-04-19 22:48 . 2001-08-17 16:11 16969 c:\windows\system32\dllcache\amb8002.sys
+ 2012-04-19 22:48 . 2008-04-14 04:06 42752 c:\windows\system32\dllcache\alim1541.sys
+ 2012-04-19 22:48 . 2001-08-17 17:49 26624 c:\windows\system32\dllcache\alifir.sys
+ 2012-04-19 22:48 . 2001-08-17 16:11 27678 c:\windows\system32\dllcache\ali5261.sys
+ 2012-04-19 22:48 . 2001-08-17 18:07 56960 c:\windows\system32\dllcache\aic78xx.sys
+ 2012-04-19 22:48 . 2001-08-17 18:07 55168 c:\windows\system32\dllcache\aic78u2.sys
+ 2012-04-19 22:48 . 2001-08-17 17:52 12800 c:\windows\system32\dllcache\aha154x.sys
+ 2011-03-26 03:34 . 2007-04-02 22:56 19456 c:\windows\system32\dllcache\agt0804.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 19456 c:\windows\system32\dllcache\agt0804.dll
+ 2011-03-26 03:34 . 2007-04-02 22:56 19456 c:\windows\system32\dllcache\agt0412.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 19456 c:\windows\system32\dllcache\agt0412.dll
+ 2011-03-26 03:34 . 2007-04-02 22:56 19456 c:\windows\system32\dllcache\agt0411.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 19456 c:\windows\system32\dllcache\agt0411.dll
+ 2011-03-26 03:34 . 2007-04-02 22:56 19456 c:\windows\system32\dllcache\agt040d.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 19456 c:\windows\system32\dllcache\agt040d.dll
+ 2011-03-26 03:34 . 2007-04-02 22:56 19456 c:\windows\system32\dllcache\agt0404.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 19456 c:\windows\system32\dllcache\agt0404.dll
+ 2011-03-26 03:34 . 2007-04-02 22:56 19456 c:\windows\system32\dllcache\agt0401.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 19456 c:\windows\system32\dllcache\agt0401.dll
+ 2012-04-19 22:48 . 2008-04-14 04:06 44928 c:\windows\system32\dllcache\agpcpq.sys
+ 2012-04-19 22:48 . 2008-04-14 04:06 42368 c:\windows\system32\dllcache\agp440.sys
- 2011-03-26 03:34 . 2008-04-13 23:00 49664 c:\windows\system32\dllcache\adrot.dll
+ 2011-03-26 03:34 . 2001-08-23 11:00 49664 c:\windows\system32\dllcache\adrot.dll
+ 2012-04-19 22:48 . 2001-08-17 16:11 46112 c:\windows\system32\dllcache\adptsf50.sys
+ 2011-03-26 03:34 . 2008-04-14 04:41 43520 c:\windows\system32\dllcache\admwprox.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 43520 c:\windows\system32\dllcache\admwprox.dll
- 2011-03-26 03:34 . 2003-03-24 21:52 16439 c:\windows\system32\dllcache\admin.exe
+ 2011-03-26 03:34 . 2003-03-24 20:52 16439 c:\windows\system32\dllcache\admin.exe
- 2011-03-26 03:34 . 2003-03-24 21:52 20540 c:\windows\system32\dllcache\admin.dll
+ 2011-03-26 03:34 . 2003-03-24 20:52 20540 c:\windows\system32\dllcache\admin.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 29696 c:\windows\system32\dllcache\admexs.dll
+ 2011-03-26 03:34 . 2008-04-14 04:41 29696 c:\windows\system32\dllcache\admexs.dll
+ 2012-04-19 22:47 . 2001-08-17 16:11 20160 c:\windows\system32\dllcache\adm8511.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 11648 c:\windows\system32\dllcache\acpiec.sys
+ 2012-04-19 22:47 . 2001-08-18 02:36 61440 c:\windows\system32\dllcache\acerscad.dll
+ 2012-04-19 22:47 . 2008-04-14 02:06 84480 c:\windows\system32\dllcache\ac97via.sys
+ 2012-04-19 22:47 . 2001-08-17 16:20 96256 c:\windows\system32\dllcache\ac97intc.sys
+ 2012-04-19 22:47 . 2001-08-17 17:52 23552 c:\windows\system32\dllcache\abp480n5.sys
+ 2012-04-19 22:47 . 2001-08-17 18:55 38400 c:\windows\system32\dllcache\8514a.dll
+ 2012-04-19 22:47 . 2008-04-14 04:16 48128 c:\windows\system32\dllcache\61883.sys
+ 2012-04-19 22:47 . 2008-04-14 04:10 12288 c:\windows\system32\dllcache\4mmdat.sys
+ 2012-04-19 22:47 . 2001-08-17 18:06 11264 c:\windows\system32\dllcache\1394vdbg.sys
+ 2012-04-19 22:47 . 2008-04-14 04:16 53376 c:\windows\system32\dllcache\1394bus.sys
+ 2012-04-19 23:10 . 2008-04-14 09:42 8192 c:\windows\system32\dllcache\wshirda.dll
+ 2012-04-19 23:10 . 2008-04-14 04:06 8832 c:\windows\system32\dllcache\wmiacpi.sys
- 2011-03-26 03:34 . 2008-04-13 23:00 7168 c:\windows\system32\dllcache\wamregps.dll
+ 2011-03-26 03:34 . 2001-08-23 11:00 7168 c:\windows\system32\dllcache\wamregps.dll
- 2011-03-26 03:36 . 2008-04-13 23:00 9216 c:\windows\system32\dllcache\wamps51.dll
+ 2011-03-26 03:36 . 2001-08-23 11:00 9216 c:\windows\system32\dllcache\wamps51.dll
- 2011-03-26 03:36 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\w3svapi.dll
+ 2011-03-26 03:36 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\w3svapi.dll
+ 2011-03-26 03:36 . 2001-08-23 11:00 4608 c:\windows\system32\dllcache\w3ctrs51.dll
- 2011-03-26 03:36 . 2008-04-13 23:00 4608 c:\windows\system32\dllcache\w3ctrs51.dll
+ 2012-04-19 23:09 . 2008-04-14 04:10 5376 c:\windows\system32\dllcache\viaide.sys
- 2011-03-26 01:03 . 2008-04-13 23:00 2176 c:\windows\system32\dllcache\vga.drv
+ 2008-04-13 23:00 . 2008-04-13 23:00 2176 c:\windows\system32\dllcache\vga.drv
+ 2012-04-19 23:09 . 2001-08-17 17:28 7556 c:\windows\system32\dllcache\usroslba.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 4736 c:\windows\system32\dllcache\usbd.sys
+ 2001-08-17 22:36 . 2009-11-27 16:07 8704 c:\windows\system32\dllcache\tsbyuv.dll
- 2009-11-27 16:07 . 2009-11-27 16:07 8704 c:\windows\system32\dllcache\tsbyuv.dll
+ 2012-04-19 23:07 . 2001-08-17 17:51 4992 c:\windows\system32\dllcache\toside.sys
- 2011-03-26 01:03 . 2008-04-13 23:00 4048 c:\windows\system32\dllcache\timer.drv
+ 2008-04-13 23:00 . 2008-04-13 23:00 4048 c:\windows\system32\dllcache\timer.drv
+ 2012-04-19 23:07 . 2001-08-17 17:52 7040 c:\windows\system32\dllcache\tandqic.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 3360 c:\windows\system32\dllcache\system.drv
- 2011-03-26 01:03 . 2008-04-13 23:00 3360 c:\windows\system32\dllcache\system.drv
+ 2012-04-19 23:06 . 2001-08-17 18:02 3968 c:\windows\system32\dllcache\swusbflt.sys
+ 2008-04-14 00:09 . 2008-04-13 23:00 4352 c:\windows\system32\dllcache\swenum.sys
- 2011-03-26 03:34 . 2008-04-13 23:00 8192 c:\windows\system32\dllcache\staxmem.dll
+ 2011-03-26 03:34 . 2008-04-14 04:42 8192 c:\windows\system32\dllcache\staxmem.dll
+ 2008-04-13 23:00 . 2008-04-13 23:00 1744 c:\windows\system32\dllcache\sound.drv
- 2011-03-26 01:03 . 2008-04-13 23:00 1744 c:\windows\system32\dllcache\sound.drv
+ 2012-04-19 23:05 . 2001-08-17 17:53 9600 c:\windows\system32\dllcache\sonymc.sys
+ 2012-04-19 23:05 . 2008-04-14 04:10 7552 c:\windows\system32\dllcache\sonyait.sys
+ 2012-04-19 23:05 . 2001-08-17 17:53 7040 c:\windows\system32\dllcache\snyaitmc.sys
+ 2011-03-26 03:35 . 2008-04-14 04:42 8704 c:\windows\system32\dllcache\snmptrap.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 8704 c:\windows\system32\dllcache\snmptrap.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 6144 c:\windows\system32\dllcache\snmpmib.dll
+ 2011-03-26 03:35 . 2008-04-14 04:42 6144 c:\windows\system32\dllcache\snmpmib.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\smimsgif.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\smimsgif.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\smierrsy.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\smierrsy.dll
+ 2012-04-19 23:05 . 2001-08-17 17:57 6784 c:\windows\system32\dllcache\smbhc.sys
+ 2012-04-19 23:05 . 2008-04-14 04:06 6912 c:\windows\system32\dllcache\smbclass.sys
+ 2012-04-19 23:05 . 2008-04-14 04:06 5888 c:\windows\system32\dllcache\smbali.sys
+ 2012-04-19 23:04 . 2008-04-14 09:42 3901 c:\windows\system32\dllcache\siint5.dll
- 2011-03-26 01:03 . 2008-04-13 23:00 5120 c:\windows\system32\dllcache\shell.dll
+ 2008-04-13 23:00 . 2008-04-13 23:00 5120 c:\windows\system32\dllcache\shell.dll
+ 2012-04-19 23:04 . 2001-08-17 17:53 6784 c:\windows\system32\dllcache\serscan.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 9728 c:\windows\system32\dllcache\rwnh.dll
+ 2011-03-26 03:35 . 2008-04-14 04:42 9728 c:\windows\system32\dllcache\rwnh.dll
+ 2012-04-19 23:02 . 2001-08-18 02:36 9216 c:\windows\system32\dllcache\rsmgrstr.dll
+ 2012-04-19 23:02 . 2001-08-17 16:19 3840 c:\windows\system32\dllcache\rpfun.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 4096 c:\windows\system32\dllcache\rpcref.dll
+ 2011-03-26 03:35 . 2008-04-14 04:42 4096 c:\windows\system32\dllcache\rpcref.dll
+ 2012-04-19 23:02 . 2001-08-17 17:53 3328 c:\windows\system32\dllcache\qv2kux.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 9728 c:\windows\system32\dllcache\query.exe
+ 2011-03-26 03:35 . 2001-08-23 11:00 9728 c:\windows\system32\dllcache\query.exe
+ 2012-04-19 23:01 . 2008-04-14 04:10 6016 c:\windows\system32\dllcache\qic157.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 7680 c:\windows\system32\dllcache\pwsdata.dll
+ 2011-03-26 03:35 . 2008-04-14 04:42 7680 c:\windows\system32\dllcache\pwsdata.dll
+ 2012-04-19 23:01 . 2001-08-18 02:36 5632 c:\windows\system32\dllcache\ptpusb.dll
+ 2012-04-19 23:01 . 2008-04-14 04:10 8832 c:\windows\system32\dllcache\powerfil.sys
+ 2012-04-19 23:01 . 2001-08-17 17:53 7168 c:\windows\system32\dllcache\pnrmc.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 6144 c:\windows\system32\dllcache\pmxgl.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 6144 c:\windows\system32\dllcache\pmxgl.dll
+ 2012-04-19 23:01 . 2001-08-17 18:07 5504 c:\windows\system32\dllcache\perc2hib.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 3328 c:\windows\system32\dllcache\pciide.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 3456 c:\windows\system32\dllcache\oprghdlr.sys
+ 2012-04-19 22:59 . 2001-08-17 17:47 9344 c:\windows\system32\dllcache\ntapm.sys
+ 2012-04-19 22:59 . 2001-08-17 17:53 7552 c:\windows\system32\dllcache\nsmmc.sys
+ 2012-04-19 22:58 . 2001-08-18 02:36 7168 c:\windows\system32\dllcache\mxport.dll
+ 2012-04-19 22:58 . 2008-04-14 04:09 5504 c:\windows\system32\dllcache\mstee.sys
+ 2012-04-19 22:58 . 2001-08-17 18:00 2944 c:\windows\system32\dllcache\msmpu401.sys
- 2011-03-26 01:03 . 2008-04-13 23:00 2032 c:\windows\system32\dllcache\mouse.drv
+ 2008-04-13 23:00 . 2008-04-13 23:00 2032 c:\windows\system32\dllcache\mouse.drv
+ 2012-04-19 22:57 . 2001-08-17 17:52 6528 c:\windows\system32\dllcache\miniqic.sys
+ 2011-03-26 03:35 . 2008-04-14 04:42 7680 c:\windows\system32\dllcache\migregdb.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 7680 c:\windows\system32\dllcache\migregdb.exe
+ 2012-04-19 22:57 . 2001-08-17 17:58 8320 c:\windows\system32\dllcache\memcard.sys
+ 2012-04-19 22:57 . 2001-08-17 17:52 7424 c:\windows\system32\dllcache\mammoth.sys
+ 2012-04-19 22:57 . 2008-04-14 04:10 7040 c:\windows\system32\dllcache\ltotape.sys
+ 2012-04-19 22:56 . 2001-08-17 17:53 4992 c:\windows\system32\dllcache\loop.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 2000 c:\windows\system32\dllcache\keyboard.drv
- 2011-03-26 01:03 . 2008-04-13 23:00 2000 c:\windows\system32\dllcache\keyboard.drv
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\kbdvntc.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\kbdvntc.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\kbdusa.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\kbdusa.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\kbdurdu.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\kbdurdu.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 6144 c:\windows\system32\dllcache\kbdth3.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 6144 c:\windows\system32\dllcache\kbdth3.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 6144 c:\windows\system32\dllcache\kbdth2.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 6144 c:\windows\system32\dllcache\kbdth2.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\kbdth1.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\kbdth1.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\kbdth0.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\kbdth0.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\kbdsyr2.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\kbdsyr2.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\kbdsyr1.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\kbdsyr1.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 7680 c:\windows\system32\dllcache\kbdnecnt.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 7680 c:\windows\system32\dllcache\kbdnecnt.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 9216 c:\windows\system32\dllcache\kbdnecat.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 9216 c:\windows\system32\dllcache\kbdnecat.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 7168 c:\windows\system32\dllcache\kbdnec95.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 7168 c:\windows\system32\dllcache\kbdnec95.dll
+ 2011-03-26 03:35 . 2008-04-14 04:39 6144 c:\windows\system32\dllcache\kbdlk41j.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 6144 c:\windows\system32\dllcache\kbdlk41j.dll
+ 2011-03-26 03:35 . 2008-04-14 04:39 6656 c:\windows\system32\dllcache\kbdlk41a.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 6656 c:\windows\system32\dllcache\kbdlk41a.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\kbdintel.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\kbdintel.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\kbdintam.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\kbdintam.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 6144 c:\windows\system32\dllcache\kbdinpun.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 6144 c:\windows\system32\dllcache\kbdinpun.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\kbdinmar.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\kbdinmar.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\kbdinkan.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\kbdinkan.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\kbdinhin.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\kbdinhin.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\kbdinguj.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\kbdinguj.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\kbdindev.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\kbdindev.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 7168 c:\windows\system32\dllcache\kbdibm02.dll
+ 2011-03-26 03:35 . 2008-04-14 04:39 7168 c:\windows\system32\dllcache\kbdibm02.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\kbdheb.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\kbdheb.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5120 c:\windows\system32\dllcache\kbdgeo.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5120 c:\windows\system32\dllcache\kbdgeo.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\kbdfa.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\kbdfa.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\kbddiv2.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\kbddiv2.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\kbddiv1.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\kbddiv1.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 6144 c:\windows\system32\dllcache\kbdax2.dll
+ 2011-03-26 03:35 . 2008-04-14 04:39 6144 c:\windows\system32\dllcache\kbdax2.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5120 c:\windows\system32\dllcache\kbdarmw.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5120 c:\windows\system32\dllcache\kbdarmw.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5120 c:\windows\system32\dllcache\kbdarme.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5120 c:\windows\system32\dllcache\kbdarme.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\kbda3.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\kbda3.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\kbda2.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\kbda2.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\kbda1.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\kbda1.dll
+ 2011-03-26 03:35 . 2008-04-14 04:39 6144 c:\windows\system32\dllcache\kbd106n.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 6144 c:\windows\system32\dllcache\kbd106n.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 6144 c:\windows\system32\dllcache\kbd101a.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 6144 c:\windows\system32\dllcache\kbd101a.dll
+ 2011-03-26 03:35 . 2008-04-14 04:39 6144 c:\windows\system32\dllcache\kbd101.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 6144 c:\windows\system32\dllcache\kbd101.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 9216 c:\windows\system32\dllcache\iwrps.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 9216 c:\windows\system32\dllcache\iwrps.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 7168 c:\windows\system32\dllcache\isapips.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 7168 c:\windows\system32\dllcache\isapips.dll
+ 2011-03-26 01:04 . 2008-04-14 00:10 5504 c:\windows\system32\dllcache\intelide.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 8704 c:\windows\system32\dllcache\infoctrs.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 8704 c:\windows\system32\dllcache\infoctrs.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 7680 c:\windows\system32\dllcache\inetmgr.exe
+ 2011-03-26 03:34 . 2001-08-23 11:00 7680 c:\windows\system32\dllcache\inetmgr.exe
+ 2011-03-26 03:35 . 2001-08-23 11:00 6656 c:\windows\system32\dllcache\iissync.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 6656 c:\windows\system32\dllcache\iissync.exe
- 2011-03-26 03:34 . 2008-04-13 23:00 5632 c:\windows\system32\dllcache\iisrstap.dll
+ 2011-03-26 03:34 . 2001-08-23 11:00 5632 c:\windows\system32\dllcache\iisrstap.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 3584 c:\windows\system32\dllcache\iismui.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 3584 c:\windows\system32\dllcache\iismui.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 7168 c:\windows\system32\dllcache\iisfecnv.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 7168 c:\windows\system32\dllcache\iisfecnv.dll
+ 2012-04-19 22:54 . 2001-08-18 02:34 9216 c:\windows\system32\dllcache\ibmsgnet.dll
+ 2012-04-19 22:54 . 2008-04-14 04:11 8576 c:\windows\system32\dllcache\i2omgmt.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 8192 c:\windows\system32\dllcache\httpmb51.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 8192 c:\windows\system32\dllcache\httpmb51.dll
+ 2012-04-19 22:54 . 2001-08-18 02:36 9759 c:\windows\system32\dllcache\hsf_inst.dll
+ 2012-04-19 22:54 . 2001-08-17 17:52 5760 c:\windows\system32\dllcache\hpt4qic.sys
+ 2012-04-19 22:53 . 2001-08-17 18:02 2688 c:\windows\system32\dllcache\hidswvd.sys
+ 2012-04-19 22:53 . 2001-08-17 18:02 8576 c:\windows\system32\dllcache\hidgame.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 6656 c:\windows\system32\dllcache\fxsres.dll
+ 2011-03-26 03:35 . 2008-04-14 04:39 6656 c:\windows\system32\dllcache\fxsres.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 8704 c:\windows\system32\dllcache\fxsperf.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 8704 c:\windows\system32\dllcache\fxsperf.dll
+ 2011-03-26 03:34 . 2001-08-23 11:00 6144 c:\windows\system32\dllcache\ftpsapi2.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 6144 c:\windows\system32\dllcache\ftpsapi2.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 6144 c:\windows\system32\dllcache\ftpmib.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 6144 c:\windows\system32\dllcache\ftpmib.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 7680 c:\windows\system32\dllcache\ftpctrs2.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 7680 c:\windows\system32\dllcache\ftpctrs2.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 6144 c:\windows\system32\dllcache\ftlx041e.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 6144 c:\windows\system32\dllcache\ftlx041e.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 7168 c:\windows\system32\dllcache\f3ahvoas.dll
+ 2011-03-26 03:35 . 2008-04-14 04:39 7168 c:\windows\system32\dllcache\f3ahvoas.dll
- 2011-03-26 03:35 . 2001-08-18 03:36 7168 c:\windows\system32\dllcache\EXCH_snprfdll.dll
+ 2011-03-26 03:35 . 2001-08-18 02:36 7168 c:\windows\system32\dllcache\EXCH_snprfdll.dll
- 2011-03-26 03:34 . 2001-08-18 03:36 5632 c:\windows\system32\dllcache\EXCH_adsiisex.dll
+ 2011-03-26 03:34 . 2001-08-18 02:36 5632 c:\windows\system32\dllcache\EXCH_adsiisex.dll
+ 2012-04-19 22:52 . 2001-08-17 17:52 7040 c:\windows\system32\dllcache\exabyte2.sys
+ 2012-04-19 22:51 . 2001-08-17 17:46 6400 c:\windows\system32\dllcache\enum1394.sys
+ 2012-04-19 22:51 . 2001-08-17 17:53 7296 c:\windows\system32\dllcache\elmsmc.sys
+ 2012-04-19 22:51 . 2001-08-17 17:47 8704 c:\windows\system32\dllcache\dot4scan.sys
+ 2012-04-19 22:51 . 2008-04-14 04:10 8320 c:\windows\system32\dllcache\dlttape.sys
+ 2012-04-19 22:51 . 2001-08-18 02:36 6216 c:\windows\system32\dllcache\divaci.dll
+ 2012-04-19 22:51 . 2001-08-18 02:36 6729 c:\windows\system32\dllcache\disrvci.dll
+ 2012-04-19 22:50 . 2001-08-17 17:52 7424 c:\windows\system32\dllcache\ddsmc.sys
+ 2012-04-19 22:50 . 2001-08-17 16:19 3584 c:\windows\system32\dllcache\cwcosnt5.sys
+ 2012-04-19 22:50 . 2001-08-17 16:19 3072 c:\windows\system32\dllcache\cwbmidi.sys
+ 2012-04-19 22:50 . 2001-08-17 16:19 3072 c:\windows\system32\dllcache\cwbase.sys
+ 2012-04-19 22:50 . 2001-08-18 02:36 4096 c:\windows\system32\dllcache\ctwdm32.dll
+ 2012-04-19 22:50 . 2001-08-17 16:19 3712 c:\windows\system32\dllcache\ctljystk.sys
+ 2012-04-19 22:50 . 2001-08-17 16:19 6912 c:\windows\system32\dllcache\ctlfacem.sys
+ 2012-04-19 22:49 . 2001-08-17 17:51 6656 c:\windows\system32\dllcache\cmdide.sys
+ 2012-04-19 22:49 . 2008-04-14 04:11 8192 c:\windows\system32\dllcache\changer.sys
- 2011-03-26 03:34 . 2008-04-13 23:00 9728 c:\windows\system32\dllcache\change.exe
+ 2011-03-26 03:34 . 2001-08-23 11:00 9728 c:\windows\system32\dllcache\change.exe
+ 2012-04-19 22:49 . 2001-08-17 17:52 7680 c:\windows\system32\dllcache\cd20xrnt.sys
- 2011-03-26 03:34 . 2008-04-13 23:00 6656 c:\windows\system32\dllcache\c_is2022.dll
+ 2011-03-26 03:34 . 2001-08-23 11:00 6656 c:\windows\system32\dllcache\c_is2022.dll
+ 2012-04-19 22:49 . 2001-08-18 02:36 9728 c:\windows\system32\dllcache\brserif.dll
+ 2012-04-19 22:49 . 2001-08-18 02:36 5120 c:\windows\system32\dllcache\brscnrsm.dll
+ 2012-04-19 22:49 . 2001-08-17 17:12 3168 c:\windows\system32\dllcache\brparimg.sys
+ 2012-04-19 22:49 . 2001-08-17 17:12 3968 c:\windows\system32\dllcache\brfiltup.sys
+ 2012-04-19 22:49 . 2001-08-17 17:12 2944 c:\windows\system32\dllcache\brfilt.sys
+ 2012-04-19 22:49 . 2001-08-18 02:36 9728 c:\windows\system32\dllcache\brcoinst.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 9216 c:\windows\system32\dllcache\authfilt.dll
+ 2011-03-26 03:34 . 2001-08-23 11:00 9216 c:\windows\system32\dllcache\authfilt.dll
+ 2011-03-26 01:05 . 2001-08-17 13:59 3072 c:\windows\system32\dllcache\audstub.sys
+ 2012-04-19 22:48 . 2001-08-17 16:49 9472 c:\windows\system32\dllcache\ativmdcd.sys
+ 2012-04-19 22:48 . 2001-08-17 17:47 6272 c:\windows\system32\dllcache\apmbatt.sys
+ 2012-04-19 22:48 . 2001-08-17 17:51 5248 c:\windows\system32\dllcache\aliide.sys
+ 2012-04-19 22:48 . 2008-04-14 09:41 3775 c:\windows\system32\dllcache\adv11nt5.dll
+ 2012-04-19 22:48 . 2008-04-14 09:41 3711 c:\windows\system32\dllcache\adv09nt5.dll
+ 2012-04-19 22:48 . 2008-04-14 09:41 3135 c:\windows\system32\dllcache\adv08nt5.dll
+ 2012-04-19 22:48 . 2008-04-14 09:41 3647 c:\windows\system32\dllcache\adv07nt5.dll
+ 2012-04-19 22:48 . 2008-04-14 09:41 3615 c:\windows\system32\dllcache\adv05nt5.dll
+ 2012-04-19 22:48 . 2008-04-14 09:41 3967 c:\windows\system32\dllcache\adv02nt5.dll
+ 2012-04-19 22:48 . 2008-04-14 09:41 4255 c:\windows\system32\dllcache\adv01nt5.dll
+ 2011-03-26 03:34 . 2001-08-23 11:00 6144 c:\windows\system32\dllcache\admxprox.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 6144 c:\windows\system32\dllcache\admxprox.dll
+ 2012-04-19 22:47 . 2001-08-17 17:53 7424 c:\windows\system32\dllcache\adicvls.sys
+ 2008-04-14 05:42 . 2008-04-13 23:00 483840 c:\windows\system32\dllcache\wzcsvc.dll
+ 2012-04-19 23:10 . 2008-04-14 02:05 154624 c:\windows\system32\dllcache\wlluc48.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 146432 c:\windows\system32\dllcache\winspool.drv
- 2011-03-26 01:03 . 2008-04-13 23:00 146432 c:\windows\system32\dllcache\winspool.drv
+ 2012-04-19 23:10 . 2001-08-17 17:28 771581 c:\windows\system32\dllcache\winacisa.sys
+ 2012-04-19 23:10 . 2001-08-17 17:28 701386 c:\windows\system32\dllcache\wdhaalba.sys
- 2011-03-26 03:36 . 2008-04-13 23:00 364032 c:\windows\system32\dllcache\w3svc.dll
+ 2011-03-26 03:36 . 2008-04-14 04:42 364032 c:\windows\system32\dllcache\w3svc.dll
+ 2012-04-19 23:09 . 2001-08-17 17:28 397502 c:\windows\system32\dllcache\vpctcom.sys
- 2011-03-26 03:36 . 2008-04-13 23:00 426041 c:\windows\system32\dllcache\voicepad.dll
+ 2011-03-26 03:36 . 2008-04-14 04:41 426041 c:\windows\system32\dllcache\voicepad.dll
+ 2012-04-19 23:09 . 2001-08-17 17:28 604253 c:\windows\system32\dllcache\vmodem.sys
+ 2012-04-19 23:09 . 2001-08-17 16:14 249402 c:\windows\system32\dllcache\vinwm.sys
+ 2012-04-19 23:09 . 2001-08-17 17:28 687999 c:\windows\system32\dllcache\usrwdxjs.sys
+ 2012-04-19 23:09 . 2001-08-17 17:28 765884 c:\windows\system32\dllcache\usrti.sys
+ 2012-04-19 23:09 . 2001-08-17 17:28 113762 c:\windows\system32\dllcache\usrpda.sys
+ 2012-04-19 23:09 . 2001-08-17 17:28 224802 c:\windows\system32\dllcache\usr1807a.sys
+ 2012-04-19 23:09 . 2001-08-17 17:28 794399 c:\windows\system32\dllcache\usr1806v.sys
+ 2012-04-19 23:09 . 2001-08-17 17:28 793598 c:\windows\system32\dllcache\usr1806.sys
+ 2012-04-19 23:09 . 2001-08-17 17:28 794654 c:\windows\system32\dllcache\usr1801.sys
+ 2012-04-19 23:09 . 2008-04-14 04:16 121984 c:\windows\system32\dllcache\usbvideo.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 143872 c:\windows\system32\dllcache\usbport.sys
+ 2012-04-19 23:08 . 2001-08-18 02:36 211968 c:\windows\system32\dllcache\um54scan.dll
+ 2012-04-19 23:08 . 2001-08-18 02:36 216064 c:\windows\system32\dllcache\um34scan.dll
+ 2011-03-26 03:36 . 2008-04-14 04:42 103424 c:\windows\system32\dllcache\uihelper.dll
- 2011-03-26 03:36 . 2008-04-13 23:00 103424 c:\windows\system32\dllcache\uihelper.dll
+ 2012-04-19 23:08 . 2001-08-17 16:51 166784 c:\windows\system32\dllcache\tridxpm.sys
+ 2012-04-19 23:08 . 2001-08-18 02:36 525568 c:\windows\system32\dllcache\tridxp.dll
+ 2012-04-19 23:08 . 2001-08-17 16:51 159232 c:\windows\system32\dllcache\tridkbm.sys
+ 2012-04-19 23:08 . 2001-08-17 18:56 440576 c:\windows\system32\dllcache\tridkb.dll
+ 2012-04-19 23:08 . 2001-08-17 16:51 222336 c:\windows\system32\dllcache\trid3dm.sys
+ 2012-04-19 23:07 . 2001-08-17 18:02 230912 c:\windows\system32\dllcache\tosdvd03.sys
+ 2012-04-19 23:07 . 2001-08-17 18:01 241664 c:\windows\system32\dllcache\tosdvd02.sys
+ 2012-04-19 23:07 . 2001-08-17 16:14 123995 c:\windows\system32\dllcache\tjisdn.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 455168 c:\windows\system32\dllcache\tintsetp.exe
+ 2011-03-26 03:35 . 2008-04-13 21:13 455168 c:\windows\system32\dllcache\tintsetp.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 185344 c:\windows\system32\dllcache\thawbrkr.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 185344 c:\windows\system32\dllcache\thawbrkr.dll
+ 2012-04-19 23:07 . 2001-08-17 16:51 138528 c:\windows\system32\dllcache\tgiulnt5.sys
+ 2012-04-19 23:07 . 2008-04-14 04:10 149376 c:\windows\system32\dllcache\tffsport.sys
+ 2012-04-19 23:07 . 2001-08-17 18:56 172768 c:\windows\system32\dllcache\t2r4disp.dll
+ 2012-04-19 23:06 . 2001-08-17 17:50 103936 c:\windows\system32\dllcache\sx.sys
+ 2012-04-19 23:06 . 2001-08-18 02:36 155648 c:\windows\system32\dllcache\stlnprop.dll
+ 2012-04-19 23:06 . 2001-08-17 16:18 285760 c:\windows\system32\dllcache\stlnata.sys
+ 2011-03-26 03:35 . 2001-08-23 11:00 101376 c:\windows\system32\dllcache\srusbusd.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 101376 c:\windows\system32\dllcache\srusbusd.dll
+ 2012-04-19 23:05 . 2001-08-18 02:36 106584 c:\windows\system32\dllcache\spdports.dll
+ 2012-04-19 23:05 . 2001-08-18 02:36 114688 c:\windows\system32\dllcache\sonypi.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 143422 c:\windows\system32\dllcache\softkey.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 143422 c:\windows\system32\dllcache\softkey.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 188416 c:\windows\system32\dllcache\snmpsmir.dll
+ 2011-03-26 03:35 . 2008-04-14 04:42 188416 c:\windows\system32\dllcache\snmpsmir.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 358400 c:\windows\system32\dllcache\snmpincl.dll
+ 2011-03-26 03:35 . 2008-04-14 04:42 358400 c:\windows\system32\dllcache\snmpincl.dll
+ 2011-03-26 03:35 . 2008-04-14 04:42 259072 c:\windows\system32\dllcache\snmpcl.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 259072 c:\windows\system32\dllcache\snmpcl.dll
+ 2011-03-26 03:35 . 2008-04-14 04:42 456192 c:\windows\system32\dllcache\smtpsvc.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 456192 c:\windows\system32\dllcache\smtpsvc.dll
+ 2011-03-26 03:34 . 2008-04-14 04:42 189440 c:\windows\system32\dllcache\smtpadm.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 189440 c:\windows\system32\dllcache\smtpadm.dll
+ 2012-04-19 23:05 . 2001-08-17 18:56 147200 c:\windows\system32\dllcache\smidispb.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 236544 c:\windows\system32\dllcache\smi2smir.exe
+ 2011-03-26 03:35 . 2008-04-14 04:42 236544 c:\windows\system32\dllcache\smi2smir.exe
+ 2012-04-19 23:04 . 2008-04-14 03:53 129535 c:\windows\system32\dllcache\slnt7554.sys
+ 2012-04-19 23:04 . 2008-04-14 09:42 188508 c:\windows\system32\dllcache\slgen.dll
+ 2012-04-19 23:04 . 2008-04-14 09:42 286792 c:\windows\system32\dllcache\slextspk.dll
+ 2012-04-19 23:04 . 2001-08-17 18:56 157696 c:\windows\system32\dllcache\sisv256.dll
+ 2012-04-19 23:04 . 2001-08-18 02:36 238592 c:\windows\system32\dllcache\sisgrv.dll
+ 2012-04-19 23:04 . 2001-08-17 16:50 104064 c:\windows\system32\dllcache\sisgrp.sys
+ 2012-04-19 23:04 . 2001-08-17 18:56 150144 c:\windows\system32\dllcache\sis6306v.dll
+ 2012-04-19 23:04 . 2001-08-17 18:56 252032 c:\windows\system32\dllcache\sis300iv.dll
+ 2012-04-19 23:04 . 2001-08-17 16:50 101760 c:\windows\system32\dllcache\sis300ip.sys
+ 2012-04-19 23:04 . 2001-07-21 18:29 161568 c:\windows\system32\dllcache\sgsmusb.sys
+ 2012-04-19 23:04 . 2001-08-18 02:36 386560 c:\windows\system32\dllcache\sgiul50.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 221696 c:\windows\system32\dllcache\seo.dll
+ 2011-03-26 03:35 . 2008-04-14 04:42 221696 c:\windows\system32\dllcache\seo.dll
+ 2012-04-19 23:03 . 2001-08-18 02:36 495616 c:\windows\system32\dllcache\sblfx.dll
+ 2012-04-19 23:03 . 2001-08-17 18:56 245632 c:\windows\system32\dllcache\s3savmx.dll
+ 2012-04-19 23:03 . 2001-08-17 18:56 198400 c:\windows\system32\dllcache\s3sav4.dll
+ 2012-04-19 23:03 . 2001-08-17 18:56 179264 c:\windows\system32\dllcache\s3sav3d.dll
+ 2012-04-19 23:03 . 2001-08-17 18:56 210496 c:\windows\system32\dllcache\s3mvirge.dll
+ 2012-04-19 23:03 . 2001-08-17 18:56 182272 c:\windows\system32\dllcache\s3mt3d.dll
+ 2012-04-19 23:03 . 2001-08-17 16:50 166720 c:\windows\system32\dllcache\s3m.sys
+ 2012-04-19 23:03 . 2008-04-14 02:04 166912 c:\windows\system32\dllcache\s3gnbm.sys
+ 2012-04-19 23:03 . 2008-04-14 09:42 397056 c:\windows\system32\dllcache\s3gnb.dll
+ 2011-03-26 03:29 . 2008-04-14 05:02 196224 c:\windows\system32\dllcache\rdpdr.sys
+ 2012-04-19 23:02 . 2001-08-17 17:28 714762 c:\windows\system32\dllcache\r2mdmkxx.sys
+ 2012-04-19 23:02 . 2001-08-17 17:28 899146 c:\windows\system32\dllcache\r2mdkxga.sys
+ 2012-04-19 23:01 . 2001-08-17 17:28 130942 c:\windows\system32\dllcache\ptserlv.sys
+ 2012-04-19 23:01 . 2001-08-17 17:28 112574 c:\windows\system32\dllcache\ptserlp.sys
+ 2012-04-19 23:01 . 2001-08-17 17:28 128286 c:\windows\system32\dllcache\ptserli.sys
+ 2012-04-19 23:01 . 2008-04-14 09:42 159232 c:\windows\system32\dllcache\ptpusd.dll
+ 2012-04-19 23:01 . 2008-04-14 09:42 363520 c:\windows\system32\dllcache\psisdecd.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 131584 c:\windows\system32\dllcache\pmxviceo.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 131584 c:\windows\system32\dllcache\pmxviceo.dll
+ 2011-03-26 03:35 . 2008-04-14 04:40 175104 c:\windows\system32\dllcache\pintlcsa.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 175104 c:\windows\system32\dllcache\pintlcsa.dll
+ 2012-04-19 23:01 . 2001-08-18 02:36 121344 c:\windows\system32\dllcache\phvfwext.dll
+ 2012-04-19 23:01 . 2001-08-17 18:04 173696 c:\windows\system32\dllcache\philcam2.sys
+ 2012-04-19 23:01 . 2008-04-14 09:40 259328 c:\windows\system32\dllcache\perm3dd.dll
+ 2012-04-19 23:01 . 2008-04-14 09:40 211584 c:\windows\system32\dllcache\perm2dll.dll
+ 2012-04-19 23:00 . 2008-04-14 01:42 169984 c:\windows\system32\dllcache\pcx500.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 120192 c:\windows\system32\dllcache\pcmcia.sys
+ 2012-04-19 23:00 . 2001-08-17 18:05 351616 c:\windows\system32\dllcache\ovcodek2.sys
+ 2012-04-19 23:00 . 2001-08-18 02:36 116736 c:\windows\system32\dllcache\ovcodec2.dll
+ 2012-04-19 22:59 . 2001-08-17 16:50 198144 c:\windows\system32\dllcache\nv3.sys
+ 2012-04-19 22:59 . 2001-08-18 02:36 123776 c:\windows\system32\dllcache\nv3.dll
+ 2012-04-19 22:59 . 2008-04-14 03:53 180360 c:\windows\system32\dllcache\ntmtlfax.sys
+ 2012-04-19 22:59 . 2001-08-17 16:20 126080 c:\windows\system32\dllcache\nm5a2wdm.sys
+ 2012-04-19 22:59 . 2008-04-14 02:05 132695 c:\windows\system32\dllcache\netwlan5.sys
+ 2012-04-19 22:58 . 2001-08-17 16:11 128000 c:\windows\system32\dllcache\n100325.sys
+ 2011-03-26 03:35 . 2001-08-23 11:00 229439 c:\windows\system32\dllcache\multibox.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 229439 c:\windows\system32\dllcache\multibox.dll
+ 2012-04-19 22:58 . 2001-08-17 16:50 103296 c:\windows\system32\dllcache\mtxvideo.sys
+ 2012-04-19 22:58 . 2008-04-14 02:04 452736 c:\windows\system32\dllcache\mtxparhm.sys
+ 2011-03-26 03:35 . 2008-04-14 04:42 119808 c:\windows\system32\dllcache\mtstocom.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 119808 c:\windows\system32\dllcache\mtstocom.exe
+ 2012-04-19 22:58 . 2008-04-14 03:53 126686 c:\windows\system32\dllcache\mtlmnt5.sys
- 2011-03-26 01:03 . 2008-04-13 23:00 126912 c:\windows\system32\dllcache\msvideo.dll
+ 2008-04-13 23:00 . 2008-04-13 23:00 126912 c:\windows\system32\dllcache\msvideo.dll
- 2011-03-26 04:02 . 2011-07-15 13:29 456320 c:\windows\system32\dllcache\mrxsmb.sys
+ 2008-04-13 23:00 . 2011-07-15 13:29 456320 c:\windows\system32\dllcache\mrxsmb.sys
+ 2012-04-19 22:57 . 2001-08-17 16:50 320384 c:\windows\system32\dllcache\mgaum.sys
+ 2012-04-19 22:57 . 2001-08-17 18:56 235648 c:\windows\system32\dllcache\mgaud.dll
+ 2012-04-19 22:57 . 2001-08-17 16:12 164586 c:\windows\system32\dllcache\mdgndis5.sys
+ 2012-04-19 22:57 . 2001-08-17 17:28 797500 c:\windows\system32\dllcache\ltsmt.sys
+ 2012-04-19 22:57 . 2001-08-17 17:28 802683 c:\windows\system32\dllcache\ltsm.sys
+ 2012-04-19 22:57 . 2008-04-14 03:53 420992 c:\windows\system32\dllcache\ltmdmntt.sys
+ 2012-04-19 22:56 . 2008-04-14 03:53 606684 c:\windows\system32\dllcache\ltmdmnt.sys
+ 2012-04-19 22:56 . 2001-08-17 17:28 727786 c:\windows\system32\dllcache\ltck000c.sys
+ 2012-04-19 22:56 . 2008-04-14 09:41 253952 c:\windows\system32\dllcache\kdsusd.dll
+ 2012-04-19 22:56 . 2008-04-14 09:42 151552 c:\windows\system32\dllcache\irftp.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 257024 c:\windows\system32\dllcache\infocomm.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 257024 c:\windows\system32\dllcache\infocomm.dll
+ 2011-03-26 03:34 . 2008-04-14 04:41 829440 c:\windows\system32\dllcache\inetmgr.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 829440 c:\windows\system32\dllcache\inetmgr.dll
+ 2011-03-26 03:35 . 2008-04-14 04:39 315455 c:\windows\system32\dllcache\imskf.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 315455 c:\windows\system32\dllcache\imskf.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 471102 c:\windows\system32\dllcache\imskdic.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 471102 c:\windows\system32\dllcache\imskdic.dll
+ 2011-03-26 03:35 . 2008-04-14 04:39 102456 c:\windows\system32\dllcache\imlang.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 102456 c:\windows\system32\dllcache\imlang.dll
+ 2011-03-26 03:35 . 2008-04-14 04:39 274489 c:\windows\system32\dllcache\imjputyc.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 274489 c:\windows\system32\dllcache\imjputyc.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 262200 c:\windows\system32\dllcache\imjputy.exe
+ 2011-03-26 03:35 . 2008-04-13 21:14 262200 c:\windows\system32\dllcache\imjputy.exe
+ 2011-03-26 03:35 . 2008-04-13 21:14 233527 c:\windows\system32\dllcache\imjprw.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 233527 c:\windows\system32\dllcache\imjprw.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 208952 c:\windows\system32\dllcache\imjpmig.exe
+ 2011-03-26 03:35 . 2008-04-13 21:13 208952 c:\windows\system32\dllcache\imjpmig.exe
+ 2011-03-26 03:35 . 2008-04-13 21:13 196665 c:\windows\system32\dllcache\imjpinst.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 196665 c:\windows\system32\dllcache\imjpinst.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 155705 c:\windows\system32\dllcache\imjpdsvr.exe
+ 2011-03-26 03:35 . 2008-04-13 21:13 155705 c:\windows\system32\dllcache\imjpdsvr.exe
+ 2011-03-26 03:35 . 2008-04-13 21:13 307257 c:\windows\system32\dllcache\imjpdct.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 307257 c:\windows\system32\dllcache\imjpdct.exe
+ 2011-03-26 03:35 . 2008-04-14 04:39 716856 c:\windows\system32\dllcache\imjpcus.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 716856 c:\windows\system32\dllcache\imjpcus.dll
+ 2011-03-26 03:35 . 2008-04-14 04:39 368696 c:\windows\system32\dllcache\imjpcic.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 368696 c:\windows\system32\dllcache\imjpcic.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 811064 c:\windows\system32\dllcache\imjp81k.dll
+ 2011-03-26 03:35 . 2008-04-14 04:39 811064 c:\windows\system32\dllcache\imjp81k.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 311359 c:\windows\system32\dllcache\imepadsv.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 311359 c:\windows\system32\dllcache\imepadsv.exe
+ 2011-03-26 03:35 . 2001-08-23 11:00 102463 c:\windows\system32\dllcache\imepadsm.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 102463 c:\windows\system32\dllcache\imepadsm.dll
+ 2011-03-26 03:35 . 2008-04-14 04:39 106496 c:\windows\system32\dllcache\imekrcic.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 106496 c:\windows\system32\dllcache\imekrcic.dll
+ 2011-03-26 03:34 . 2001-08-23 11:00 169984 c:\windows\system32\dllcache\iisui.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 169984 c:\windows\system32\dllcache\iisui.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 133632 c:\windows\system32\dllcache\iisrtl.dll
+ 2011-03-26 03:34 . 2008-04-14 04:41 133632 c:\windows\system32\dllcache\iisrtl.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 145408 c:\windows\system32\dllcache\iische51.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 145408 c:\windows\system32\dllcache\iische51.dll
+ 2012-04-19 22:55 . 2001-08-18 02:36 372824 c:\windows\system32\dllcache\iconf32.dll
+ 2012-04-19 22:55 . 2001-08-17 18:06 100992 c:\windows\system32\dllcache\icam5usb.sys
+ 2012-04-19 22:55 . 2001-08-17 18:06 154496 c:\windows\system32\dllcache\icam4usb.sys
+ 2012-04-19 22:55 . 2001-08-17 18:05 141056 c:\windows\system32\dllcache\icam3.sys
+ 2012-04-19 22:55 . 2001-08-17 16:12 109085 c:\windows\system32\dllcache\ibmtrp.sys
+ 2012-04-19 22:54 . 2008-04-14 02:04 161020 c:\windows\system32\dllcache\i81xnt5.sys
+ 2012-04-19 22:54 . 2008-04-14 09:41 702845 c:\windows\system32\dllcache\i81xdnt5.dll
+ 2012-04-19 22:54 . 2001-08-17 18:56 353184 c:\windows\system32\dllcache\i740dnt5.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 268288 c:\windows\system32\dllcache\httpext.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 268288 c:\windows\system32\dllcache\httpext.dll
+ 2008-04-13 23:00 . 2009-10-20 16:20 265728 c:\windows\system32\dllcache\http.sys
- 2009-10-20 16:20 . 2009-10-20 16:20 265728 c:\windows\system32\dllcache\http.sys
+ 2012-04-19 22:54 . 2008-04-14 03:53 685056 c:\windows\system32\dllcache\hsfcxts2.sys
+ 2012-04-19 22:54 . 2008-04-14 03:53 220032 c:\windows\system32\dllcache\hsfbs2s2.sys
+ 2012-04-19 22:54 . 2001-08-17 17:28 488383 c:\windows\system32\dllcache\hsf_v124.sys
+ 2012-04-19 22:54 . 2001-08-17 17:28 542879 c:\windows\system32\dllcache\hsf_msft.sys
+ 2012-04-19 22:54 . 2001-08-17 17:28 391199 c:\windows\system32\dllcache\hsf_k56k.sys
+ 2012-04-19 22:54 . 2001-08-17 17:28 115807 c:\windows\system32\dllcache\hsf_fsks.sys
+ 2012-04-19 22:54 . 2001-08-17 17:28 199711 c:\windows\system32\dllcache\hsf_faxx.sys
+ 2012-04-19 22:54 . 2001-08-17 17:28 289887 c:\windows\system32\dllcache\hsf_fall.sys
+ 2012-04-19 22:54 . 2001-08-17 17:28 150239 c:\windows\system32\dllcache\hsf_amos.sys
+ 2012-04-19 22:53 . 2001-08-18 02:36 324608 c:\windows\system32\dllcache\hpojwia.dll
+ 2012-04-19 22:53 . 2001-08-18 02:36 165888 c:\windows\system32\dllcache\hpgt53.dll
+ 2012-04-19 22:53 . 2001-08-18 02:36 126976 c:\windows\system32\dllcache\hpgt34tk.dll
+ 2012-04-19 22:53 . 2001-08-18 02:36 101376 c:\windows\system32\dllcache\hpgt34.dll
+ 2012-04-19 22:53 . 2001-08-18 02:36 123392 c:\windows\system32\dllcache\hpgt21tk.dll
+ 2012-04-19 22:53 . 2001-08-18 02:36 119296 c:\windows\system32\dllcache\hpdigwia.dll
+ 2012-04-19 22:53 . 2001-08-17 17:28 907456 c:\windows\system32\dllcache\hcf_msft.sys
+ 2012-04-19 22:53 . 2001-08-17 16:49 322432 c:\windows\system32\dllcache\g400m.sys
+ 2012-04-19 22:53 . 2001-08-17 16:49 320384 c:\windows\system32\dllcache\g200m.sys
+ 2012-04-19 22:53 . 2001-08-17 18:56 470144 c:\windows\system32\dllcache\g200d.dll
+ 2012-04-19 22:53 . 2001-08-17 16:15 454912 c:\windows\system32\dllcache\fxusbase.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 400384 c:\windows\system32\dllcache\fxsxp32.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 400384 c:\windows\system32\dllcache\fxsxp32.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 192512 c:\windows\system32\dllcache\fxswzrd.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 192512 c:\windows\system32\dllcache\fxswzrd.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 154112 c:\windows\system32\dllcache\fxsui.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 154112 c:\windows\system32\dllcache\fxsui.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 397312 c:\windows\system32\dllcache\fxstiff.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 397312 c:\windows\system32\dllcache\fxstiff.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 246272 c:\windows\system32\dllcache\fxst30.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 246272 c:\windows\system32\dllcache\fxst30.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 267776 c:\windows\system32\dllcache\fxssvc.exe
+ 2011-03-26 03:35 . 2008-04-14 04:42 267776 c:\windows\system32\dllcache\fxssvc.exe
- 2011-03-26 03:35 . 2008-04-13 23:00 562176 c:\windows\system32\dllcache\fxsst.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 562176 c:\windows\system32\dllcache\fxsst.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 229376 c:\windows\system32\dllcache\fxscover.exe
+ 2011-03-26 03:35 . 2008-04-14 04:42 229376 c:\windows\system32\dllcache\fxscover.exe
+ 2011-03-26 03:35 . 2008-04-14 04:41 285184 c:\windows\system32\dllcache\fxscomex.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 285184 c:\windows\system32\dllcache\fxscomex.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 132608 c:\windows\system32\dllcache\fxsclntr.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 132608 c:\windows\system32\dllcache\fxsclntr.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 142848 c:\windows\system32\dllcache\fxsclnt.exe
+ 2011-03-26 03:35 . 2008-04-14 04:42 142848 c:\windows\system32\dllcache\fxsclnt.exe
+ 2011-03-26 03:35 . 2001-08-23 11:00 111104 c:\windows\system32\dllcache\fxscfgwz.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 111104 c:\windows\system32\dllcache\fxscfgwz.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 451584 c:\windows\system32\dllcache\fxsapi.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 451584 c:\windows\system32\dllcache\fxsapi.dll
+ 2012-04-19 22:52 . 2001-08-17 16:15 455296 c:\windows\system32\dllcache\fusbbase.sys
+ 2012-04-19 22:52 . 2001-08-17 16:15 455680 c:\windows\system32\dllcache\fus2base.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 125952 c:\windows\system32\dllcache\ftpsv251.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 125952 c:\windows\system32\dllcache\ftpsv251.dll
+ 2008-04-13 23:00 . 2008-04-13 23:00 125056 c:\windows\system32\dllcache\ftdisk.sys
+ 2012-04-19 22:52 . 2001-08-17 16:15 442240 c:\windows\system32\dllcache\fpnpbase.sys
- 2011-03-26 03:34 . 2003-03-24 21:52 208896 c:\windows\system32\dllcache\fpmmcsat.dll
+ 2011-03-26 03:34 . 2003-03-24 20:52 208896 c:\windows\system32\dllcache\fpmmcsat.dll
- 2011-03-26 03:34 . 2004-05-13 05:39 598071 c:\windows\system32\dllcache\fpmmc.dll
+ 2011-03-26 03:34 . 2004-05-13 04:39 598071 c:\windows\system32\dllcache\fpmmc.dll
+ 2011-03-26 03:34 . 2003-03-24 20:52 188494 c:\windows\system32\dllcache\fpcount.exe
- 2011-03-26 03:34 . 2003-03-24 21:52 188494 c:\windows\system32\dllcache\fpcount.exe
+ 2012-04-19 22:52 . 2001-08-17 16:14 441728 c:\windows\system32\dllcache\fpcmbase.sys
+ 2012-04-19 22:52 . 2001-08-17 16:14 444416 c:\windows\system32\dllcache\fpcibase.sys
- 2011-03-26 03:34 . 2003-03-24 21:52 109328 c:\windows\system32\dllcache\fp98swin.exe
+ 2011-03-26 03:34 . 2003-03-24 20:52 109328 c:\windows\system32\dllcache\fp98swin.exe
+ 2011-03-26 03:34 . 2004-05-13 04:39 876653 c:\windows\system32\dllcache\fp4awel.dll
- 2011-03-26 03:34 . 2004-05-13 05:39 876653 c:\windows\system32\dllcache\fp4awel.dll
+ 2011-03-26 03:34 . 2003-03-24 20:52 102509 c:\windows\system32\dllcache\fp4atxt.dll
- 2011-03-26 03:34 . 2003-03-24 21:52 102509 c:\windows\system32\dllcache\fp4atxt.dll
- 2011-03-26 03:34 . 2003-03-24 21:52 147513 c:\windows\system32\dllcache\fp4apws.dll
+ 2011-03-26 03:34 . 2003-03-24 20:52 147513 c:\windows\system32\dllcache\fp4apws.dll
- 2011-03-26 03:34 . 2004-05-13 05:39 184435 c:\windows\system32\dllcache\fp4amsft.dll
+ 2011-03-26 03:34 . 2004-05-13 04:39 184435 c:\windows\system32\dllcache\fp4amsft.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 101888 c:\windows\system32\dllcache\evntagnt.dll
+ 2011-03-26 03:35 . 2008-04-14 04:41 101888 c:\windows\system32\dllcache\evntagnt.dll
+ 2012-04-19 22:52 . 2008-04-14 02:06 137088 c:\windows\system32\dllcache\essm2e.sys
+ 2012-04-19 22:52 . 2001-08-17 17:28 347550 c:\windows\system32\dllcache\es56tpi.sys
+ 2012-04-19 22:52 . 2001-08-17 17:28 594238 c:\windows\system32\dllcache\es56hpi.sys
+ 2012-04-19 22:52 . 2001-08-17 17:28 595647 c:\windows\system32\dllcache\es56cvmp.sys
+ 2012-04-19 22:52 . 2001-08-17 16:19 174464 c:\windows\system32\dllcache\es198x.sys
+ 2012-04-19 22:51 . 2001-08-17 16:17 629952 c:\windows\system32\dllcache\eqn.sys
+ 2012-04-19 22:51 . 2001-08-17 17:50 114944 c:\windows\system32\dllcache\epstw2k.sys
+ 2012-04-19 22:51 . 2001-08-17 17:50 144896 c:\windows\system32\dllcache\epcfw2k.sys
+ 2012-04-19 22:51 . 2001-08-17 16:19 283904 c:\windows\system32\dllcache\emu10k1m.sys
+ 2012-04-19 22:51 . 2001-08-17 16:11 171520 c:\windows\system32\dllcache\el99xn51.sys
+ 2012-04-19 22:51 . 2001-08-17 16:11 455199 c:\windows\system32\dllcache\el985n51.sys
+ 2012-04-19 22:51 . 2001-08-17 16:11 153631 c:\windows\system32\dllcache\el90xnd5.sys
+ 2012-04-19 22:51 . 2001-08-17 17:28 241206 c:\windows\system32\dllcache\el656se5.sys
+ 2012-04-19 22:51 . 2001-08-17 17:28 634134 c:\windows\system32\dllcache\el656ct5.sys
- 2011-03-26 03:35 . 2008-04-13 23:00 514587 c:\windows\system32\dllcache\edb500.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 514587 c:\windows\system32\dllcache\edb500.dll
+ 2012-04-19 22:51 . 2001-08-17 16:12 117760 c:\windows\system32\dllcache\e100b325.sys
+ 2012-04-19 22:51 . 2001-08-17 16:20 334208 c:\windows\system32\dllcache\ds1wdm.sys
+ 2012-04-19 22:51 . 2001-08-17 16:14 952007 c:\windows\system32\dllcache\diwan.sys
+ 2012-04-19 22:51 . 2001-08-18 02:36 236060 c:\windows\system32\dllcache\ditrace.exe
+ 2012-04-19 22:50 . 2001-08-18 02:36 614429 c:\windows\system32\dllcache\digiview.exe
+ 2012-04-19 22:50 . 2001-08-18 02:36 110621 c:\windows\system32\dllcache\digirlpt.dll
+ 2012-04-19 22:50 . 2001-08-18 02:36 102484 c:\windows\system32\dllcache\digiinf.dll
+ 2012-04-19 22:50 . 2001-08-18 02:36 159828 c:\windows\system32\dllcache\digihlc.dll
+ 2012-04-19 22:50 . 2001-08-18 02:36 229462 c:\windows\system32\dllcache\digifwrk.dll
+ 2012-04-19 22:50 . 2001-08-17 16:13 103044 c:\windows\system32\dllcache\digidxb.sys
+ 2012-04-19 22:50 . 2001-08-18 02:36 131156 c:\windows\system32\dllcache\digidbp.dll
+ 2012-04-19 22:49 . 2001-08-17 16:13 164923 c:\windows\system32\dllcache\diapi2.sys
+ 2012-04-19 22:50 . 2001-08-18 02:36 419357 c:\windows\system32\dllcache\dgconfig.dll
+ 2012-04-19 22:50 . 2001-08-18 02:36 256512 c:\windows\system32\dllcache\devcon32.dll
+ 2012-04-19 22:50 . 2001-08-18 02:36 110592 c:\windows\system32\dllcache\dc260usd.dll
+ 2012-04-19 22:50 . 2001-08-17 17:52 179584 c:\windows\system32\dllcache\dac2w2k.sys
+ 2012-04-19 22:50 . 2001-08-17 16:12 117760 c:\windows\system32\dllcache\d100ib5.sys
+ 2012-04-19 22:50 . 2001-08-17 16:19 111872 c:\windows\system32\dllcache\cwcspud.sys
+ 2012-04-19 22:50 . 2008-04-14 09:41 249856 c:\windows\system32\dllcache\ctmasetp.dll
+ 2012-04-19 22:50 . 2001-08-18 02:36 175104 c:\windows\system32\dllcache\csamsp.dll
+ 2012-04-19 22:50 . 2001-08-18 02:36 216064 c:\windows\system32\dllcache\cpscan.dll
+ 2012-04-19 22:49 . 2001-08-17 17:57 248064 c:\windows\system32\dllcache\cl546xm.sys
+ 2012-04-19 22:49 . 2001-08-17 18:56 170880 c:\windows\system32\dllcache\cl546x.dll
+ 2012-04-19 22:49 . 2001-08-17 18:56 111232 c:\windows\system32\dllcache\cl5465.dll
+ 2011-03-26 03:34 . 2008-04-13 21:13 480256 c:\windows\system32\dllcache\cintsetp.exe
- 2011-03-26 03:34 . 2008-04-13 23:00 480256 c:\windows\system32\dllcache\cintsetp.exe
- 2011-03-26 03:34 . 2008-04-13 23:00 198656 c:\windows\system32\dllcache\cintime.dll
+ 2011-03-26 03:34 . 2008-04-14 04:39 198656 c:\windows\system32\dllcache\cintime.dll
+ 2001-08-17 14:02 . 2008-04-13 23:00 262528 c:\windows\system32\dllcache\cinemst2.sys
+ 2012-04-19 22:49 . 2001-08-17 18:02 272640 c:\windows\system32\dllcache\cinemclc.sys
+ 2012-04-19 22:49 . 2001-08-17 16:13 980034 c:\windows\system32\dllcache\cicap.sys
+ 2011-03-26 03:34 . 2008-04-14 04:39 173568 c:\windows\system32\dllcache\chtskf.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 173568 c:\windows\system32\dllcache\chtskf.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 838144 c:\windows\system32\dllcache\chtbrkr.dll
+ 2011-03-26 03:34 . 2001-08-23 11:00 838144 c:\windows\system32\dllcache\chtbrkr.dll
- 2011-03-26 03:34 . 2003-03-24 21:52 188480 c:\windows\system32\dllcache\cfgwiz.exe
+ 2011-03-26 03:34 . 2003-03-24 20:52 188480 c:\windows\system32\dllcache\cfgwiz.exe
+ 2012-04-19 22:49 . 2001-08-17 17:28 714698 c:\windows\system32\dllcache\cbmdmkxx.sys
+ 2012-04-19 22:49 . 2008-04-14 09:41 121856 c:\windows\system32\dllcache\camext30.dll
+ 2012-04-19 22:49 . 2001-08-18 02:36 236032 c:\windows\system32\dllcache\camext20.dll
+ 2012-04-19 22:49 . 2001-08-17 18:04 171264 c:\windows\system32\dllcache\camdrv30.sys
+ 2012-04-19 22:49 . 2001-08-17 18:04 223232 c:\windows\system32\dllcache\camdrv21.sys
+ 2012-04-19 22:49 . 2001-08-17 18:05 314752 c:\windows\system32\dllcache\camdro21.sys
+ 2011-03-26 03:34 . 2008-04-14 04:41 218112 c:\windows\system32\dllcache\c_g18030.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 218112 c:\windows\system32\dllcache\c_g18030.dll
+ 2012-04-19 22:49 . 2008-04-14 04:21 101120 c:\windows\system32\dllcache\bthpan.sys
+ 2012-04-19 22:48 . 2001-08-17 17:28 871388 c:\windows\system32\dllcache\bcmdm.sys
+ 2012-04-19 22:48 . 2001-08-17 18:56 342336 c:\windows\system32\dllcache\banshee.dll
+ 2012-04-19 22:48 . 2001-08-18 02:36 144384 c:\windows\system32\dllcache\avmenum.dll
+ 2008-04-13 23:00 . 2008-04-13 23:00 109456 c:\windows\system32\dllcache\avifile.dll
- 2011-03-26 01:03 . 2008-04-13 23:00 109456 c:\windows\system32\dllcache\avifile.dll
+ 2012-04-19 22:48 . 2001-08-17 18:56 104832 c:\windows\system32\dllcache\atiraged.dll
+ 2012-04-19 22:48 . 2008-04-14 02:04 104960 c:\windows\system32\dllcache\atinrvxx.sys
+ 2012-04-19 22:48 . 2001-08-17 16:48 281600 c:\windows\system32\dllcache\atimtai.sys
+ 2012-04-19 22:48 . 2001-08-17 16:48 289664 c:\windows\system32\dllcache\atimpab.sys
+ 2012-04-19 22:48 . 2001-08-17 18:56 268160 c:\windows\system32\dllcache\atidvai.dll
+ 2012-04-19 22:48 . 2001-08-17 18:56 137216 c:\windows\system32\dllcache\atidrae.dll
+ 2012-04-19 22:48 . 2001-08-17 18:55 382592 c:\windows\system32\dllcache\atidrab.dll
+ 2012-04-19 22:48 . 2008-04-14 02:04 327040 c:\windows\system32\dllcache\ati2mtaa.sys
+ 2012-04-19 22:48 . 2008-04-14 09:41 377984 c:\windows\system32\dllcache\ati2dvaa.dll
+ 2011-03-26 03:34 . 2008-04-14 04:41 369664 c:\windows\system32\dllcache\asp51.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 369664 c:\windows\system32\dllcache\asp51.dll
+ 2011-03-26 03:34 . 2008-04-14 04:41 331264 c:\windows\system32\dllcache\aqueue.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 331264 c:\windows\system32\dllcache\aqueue.dll
+ 2011-03-26 03:34 . 2008-04-14 04:41 108544 c:\windows\system32\dllcache\appconf.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 108544 c:\windows\system32\dllcache\appconf.dll
+ 2011-03-26 03:34 . 2008-04-14 04:41 290816 c:\windows\system32\dllcache\adsiis51.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 290816 c:\windows\system32\dllcache\adsiis51.dll
+ 2012-04-19 22:48 . 2001-08-17 18:07 101888 c:\windows\system32\dllcache\adpu160m.sys
+ 2012-04-19 22:47 . 2001-08-17 16:19 747392 c:\windows\system32\dllcache\adm8830.sys
+ 2012-04-19 22:47 . 2001-08-17 16:19 553984 c:\windows\system32\dllcache\adm8820.sys
+ 2012-04-19 22:47 . 2001-08-17 16:19 584448 c:\windows\system32\dllcache\adm8810.sys
+ 2008-04-13 23:00 . 2008-04-13 23:00 187776 c:\windows\system32\dllcache\acpi.sys
+ 2012-04-19 22:47 . 2001-08-17 16:20 297728 c:\windows\system32\dllcache\ac97sis.sys
+ 2012-04-19 22:47 . 2008-04-14 02:06 231552 c:\windows\system32\dllcache\ac97ali.sys
+ 2012-04-19 22:47 . 2001-08-18 02:36 462848 c:\windows\system32\dllcache\a3dapi.dll
+ 2012-04-19 22:47 . 2001-08-17 16:48 148352 c:\windows\system32\dllcache\3dfxvsm.sys
+ 2012-04-19 22:47 . 2001-08-17 18:55 689216 c:\windows\system32\dllcache\3dfxvs.dll
+ 2012-04-19 22:47 . 2001-08-17 17:28 762780 c:\windows\system32\dllcache\3cwmcru.sys
- 2011-03-26 03:34 . 2008-04-13 23:00 2134528 c:\windows\system32\dllcache\smtpsnap.dll
+ 2011-03-26 03:34 . 2008-04-14 04:42 2134528 c:\windows\system32\dllcache\smtpsnap.dll
+ 2012-04-19 22:59 . 2008-04-14 02:04 1897408 c:\windows\system32\dllcache\nv4_mini.sys
+ 2012-04-19 22:59 . 2008-04-14 09:42 4274816 c:\windows\system32\dllcache\nv4_disp.dll
+ 2008-04-13 23:00 . 2011-10-25 13:33 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
- 2011-03-26 04:01 . 2011-10-25 13:33 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
- 2009-02-08 00:02 . 2011-10-25 12:52 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-04-14 00:01 . 2011-10-25 12:52 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2012-04-19 22:58 . 2008-04-14 09:42 1737856 c:\windows\system32\dllcache\mtxparhd.dll
+ 2012-04-19 22:58 . 2008-04-14 03:53 1309184 c:\windows\system32\dllcache\mtlstrm.sys
+ 2012-04-19 22:54 . 2008-04-14 03:53 1041536 c:\windows\system32\dllcache\hsfdpsp2.sys
+ 2012-04-19 22:53 . 2001-08-17 18:56 1733120 c:\windows\system32\dllcache\g400d.dll
+ 2011-03-26 03:34 . 2001-08-23 11:00 1677824 c:\windows\system32\dllcache\chsbrkr.dll
- 2011-03-26 03:34 . 2008-04-13 23:00 1677824 c:\windows\system32\dllcache\chsbrkr.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 10129408 c:\windows\system32\dllcache\hwxkor.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 10129408 c:\windows\system32\dllcache\hwxkor.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 13463552 c:\windows\system32\dllcache\hwxjpn.dll
+ 2011-03-26 03:35 . 2008-04-14 04:39 13463552 c:\windows\system32\dllcache\hwxjpn.dll
- 2011-03-26 03:35 . 2008-04-13 23:00 10096640 c:\windows\system32\dllcache\hwxcht.dll
+ 2011-03-26 03:35 . 2001-08-23 11:00 10096640 c:\windows\system32\dllcache\hwxcht.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-08-20 118784]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-05-20 28160]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-02 15:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-01-04 03:51 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-09-27 12:22 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2010-03-25 01:50 2516296 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
2010-04-02 15:18 1185112 ----a-w- c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-13 23:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
2006-01-06 19:07 188416 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2004-08-20 20:55 155648 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
2005-05-20 18:46 28160 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 10:42 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 19:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 16:59 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
.
R2 ASA License (AMANO);ASA License (AMANO);c:\timeguardian\bin\wrapper.exe -s c:\timeguardian\conf\wrapperasa.conf --> c:\timeguardian\bin\wrapper.exe -s c:\timeguardian\conf\wrapperasa.conf [?]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [3/30/2011 1:17 PM 81920]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [3/30/2011 1:17 PM 2732032]
S0 cerc6;cerc6; [x]
S2 AutoProcess (TG);AutoProcess (TG);c:\timeguardian\bin\wrapper.exe -s c:\timeguardian\conf\wrapperauto.conf --> c:\timeguardian\bin\wrapper.exe -s c:\timeguardian\conf\wrapperauto.conf [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5/5/2011 4:49 PM 136176]
S3 Escalation Server (TG);Escalation Server (TG);c:\timeguardian\bin\wrapper.exe -s c:\timeguardian\conf\wrapper.conf --> c:\timeguardian\bin\wrapper.exe -s c:\timeguardian\conf\wrapper.conf [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [5/5/2011 4:49 PM 136176]
S3 MFE_RR;MFE_RR;\??\c:\docume~1\Andrea\LOCALS~1\Temp\mfe_rr.sys --> c:\docume~1\Andrea\LOCALS~1\Temp\mfe_rr.sys [?]
S3 Tomcat6;Apache Tomcat 6;c:\timeguardian\apache-tomcat-6.0.26\bin\tomcat6.exe [3/30/2011 1:16 PM 57344]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [3/25/2011 11:39 PM 11520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
NECUsb3s REG_MULTI_SZ NEC Usb3
.
NETSVCS REQUIRES REPAIRS - current entries shown
6to4
AppMgmt
AudioSrv
Browser
CryptSvc
DMServer
DHCP
ERSvc
EventSystem
FastUserSwitchingCompatibility
HidServ
Ias
Iprip
Irmon
LanmanServer
LanmanWorkstation
Messenger
Netman
Nla
Ntmssvc
NWCWorkstation
Nwsapagent
Rasauto
backupexecagentaccelerator
ssrvc
iaimtv2
SMCB000
3comtftp
venturi2
idebusdr
nvport
networkx
wmp54gv4svc
aswtdi
mwagent
lvmvdrv
MSSQL$MSSMLBIZ
dbmang
avg7rsxp
Pcatip
RR2IOMod
bmuservice
BrScnUsb
artdhcp
nmindexingservice
ccispwdsvc
bmwebcfg
tdcmdpst
svcwmu
upsentry_smart
kservice
smbios
db2
LRMINIPORT
USBCamera
MSICPL
aclient
bwcsrv
zpjava
mi-raysat_3dsmax8
axinstsv
w22n51
hpzius12
mozyFilter
jobserver_report
MASPINT
actser
cnxtdiag
bdrsdrv
bltrust
s117mdm
hcwPVRP2
mbr
mwspollserver
vxsvc
stunnel
rupsmon
cvspydr2
WUSB54GPV4SRV
mcshield
clr_optimization_v2.0.50215_32
mcredirector
DivisCTP
oracleorahomepagingserver
s3twistr
wlluc48
pctfw1
wanatw
mssql$sqlexpress
adminserver
pimsgss
DgiVecp
ZDPSp50
AVCamUSB20
bcserver
ati2mpaa
sis315
sgeclient
roxwatch9
cfosspeed
Mvc25U870_VID_1262&PID_25FD
symids
ATSWPDRV
msi_wlan_service
RioS30
SrvcEPIOMngr
wacomvhid
rmedia
USBModem
mysql
HWSCtrl
iaantmon
dlapoolm
s616mdm
delldmi
Freedom
AFGSp50
lxbs_device
srtspx
vcommmgr
sscdserd
PBADRV
Rasman
Remoteaccess
Schedule
Seclogon
SENS
Sharedaccess
SRService
Tapisrv
Themes
TrkWks
W32Time
WZCSVC
Wmi
WmdmPmSp
winmgmt
wscsvc
xmlprov
napagent
hkmsvc
BITS
wuauserv
ShellHWDetection
helpsvc
WmdmPmSN
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-05 20:49]
.
2012-04-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-05 20:49]
.
2012-04-20 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 20:39]
.
2012-04-20 c:\windows\Tasks\User_Feed_Synchronization-{EFD986EC-1E46-49EE-956E-59EECC065750}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: scat.suz.com\Cww
Trusted Zone: scat.suz.com\www
Trusted Zone: suz.com\Cww.scat
Trusted Zone: suz.com\www.scat
Trusted Zone: suzuki.com\www.dealer
Trusted Zone: suzukiconnect.com\www
Trusted Zone: suzukidcs.com\www
Trusted Zone: scat.suz.com\cww
Trusted Zone: scat.suz.com\www
Trusted Zone: suz.com\Cww.scat
Trusted Zone: suz.com\www.scat
Trusted Zone: suzuki.com\www.dealer
Trusted Zone: suzukiconnect.com\www
Trusted Zone: suzukidcs.com\www
TCP: DhcpNameServer = 68.237.161.12 71.250.0.12
DPF: {5DE9821B-6881-40B1-9A78-EEBE4A8B1BD8} - hxxps://www.suzukiconnect.com/COMMON/installer/scm.CAB
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-20 08:02
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2888)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\timeguardian\bin\wrapper.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\timeguardian\jre\bin\java.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2012-04-20 08:05:12 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-20 12:05
ComboFix2.txt 2012-04-19 17:36
ComboFix3.txt 2012-04-19 16:34
ComboFix4.txt 2012-04-19 16:07
ComboFix5.txt 2012-04-20 11:49
.
Pre-Run: 473,111,195,648 bytes free
Post-Run: 473,114,112,000 bytes free
.
- - End Of File - - 097F552603BABFB53DC75FFDCABCACE5

#4 dmkc1207

dmkc1207
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:13 AM

Posted 20 April 2012 - 07:16 AM

gringo...adding 2nd reply as trying to paste both results into one msg gave me "post too long" error...here is result of other...thanks again



checkup.txt

Results of screen317's Security Check version 0.99.32
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date! (On Access scanning disabled!)
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 26
Java version out of date!
Adobe Reader 9 Adobe Reader out of date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Microsoft Security Essentials msseces.exe
Microsoft Security Client Antimalware MsMpEng.exe
``````````End of Log````````````

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:13 AM

Posted 20 April 2012 - 07:18 AM

Hello

Are you still not able to connect?

Lets check your internet connection

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure all the boxes are checked
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 dmkc1207

dmkc1207
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:13 AM

Posted 20 April 2012 - 09:04 PM

Can't connect gringo....still nothing on command prompt: ipconfig...Farbar results

Farbar Service Scanner Version: 16-04-2012
Ran by Andrea (administrator) on 20-04-2012 at 21:55:16
Running from "F:\Bleeping_Recommends\Morgans_infection"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error: Google IP is unreachable
Attempt to access Yahoo IP returend error: Yahoo IP is unreachable


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(10) NwlnkIpx(8) NwlnkNb(9) PSched(7) Tcpip(4)
0x09000000050000000100000002000000030000000400000006000000070000000800000009000000
IpSec Tag value is correct.

**** End of log ****

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:13 AM

Posted 21 April 2012 - 07:11 AM

Make sure, your settings are correct.
1. Go Start>Settings>Control Panel (Vista/7 users: Start>Control Panel)
2. Double click Network Connections (Vista/7 users: Network and Sharing Center)
3. Vista/7 users - From the list of tasks on the left, click Manage network connections.
4. For a wired network connection, right-click Local Area Connection, and then select Properties.
For a wireless network connection, right-click Wireless Network Connection, and then select Properties.
5. From the General tab (Vista/7 users: Networking tab), click Internet Protocol version 4 (TCP/IPv4), make sure it is checked, and then click Properties
6. Make sure Obtain an IP Address Automatically and Obtain DNS server address Automatically are checked.
7. Click on "Advanced" button and make sure "IP Settings" tab looks like this:
Posted Image
Make sure "DNS" tab looks like this:
Posted Image
Make sure "WINS" tab looks like this:
Posted Image
8. Still in Control Panel double click on "Internet options" then "Connections" tab then "LAN Settings" button. Make sure "Automatically detect settings" is checked.
If you made any changes OK your way out.
Restart computer.

------------------------------------------------

If that doesn't work...
Turn off computer. Disconnect router, and modem from power source for 1 minute. At the same time disconnect ethernet cable as well.
Reconnect everything.
Restart computer.

------------------------------------------

If that doesn't work, bypass router, and connect computer straight to the modem.

---------------------------------------------

If that doesn't work...
Go Start>Run (Start search in Vista), type in:
cmd
Click OK (in Vista and 7, while holding CTRL, and SHIFT, press Enter).

In Command Prompt window, type in following commands, and hit Enter after each one:
ipconfig /flushdns
ipconfig /registerdns
ipconfig /release
ipconfig /renew
net stop "dns client"
net start "dns client"


Restart computer.

-------------------------------------------------------

If that doesn't work...
Go Start>Run (Start search in Vista and 7), type in:
cmd
Click OK (in Vista, while holding CTRL, and SHIFT, press Enter).

At Command Prompt, type in:
netsh int ip reset reset.log
Hit Enter.
Type in:
netsh winsock reset catalog
Hit Enter.

Restart computer.


----------------------------------------



If that doesn't work...
Download, install, and run WinSockFix: http://www.softpedia.com/get/Tweak/Network-Tweak/WinSockFix.shtml (doesn't work in Vista and 7)
Restart computer, and check again.


-------------------------------------------------------------

If that doesn't work...
Download Dial-A-Fix (DAF) (doesn't work in Vista and 7):
http://wiki.lunarsoft.net/wiki/Dial-a-fix#Mirrors.2Fdownload_locations.2C_and_articles

Have XP CD available in case DAF needs a file. Likely not!

Check all boxes on the screen (clear any restrictions if it shows any)
Then click GO!

When the entire page is finished click the HammerHead at bottom to go to the second DAF page.

Here, one at a time, do the below:

Reinstall BITS
Reinstall Windows Firewall
Repair Permissions
Reset networking

Watch for any File not found or other errors and make note as this may lead to the fix!

Restart computer.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 dmkc1207

dmkc1207
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:13 AM

Posted 21 April 2012 - 08:59 AM

Gringo..thanks so much!...I am back on the internet...the only change I made from previous post was in step #8 Control Panel/Internet Options "automatically detect settings" was unchecked..I rebooted, and was back on 'net, the rest of the steps were not required...My only concern thru the whole process (before logging my troubles here as well) is that each time I have run combofix it has notified me that there is a rootkit...I ran combofix numerous times before posting my problem to the forum both in safe/normal modes and have not been able to shake this flag..Do I need additional steps to determine if, even though I now have internet activity, the rootkit problem has truly been eliminated?..This is my daughters rig and while I personally use Nod32, she has MS Security Essentials installed on her machine..Now that I am back on the internet I thought I should "re-enable" real time protection and this software is showing (2) "exploit:Java/CVE-2012-0507" "severe" threats..I'll hold off doing anything else until I hear from you...thanks again!

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:13 AM

Posted 21 April 2012 - 01:28 PM

Greetings

.I have seen a couple of cases where no mater what we do combofix still reports this, I have even talked to the person that makes combofix and he don't know why it keeps doing it - but I will check a few things to make sure it has been removed before I let you go




I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 dmkc1207

dmkc1207
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:13 AM

Posted 22 April 2012 - 07:58 AM

thanks Gringo....results of scans


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-22 08:17:38
-----------------------------
08:17:38.569 OS Version: Windows 5.1.2600 Service Pack 3
08:17:38.569 Number of processors: 1 586 0x401
08:17:38.569 ComputerName: ANDREA-OFFICE UserName: Andrea
08:17:39.444 Initialize success
08:19:40.304 AVAST engine defs: 12042200
08:20:49.257 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17
08:20:49.257 Disk 0 Vendor: WDC_WD5000AADS-00S9B0 01.00A01 Size: 476940MB BusType: 3
08:20:49.726 Disk 0 MBR read successfully
08:20:49.726 Disk 0 MBR scan
08:20:49.788 Disk 0 Windows XP default MBR code
08:20:49.788 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476929 MB offset 63
08:20:49.788 Disk 0 scanning sectors +976752000
08:20:49.897 Disk 0 scanning C:\WINDOWS\system32\drivers
08:21:00.819 Service scanning
08:21:09.601 Service MpKsl60598316 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E407102C-A36F-492F-8C6D-F3226999B917}\MpKsl60598316.sys **LOCKED** 32
08:21:19.444 Modules scanning
08:21:23.397 Disk 0 trace - called modules:
08:21:23.429 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys PCIIDEX.SYS
08:21:23.851 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8677bab8]
08:21:23.851 3 CLASSPNP.SYS[f7652fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-17[0x8677ab00]
08:21:24.944 AVAST engine scan C:\WINDOWS
08:21:32.194 AVAST engine scan C:\WINDOWS\system32
08:24:21.304 AVAST engine scan C:\WINDOWS\system32\drivers
08:24:44.507 AVAST engine scan C:\Documents and Settings\Andrea
08:30:14.226 AVAST engine scan C:\Documents and Settings\All Users
08:30:46.804 Scan finished successfully
08:38:33.741 Disk 0 MBR has been saved successfully to "F:\Bleeping_Recommends\Morgans_infection\morgan_results\MBR.dat"
08:38:34.397 The log file has been saved successfully to "F:\Bleeping_Recommends\Morgans_infection\morgan_results\aswMBR.txt"


08:15:58.0397 0164 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
08:15:58.0757 0164 ============================================================
08:15:58.0757 0164 Current date / time: 2012/04/22 08:15:58.0757
08:15:58.0757 0164 SystemInfo:
08:15:58.0757 0164
08:15:58.0757 0164 OS Version: 5.1.2600 ServicePack: 3.0
08:15:58.0757 0164 Product type: Workstation
08:15:58.0757 0164 ComputerName: ANDREA-OFFICE
08:15:58.0757 0164 UserName: Andrea
08:15:58.0757 0164 Windows directory: C:\WINDOWS
08:15:58.0757 0164 System windows directory: C:\WINDOWS
08:15:58.0757 0164 Processor architecture: Intel x86
08:15:58.0757 0164 Number of processors: 1
08:15:58.0757 0164 Page size: 0x1000
08:15:58.0757 0164 Boot type: Normal boot
08:15:58.0757 0164 ============================================================
08:16:00.0835 0164 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
08:16:01.0085 0164 Drive \Device\Harddisk1\DR2 - Size: 0x7AF80000 (1.92 Gb), SectorSize: 0x200, Cylinders: 0xFA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:16:01.0085 0164 \Device\Harddisk0\DR0:
08:16:01.0085 0164 MBR partitions:
08:16:01.0085 0164 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
08:16:01.0085 0164 \Device\Harddisk1\DR2:
08:16:01.0085 0164 MBR partitions:
08:16:01.0085 0164 \Device\Harddisk1\DR2\Partition0: MBR, Type 0xE, StartLBA 0x20, BlocksNum 0x3D7BE0
08:16:01.0116 0164 C: <-> \Device\Harddisk0\DR0\Partition0
08:16:01.0116 0164 Initialize success
08:16:01.0116 0164 ============================================================
08:16:04.0147 1512 ============================================================
08:16:04.0147 1512 Scan started
08:16:04.0147 1512 Mode: Manual;
08:16:04.0147 1512 ============================================================
08:16:04.0991 1512 3comtftp - ok
08:16:05.0007 1512 Abiosdsk - ok
08:16:05.0022 1512 abp480n5 - ok
08:16:05.0038 1512 aclient - ok
08:16:05.0101 1512 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:16:05.0101 1512 ACPI - ok
08:16:05.0147 1512 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
08:16:05.0147 1512 ACPIEC - ok
08:16:05.0163 1512 actser - ok
08:16:05.0179 1512 adminserver - ok
08:16:05.0194 1512 adpu160m - ok
08:16:05.0226 1512 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
08:16:05.0226 1512 aeaudio - ok
08:16:05.0272 1512 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
08:16:05.0272 1512 aec - ok
08:16:05.0538 1512 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
08:16:05.0538 1512 AFD - ok
08:16:05.0554 1512 AFGSp50 - ok
08:16:05.0569 1512 Aha154x - ok
08:16:05.0585 1512 aic78u2 - ok
08:16:05.0601 1512 aic78xx - ok
08:16:05.0616 1512 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
08:16:05.0616 1512 Alerter - ok
08:16:05.0663 1512 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
08:16:05.0663 1512 ALG - ok
08:16:05.0679 1512 AliIde - ok
08:16:05.0694 1512 amsint - ok
08:16:05.0726 1512 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
08:16:05.0726 1512 AppMgmt - ok
08:16:05.0741 1512 artdhcp - ok
08:16:05.0804 1512 ASA License (AMANO) - ok
08:16:05.0835 1512 asc - ok
08:16:05.0835 1512 asc3350p - ok
08:16:05.0851 1512 asc3550 - ok
08:16:05.0866 1512 aswtdi - ok
08:16:05.0913 1512 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:16:05.0913 1512 AsyncMac - ok
08:16:05.0929 1512 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
08:16:05.0929 1512 atapi - ok
08:16:05.0944 1512 Atdisk - ok
08:16:06.0007 1512 Ati HotKey Poller (9826fac46f5839f3c99a8845b41c8539) C:\WINDOWS\system32\Ati2evxx.exe
08:16:06.0007 1512 Ati HotKey Poller - ok
08:16:06.0022 1512 ati2mpaa - ok
08:16:06.0069 1512 ati2mtag (c82240ce60a9326e52282f62ba923f27) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
08:16:06.0085 1512 ati2mtag - ok
08:16:06.0116 1512 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:16:06.0116 1512 Atmarpc - ok
08:16:06.0132 1512 ATSWPDRV - ok
08:16:06.0163 1512 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
08:16:06.0163 1512 AudioSrv - ok
08:16:06.0210 1512 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
08:16:06.0210 1512 audstub - ok
08:16:06.0210 1512 AutoProcess (TG) - ok
08:16:06.0226 1512 AVCamUSB20 - ok
08:16:06.0241 1512 avg7rsxp - ok
08:16:06.0257 1512 axinstsv - ok
08:16:06.0288 1512 b57w2k (3a3a82ffd268bcfb7ae6a48cecf00ad9) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
08:16:06.0335 1512 b57w2k - ok
08:16:06.0351 1512 backupexecagentaccelerator - ok
08:16:06.0366 1512 bcserver - ok
08:16:06.0382 1512 bdrsdrv - ok
08:16:06.0429 1512 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
08:16:06.0429 1512 Beep - ok
08:16:06.0460 1512 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
08:16:06.0476 1512 BITS - ok
08:16:06.0491 1512 bltrust - ok
08:16:06.0585 1512 bmuservice - ok
08:16:06.0601 1512 bmwebcfg - ok
08:16:06.0632 1512 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
08:16:06.0632 1512 Browser - ok
08:16:06.0647 1512 bwcsrv - ok
08:16:06.0663 1512 catchme - ok
08:16:06.0694 1512 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
08:16:06.0694 1512 cbidf2k - ok
08:16:06.0710 1512 ccispwdsvc - ok
08:16:06.0710 1512 cd20xrnt - ok
08:16:06.0757 1512 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
08:16:06.0757 1512 Cdaudio - ok
08:16:06.0788 1512 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
08:16:06.0788 1512 Cdfs - ok
08:16:06.0804 1512 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:16:06.0835 1512 Cdrom - ok
08:16:06.0851 1512 cerc6 - ok
08:16:06.0866 1512 cfosspeed - ok
08:16:06.0882 1512 Changer - ok
08:16:06.0913 1512 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
08:16:06.0913 1512 CiSvc - ok
08:16:06.0944 1512 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
08:16:06.0944 1512 ClipSrv - ok
08:16:06.0960 1512 clr_optimization_v2.0.50215_32 - ok
08:16:06.0960 1512 CmdIde - ok
08:16:06.0976 1512 cnxtdiag - ok
08:16:06.0991 1512 COMSysApp - ok
08:16:07.0007 1512 Cpqarray - ok
08:16:07.0038 1512 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
08:16:07.0054 1512 CryptSvc - ok
08:16:07.0054 1512 cvspydr2 - ok
08:16:07.0069 1512 dac2w2k - ok
08:16:07.0085 1512 dac960nt - ok
08:16:07.0101 1512 db2 - ok
08:16:07.0116 1512 dbmang - ok
08:16:07.0179 1512 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
08:16:07.0179 1512 DcomLaunch - ok
08:16:07.0194 1512 delldmi - ok
08:16:07.0210 1512 DgiVecp - ok
08:16:07.0226 1512 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
08:16:07.0226 1512 Dhcp - ok
08:16:07.0241 1512 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
08:16:07.0257 1512 Disk - ok
08:16:07.0257 1512 DivisCTP - ok
08:16:07.0272 1512 dlapoolm - ok
08:16:07.0288 1512 dmadmin - ok
08:16:07.0335 1512 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
08:16:07.0351 1512 dmboot - ok
08:16:07.0366 1512 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
08:16:07.0366 1512 dmio - ok
08:16:07.0413 1512 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
08:16:07.0413 1512 dmload - ok
08:16:07.0429 1512 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
08:16:07.0429 1512 dmserver - ok
08:16:07.0476 1512 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
08:16:07.0476 1512 DMusic - ok
08:16:07.0522 1512 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
08:16:07.0522 1512 Dnscache - ok
08:16:07.0554 1512 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
08:16:07.0554 1512 Dot3svc - ok
08:16:07.0601 1512 dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys
08:16:07.0601 1512 dot4 - ok
08:16:07.0632 1512 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
08:16:07.0632 1512 Dot4Print - ok
08:16:07.0647 1512 dot4usb (6ec3af6bb5b30e488a0c559921f012e1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys
08:16:07.0647 1512 dot4usb - ok
08:16:07.0663 1512 dpti2o - ok
08:16:07.0679 1512 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
08:16:07.0679 1512 drmkaud - ok
08:16:07.0710 1512 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
08:16:07.0710 1512 EapHost - ok
08:16:07.0726 1512 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
08:16:07.0726 1512 ERSvc - ok
08:16:07.0788 1512 Escalation Server (TG) - ok
08:16:07.0835 1512 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
08:16:07.0851 1512 Eventlog - ok
08:16:07.0866 1512 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
08:16:07.0882 1512 EventSystem - ok
08:16:07.0929 1512 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
08:16:07.0929 1512 Fastfat - ok
08:16:07.0960 1512 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
08:16:07.0960 1512 FastUserSwitchingCompatibility - ok
08:16:07.0976 1512 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
08:16:07.0976 1512 Fdc - ok
08:16:08.0007 1512 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
08:16:08.0007 1512 Fips - ok
08:16:08.0132 1512 FirebirdGuardianDefaultInstance (fc459741ca02225a2a332b197e5e6780) C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
08:16:08.0132 1512 FirebirdGuardianDefaultInstance - ok
08:16:08.0210 1512 FirebirdServerDefaultInstance (68d0d88f99b4723a2b2b5b8593bb6e13) C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
08:16:08.0272 1512 FirebirdServerDefaultInstance - ok
08:16:08.0288 1512 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
08:16:08.0288 1512 Flpydisk - ok
08:16:08.0335 1512 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
08:16:08.0335 1512 FltMgr - ok
08:16:08.0351 1512 Freedom - ok
08:16:08.0366 1512 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:16:08.0366 1512 Fs_Rec - ok
08:16:08.0413 1512 FTDIBUS (7c17235845d5ae3fb33ead47b5881521) C:\WINDOWS\system32\drivers\ftdibus.sys
08:16:08.0413 1512 FTDIBUS - ok
08:16:08.0460 1512 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:16:08.0460 1512 Ftdisk - ok
08:16:08.0476 1512 FTSER2K (23220a4709cc5785f9633ba71416145c) C:\WINDOWS\system32\drivers\ftser2k.sys
08:16:08.0476 1512 FTSER2K - ok
08:16:08.0476 1512 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:16:08.0491 1512 Gpc - ok
08:16:08.0585 1512 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
08:16:08.0585 1512 gupdate - ok
08:16:08.0601 1512 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
08:16:08.0601 1512 gupdatem - ok
08:16:08.0616 1512 hcwPVRP2 - ok
08:16:08.0663 1512 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
08:16:08.0663 1512 helpsvc - ok
08:16:08.0710 1512 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
08:16:08.0710 1512 HidServ - ok
08:16:08.0757 1512 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:16:08.0757 1512 hidusb - ok
08:16:08.0804 1512 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
08:16:08.0804 1512 hkmsvc - ok
08:16:08.0819 1512 hpn - ok
08:16:08.0835 1512 hpzius12 - ok
08:16:08.0882 1512 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
08:16:08.0882 1512 HTTP - ok
08:16:08.0929 1512 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
08:16:08.0944 1512 HTTPFilter - ok
08:16:08.0944 1512 HWSCtrl - ok
08:16:08.0960 1512 i2omgmt - ok
08:16:08.0976 1512 i2omp - ok
08:16:09.0007 1512 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
08:16:09.0007 1512 i8042prt - ok
08:16:09.0022 1512 iaantmon - ok
08:16:09.0038 1512 iaimtv2 - ok
08:16:09.0101 1512 ialm (0acebb31989cbf9a5663fe4a33d28d21) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
08:16:09.0116 1512 ialm - ok
08:16:09.0132 1512 idebusdr - ok
08:16:09.0272 1512 IJPLMSVC (ad5df6f4fbbc798636edc66bfec7d0de) C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
08:16:09.0272 1512 IJPLMSVC - ok
08:16:09.0304 1512 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
08:16:09.0304 1512 Imapi - ok
08:16:09.0319 1512 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
08:16:09.0335 1512 ImapiService - ok
08:16:09.0351 1512 ini910u - ok
08:16:09.0397 1512 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
08:16:09.0397 1512 IntelIde - ok
08:16:09.0413 1512 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
08:16:09.0413 1512 intelppm - ok
08:16:09.0444 1512 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
08:16:09.0444 1512 Ip6Fw - ok
08:16:09.0491 1512 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:16:09.0491 1512 IpFilterDriver - ok
08:16:09.0507 1512 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:16:09.0507 1512 IpInIp - ok
08:16:09.0538 1512 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:16:09.0554 1512 IpNat - ok
08:16:09.0601 1512 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:16:09.0679 1512 IPSec - ok
08:16:09.0710 1512 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
08:16:09.0726 1512 IRENUM - ok
08:16:09.0772 1512 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:16:09.0772 1512 isapnp - ok
08:16:09.0882 1512 JavaQuickStarterService (9dba73c2f1e76ec4cb837e67c5743596) C:\Program Files\Java\jre6\bin\jqs.exe
08:16:09.0882 1512 JavaQuickStarterService - ok
08:16:09.0897 1512 jobserver_report - ok
08:16:09.0913 1512 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:16:09.0913 1512 Kbdclass - ok
08:16:09.0944 1512 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
08:16:09.0960 1512 kbdhid - ok
08:16:10.0007 1512 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
08:16:10.0007 1512 kmixer - ok
08:16:10.0038 1512 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
08:16:10.0038 1512 KSecDD - ok
08:16:10.0054 1512 kservice - ok
08:16:10.0101 1512 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
08:16:10.0101 1512 LanmanServer - ok
08:16:10.0147 1512 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
08:16:10.0147 1512 lanmanworkstation - ok
08:16:10.0163 1512 lbrtfdc - ok
08:16:10.0226 1512 LHidKe (31b582394da3290dff300f10952e9a4d) C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
08:16:10.0226 1512 LHidKe - ok
08:16:10.0272 1512 LHidUsbK (cbd1c6bff70e170cec6e1502e7fcfef6) C:\WINDOWS\system32\Drivers\LHidUsbK.Sys
08:16:10.0304 1512 LHidUsbK - ok
08:16:10.0351 1512 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
08:16:10.0351 1512 LmHosts - ok
08:16:10.0366 1512 LMouKE (90a794d0a0bf3531c4ba1c0510449629) C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
08:16:10.0366 1512 LMouKE - ok
08:16:10.0382 1512 LRMINIPORT - ok
08:16:10.0397 1512 LUsbKbd (3e37ee4caa364ff33faea085c959ed90) C:\WINDOWS\system32\Drivers\LUsbKbd.Sys
08:16:10.0413 1512 LUsbKbd - ok
08:16:10.0429 1512 lvmvdrv - ok
08:16:10.0444 1512 lxbs_device - ok
08:16:10.0460 1512 MASPINT - ok
08:16:10.0460 1512 mcredirector - ok
08:16:10.0476 1512 mcshield - ok
08:16:10.0507 1512 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
08:16:10.0507 1512 Messenger - ok
08:16:10.0632 1512 MFE_RR - ok
08:16:10.0647 1512 mi-raysat_3dsmax8 - ok
08:16:10.0710 1512 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
08:16:10.0710 1512 mnmdd - ok
08:16:10.0757 1512 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
08:16:10.0757 1512 mnmsrvc - ok
08:16:10.0772 1512 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
08:16:10.0772 1512 Modem - ok
08:16:10.0819 1512 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:16:10.0819 1512 Mouclass - ok
08:16:10.0835 1512 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:16:10.0835 1512 mouhid - ok
08:16:10.0882 1512 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
08:16:10.0882 1512 MountMgr - ok
08:16:10.0897 1512 mozyFilter - ok
08:16:10.0929 1512 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
08:16:10.0944 1512 MpFilter - ok
08:16:11.0085 1512 MpKsl60598316 (a69630d039c38018689190234f866d77) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E407102C-A36F-492F-8C6D-F3226999B917}\MpKsl60598316.sys
08:16:11.0085 1512 MpKsl60598316 - ok
08:16:11.0101 1512 mraid35x - ok
08:16:11.0116 1512 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:16:11.0116 1512 MRxDAV - ok
08:16:11.0147 1512 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:16:11.0163 1512 MRxSmb - ok
08:16:11.0210 1512 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
08:16:11.0210 1512 MSDTC - ok
08:16:11.0226 1512 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
08:16:11.0226 1512 Msfs - ok
08:16:11.0241 1512 MSICPL - ok
08:16:11.0257 1512 MSIServer - ok
08:16:11.0288 1512 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:16:11.0288 1512 MSKSSRV - ok
08:16:11.0366 1512 MsMpSvc (cfce43b70ca0cc4dcc8adb62b792b173) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
08:16:11.0366 1512 MsMpSvc - ok
08:16:11.0413 1512 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:16:11.0413 1512 MSPCLOCK - ok
08:16:11.0429 1512 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
08:16:11.0444 1512 MSPQM - ok
08:16:11.0491 1512 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:16:11.0491 1512 mssmbios - ok
08:16:11.0507 1512 MSSQL$MSSMLBIZ - ok
08:16:11.0522 1512 mssql$sqlexpress - ok
08:16:11.0569 1512 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
08:16:11.0569 1512 Mup - ok
08:16:11.0585 1512 Mvc25U870_VID_1262&PID_25FD - ok
08:16:11.0601 1512 mwagent - ok
08:16:11.0601 1512 mwspollserver - ok
08:16:11.0616 1512 mysql - ok
08:16:11.0663 1512 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
08:16:11.0679 1512 napagent - ok
08:16:11.0694 1512 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
08:16:11.0694 1512 NDIS - ok
08:16:11.0726 1512 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:16:11.0741 1512 NdisTapi - ok
08:16:11.0788 1512 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:16:11.0788 1512 Ndisuio - ok
08:16:11.0804 1512 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:16:11.0804 1512 NdisWan - ok
08:16:11.0851 1512 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
08:16:11.0851 1512 NDProxy - ok
08:16:11.0851 1512 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
08:16:11.0851 1512 NetBIOS - ok
08:16:11.0882 1512 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\drivers\netbt.sys
08:16:11.0913 1512 NetBT - ok
08:16:11.0944 1512 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
08:16:11.0944 1512 NetDDE - ok
08:16:11.0944 1512 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
08:16:11.0960 1512 NetDDEdsdm - ok
08:16:11.0991 1512 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
08:16:11.0991 1512 Netlogon - ok
08:16:12.0022 1512 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
08:16:12.0022 1512 Netman - ok
08:16:12.0038 1512 networkx - ok
08:16:12.0101 1512 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
08:16:12.0101 1512 Nla - ok
08:16:12.0116 1512 nmindexingservice - ok
08:16:12.0132 1512 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
08:16:12.0132 1512 Npfs - ok
08:16:12.0163 1512 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
08:16:12.0163 1512 Ntfs - ok
08:16:12.0179 1512 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
08:16:12.0179 1512 NtLmSsp - ok
08:16:12.0226 1512 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
08:16:12.0226 1512 NtmsSvc - ok
08:16:12.0272 1512 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
08:16:12.0272 1512 Null - ok
08:16:12.0288 1512 nvport - ok
08:16:12.0351 1512 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:16:12.0351 1512 NwlnkFlt - ok
08:16:12.0366 1512 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:16:12.0366 1512 NwlnkFwd - ok
08:16:12.0413 1512 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
08:16:12.0413 1512 NwlnkIpx - ok
08:16:12.0429 1512 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
08:16:12.0429 1512 NwlnkNb - ok
08:16:12.0460 1512 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
08:16:12.0460 1512 NwlnkSpx - ok
08:16:12.0491 1512 NwSapAgent (4b83fcbbe72af5f99d109798653e8b78) C:\WINDOWS\System32\ipxsap.dll
08:16:12.0491 1512 NwSapAgent - ok
08:16:12.0507 1512 oracleorahomepagingserver - ok
08:16:12.0601 1512 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:16:12.0601 1512 ose - ok
08:16:12.0647 1512 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
08:16:12.0647 1512 Parport - ok
08:16:12.0679 1512 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
08:16:12.0679 1512 PartMgr - ok
08:16:12.0741 1512 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
08:16:12.0741 1512 ParVdm - ok
08:16:12.0757 1512 PBADRV - ok
08:16:12.0772 1512 Pcatip - ok
08:16:12.0804 1512 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
08:16:12.0804 1512 PCI - ok
08:16:12.0819 1512 PCIDump - ok
08:16:12.0851 1512 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\drivers\PCIIde.sys
08:16:12.0851 1512 PCIIde - ok
08:16:12.0882 1512 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
08:16:12.0882 1512 Pcmcia - ok
08:16:12.0897 1512 pctfw1 - ok
08:16:12.0913 1512 PDCOMP - ok
08:16:12.0929 1512 PDFRAME - ok
08:16:12.0944 1512 PDRELI - ok
08:16:12.0960 1512 PDRFRAME - ok
08:16:12.0976 1512 perc2 - ok
08:16:12.0991 1512 perc2hib - ok
08:16:13.0007 1512 pimsgss - ok
08:16:13.0054 1512 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
08:16:13.0069 1512 PlugPlay - ok
08:16:13.0069 1512 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
08:16:13.0085 1512 PolicyAgent - ok
08:16:13.0101 1512 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:16:13.0101 1512 PptpMiniport - ok
08:16:13.0116 1512 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
08:16:13.0116 1512 ProtectedStorage - ok
08:16:13.0132 1512 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
08:16:13.0132 1512 PSched - ok
08:16:13.0147 1512 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:16:13.0163 1512 Ptilink - ok
08:16:13.0179 1512 ql1080 - ok
08:16:13.0179 1512 Ql10wnt - ok
08:16:13.0194 1512 ql12160 - ok
08:16:13.0210 1512 ql1240 - ok
08:16:13.0226 1512 ql1280 - ok
08:16:13.0257 1512 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:16:13.0257 1512 RasAcd - ok
08:16:13.0304 1512 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
08:16:13.0304 1512 RasAuto - ok
08:16:13.0319 1512 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:16:13.0319 1512 Rasl2tp - ok
08:16:13.0351 1512 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
08:16:13.0366 1512 RasMan - ok
08:16:13.0382 1512 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:16:13.0382 1512 RasPppoe - ok
08:16:13.0397 1512 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
08:16:13.0397 1512 Raspti - ok
08:16:13.0444 1512 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:16:13.0444 1512 Rdbss - ok
08:16:13.0460 1512 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:16:13.0476 1512 RDPCDD - ok
08:16:13.0522 1512 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
08:16:13.0538 1512 rdpdr - ok
08:16:13.0585 1512 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
08:16:13.0601 1512 RDPWD - ok
08:16:13.0616 1512 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
08:16:13.0616 1512 RDSessMgr - ok
08:16:13.0647 1512 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
08:16:13.0679 1512 redbook - ok
08:16:13.0741 1512 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
08:16:13.0741 1512 RemoteAccess - ok
08:16:13.0788 1512 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
08:16:13.0804 1512 RemoteRegistry - ok
08:16:13.0804 1512 RioS30 - ok
08:16:13.0819 1512 rmedia - ok
08:16:13.0835 1512 roxwatch9 - ok
08:16:13.0882 1512 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
08:16:13.0882 1512 RpcLocator - ok
08:16:13.0913 1512 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
08:16:13.0929 1512 RpcSs - ok
08:16:13.0944 1512 RR2IOMod - ok
08:16:14.0007 1512 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
08:16:14.0007 1512 RSVP - ok
08:16:14.0022 1512 rupsmon - ok
08:16:14.0022 1512 s117mdm - ok
08:16:14.0038 1512 s3twistr - ok
08:16:14.0054 1512 s616mdm - ok
08:16:14.0101 1512 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
08:16:14.0101 1512 SamSs - ok
08:16:14.0163 1512 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
08:16:14.0163 1512 SCardSvr - ok
08:16:14.0210 1512 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
08:16:14.0226 1512 Schedule - ok
08:16:14.0257 1512 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:16:14.0257 1512 Secdrv - ok
08:16:14.0304 1512 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
08:16:14.0304 1512 seclogon - ok
08:16:14.0319 1512 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
08:16:14.0335 1512 SENS - ok
08:16:14.0366 1512 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
08:16:14.0366 1512 serenum - ok
08:16:14.0382 1512 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
08:16:14.0460 1512 Serial - ok
08:16:14.0476 1512 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
08:16:14.0491 1512 Sfloppy - ok
08:16:14.0491 1512 sgeclient - ok
08:16:14.0522 1512 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
08:16:14.0522 1512 SharedAccess - ok
08:16:14.0585 1512 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
08:16:14.0585 1512 ShellHWDetection - ok
08:16:14.0601 1512 Simbad - ok
08:16:14.0616 1512 sis315 - ok
08:16:14.0632 1512 smbios - ok
08:16:14.0647 1512 SMCB000 - ok
08:16:14.0710 1512 smwdm (4aa922332433cdeb8b82c072c212e32e) C:\WINDOWS\system32\drivers\smwdm.sys
08:16:14.0710 1512 smwdm - ok
08:16:14.0772 1512 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
08:16:14.0772 1512 SONYPVU1 - ok
08:16:14.0772 1512 Sparrow - ok
08:16:14.0804 1512 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
08:16:14.0804 1512 splitter - ok
08:16:14.0866 1512 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
08:16:14.0866 1512 Spooler - ok
08:16:14.0929 1512 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
08:16:14.0929 1512 sr - ok
08:16:14.0944 1512 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
08:16:14.0960 1512 srservice - ok
08:16:14.0976 1512 srtspx - ok
08:16:15.0007 1512 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
08:16:15.0007 1512 Srv - ok
08:16:15.0022 1512 SrvcEPIOMngr - ok
08:16:15.0038 1512 sscdserd - ok
08:16:15.0069 1512 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
08:16:15.0085 1512 SSDPSRV - ok
08:16:15.0085 1512 ssrvc - ok
08:16:15.0116 1512 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
08:16:15.0116 1512 stisvc - ok
08:16:15.0132 1512 stunnel - ok
08:16:15.0147 1512 svcwmu - ok
08:16:15.0194 1512 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
08:16:15.0194 1512 swenum - ok
08:16:15.0241 1512 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
08:16:15.0241 1512 swmidi - ok
08:16:15.0241 1512 SwPrv - ok
08:16:15.0257 1512 symc810 - ok
08:16:15.0272 1512 symc8xx - ok
08:16:15.0288 1512 symids - ok
08:16:15.0304 1512 sym_hi - ok
08:16:15.0319 1512 sym_u3 - ok
08:16:15.0351 1512 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
08:16:15.0351 1512 sysaudio - ok
08:16:15.0397 1512 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
08:16:15.0397 1512 SysmonLog - ok
08:16:15.0413 1512 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
08:16:15.0413 1512 TapiSrv - ok
08:16:15.0460 1512 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:16:15.0476 1512 Tcpip - ok
08:16:15.0491 1512 tdcmdpst - ok
08:16:15.0538 1512 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
08:16:15.0538 1512 TDPIPE - ok
08:16:15.0616 1512 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
08:16:15.0632 1512 TDTCP - ok
08:16:15.0679 1512 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
08:16:15.0679 1512 TermDD - ok
08:16:15.0726 1512 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
08:16:15.0741 1512 TermService - ok
08:16:15.0804 1512 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
08:16:15.0804 1512 Themes - ok
08:16:15.0835 1512 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
08:16:15.0835 1512 TlntSvr - ok
08:16:15.0929 1512 Tomcat6 - ok
08:16:15.0944 1512 TosIde - ok
08:16:15.0991 1512 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
08:16:15.0991 1512 TrkWks - ok
08:16:16.0038 1512 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
08:16:16.0038 1512 Udfs - ok
08:16:16.0054 1512 ultra - ok
08:16:16.0101 1512 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
08:16:16.0116 1512 Update - ok
08:16:16.0147 1512 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
08:16:16.0147 1512 upnphost - ok
08:16:16.0179 1512 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
08:16:16.0179 1512 UPS - ok
08:16:16.0194 1512 upsentry_smart - ok
08:16:16.0210 1512 USBCamera - ok
08:16:16.0257 1512 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
08:16:16.0257 1512 usbccgp - ok
08:16:16.0319 1512 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:16:16.0319 1512 usbehci - ok
08:16:16.0366 1512 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:16:16.0366 1512 usbhub - ok
08:16:16.0366 1512 USBModem - ok
08:16:16.0413 1512 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
08:16:16.0444 1512 usbprint - ok
08:16:16.0491 1512 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:16:16.0491 1512 usbscan - ok
08:16:16.0522 1512 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:16:16.0522 1512 USBSTOR - ok
08:16:16.0569 1512 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
08:16:16.0569 1512 usbuhci - ok
08:16:16.0585 1512 vcommmgr - ok
08:16:16.0601 1512 venturi2 - ok
08:16:16.0632 1512 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
08:16:16.0632 1512 VgaSave - ok
08:16:16.0647 1512 ViaIde - ok
08:16:16.0679 1512 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
08:16:16.0679 1512 VolSnap - ok
08:16:16.0726 1512 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
08:16:16.0741 1512 VSS - ok
08:16:16.0757 1512 vxsvc - ok
08:16:16.0772 1512 w22n51 - ok
08:16:16.0804 1512 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
08:16:16.0804 1512 W32Time - ok
08:16:16.0819 1512 wacomvhid - ok
08:16:16.0851 1512 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:16:16.0851 1512 Wanarp - ok
08:16:16.0866 1512 wanatw - ok
08:16:16.0913 1512 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
08:16:16.0913 1512 WDC_SAM - ok
08:16:16.0929 1512 WDICA - ok
08:16:16.0976 1512 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
08:16:16.0976 1512 wdmaud - ok
08:16:16.0991 1512 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
08:16:16.0991 1512 WebClient - ok
08:16:17.0022 1512 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
08:16:17.0022 1512 winmgmt - ok
08:16:17.0054 1512 wlluc48 - ok
08:16:17.0085 1512 WmdmPmSN (c7e39ea41233e9f5b86c8da3a9f1e4a8) C:\WINDOWS\system32\mspmsnsv.dll
08:16:17.0085 1512 WmdmPmSN - ok
08:16:17.0132 1512 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
08:16:17.0147 1512 Wmi - ok
08:16:17.0194 1512 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
08:16:17.0194 1512 WmiApSrv - ok
08:16:17.0210 1512 wmp54gv4svc - ok
08:16:17.0241 1512 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
08:16:17.0241 1512 WS2IFSL - ok
08:16:17.0257 1512 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
08:16:17.0257 1512 wscsvc - ok
08:16:17.0272 1512 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
08:16:17.0272 1512 wuauserv - ok
08:16:17.0288 1512 WUSB54GPV4SRV - ok
08:16:17.0335 1512 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
08:16:17.0335 1512 WZCSVC - ok
08:16:17.0382 1512 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
08:16:17.0382 1512 xmlprov - ok
08:16:17.0397 1512 ZDPSp50 - ok
08:16:17.0413 1512 zpjava - ok
08:16:17.0429 1512 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
08:16:17.0616 1512 \Device\Harddisk0\DR0 - ok
08:16:17.0616 1512 MBR (0x1B8) (65e858a8a0293be11a920b0bc99d695e) \Device\Harddisk1\DR2
08:16:18.0116 1512 \Device\Harddisk1\DR2 - ok
08:16:18.0132 1512 Boot (0x1200) (f49b0f3bc9744bd7a4079e9578472312) \Device\Harddisk0\DR0\Partition0
08:16:18.0132 1512 \Device\Harddisk0\DR0\Partition0 - ok
08:16:18.0132 1512 Boot (0x1200) (5ae60d3b7cb7bf7e4062e8285211a0b4) \Device\Harddisk1\DR2\Partition0
08:16:18.0147 1512 \Device\Harddisk1\DR2\Partition0 - ok
08:16:18.0147 1512 ============================================================
08:16:18.0147 1512 Scan finished
08:16:18.0147 1512 ============================================================
08:16:18.0163 0452 Detected object count: 0
08:16:18.0163 0452 Actual detected object count: 0
08:17:16.0366 0208 Deinitialize success

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:13 AM

Posted 22 April 2012 - 08:55 AM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 dmkc1207

dmkc1207
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:13 AM

Posted 22 April 2012 - 01:04 PM

thnks gringo...computer SEEMS to be running fine, online w/no misdirects..Combofix still reports rootkit in tcp/ip stack and says to reboot but aside from that it would appear to be normal..I could reformat xp in my sleep but I really wanted to beat this bug!

ComboFix 12-04-19.01 - Andrea 04/22/2012 13:42:25.6.1 - x86
Running from: c:\documents and settings\Andrea\Desktop\ComboFix2.exe
Command switches used :: c:\documents and settings\Andrea\Desktop\cfscript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((( Files Created from 2012-03-22 to 2012-04-22 )))))))))))))))))))))))))))))))
.
.
2012-04-22 17:50 . 2012-04-22 17:50 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E407102C-A36F-492F-8C6D-F3226999B917}\offreg.dll
2012-04-22 06:14 . 2012-04-13 07:36 6734704 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E407102C-A36F-492F-8C6D-F3226999B917}\mpengine.dll
2012-04-21 13:38 . 2012-04-21 13:38 -------- d-----w- c:\program files\CCleaner
2012-04-21 13:33 . 2012-04-21 13:33 -------- d-----w- c:\documents and settings\Andrea\Local Settings\Application Data\Mozilla
2012-04-19 23:11 . 2008-04-14 09:42 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2012-04-19 23:11 . 2008-04-14 09:42 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll
2012-04-19 23:11 . 2001-08-18 02:36 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2012-04-19 23:11 . 2001-08-18 02:37 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2012-04-19 23:11 . 2001-08-18 02:37 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2012-04-19 23:11 . 2001-08-18 02:37 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2012-04-19 23:11 . 2001-08-17 16:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2012-04-19 23:11 . 2008-04-14 02:04 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys
2012-04-19 23:09 . 2001-08-17 16:13 19016 -c--a-w- c:\windows\system32\dllcache\w926nd.sys
2012-04-19 23:08 . 2008-04-14 02:05 32384 -c--a-w- c:\windows\system32\dllcache\usb101et.sys
2012-04-19 23:07 . 2001-08-17 18:56 315520 -c--a-w- c:\windows\system32\dllcache\trid3d.dll
2012-04-19 23:06 . 2001-08-17 18:07 32640 -c--a-w- c:\windows\system32\dllcache\symc8xx.sys
2012-04-19 23:05 . 2001-08-17 17:51 61824 -c--a-w- c:\windows\system32\dllcache\speed.sys
2012-04-19 23:04 . 2008-04-14 03:53 404990 -c--a-w- c:\windows\system32\dllcache\slntamr.sys
2012-04-19 23:03 . 2001-08-17 17:53 6912 -c--a-w- c:\windows\system32\dllcache\seaddsmc.sys
2012-04-19 23:02 . 2001-08-18 02:36 79872 -c--a-w- c:\windows\system32\dllcache\rwia430.dll
2012-04-19 23:01 . 2001-08-17 17:52 33152 -c--a-w- c:\windows\system32\dllcache\ql10wnt.sys
2012-04-19 23:00 . 2001-08-17 18:07 27296 -c--a-w- c:\windows\system32\dllcache\perc2.sys
2012-04-19 22:59 . 2008-04-14 04:16 61696 -c--a-w- c:\windows\system32\dllcache\ohci1394.sys
2012-04-19 22:58 . 2001-08-18 02:36 59104 -c--a-w- c:\windows\system32\dllcache\n9i128v2.dll
2012-04-19 22:57 . 2001-08-17 17:48 6016 -c--a-w- c:\windows\system32\dllcache\msfsio.sys
2012-04-19 22:56 . 2001-08-17 17:28 576746 -c--a-w- c:\windows\system32\dllcache\ltmdmntl.sys
2012-04-19 22:55 . 2001-08-17 16:12 45632 -c--a-w- c:\windows\system32\dllcache\ip5515.sys
2012-04-19 22:54 . 2001-08-17 16:12 100936 -c--a-w- c:\windows\system32\dllcache\ibmtok.sys
2012-04-19 22:53 . 2001-08-18 02:36 13312 -c--a-w- c:\windows\system32\dllcache\hpsjmcro.dll
2012-04-19 22:52 . 2001-08-18 02:36 92160 -c--a-w- c:\windows\system32\dllcache\fuusd.dll
2012-04-19 22:51 . 2001-08-18 02:36 53248 -c--a-w- c:\windows\system32\dllcache\eqndiag.exe
2012-04-19 22:50 . 2001-08-17 16:13 91305 -c--a-w- c:\windows\system32\dllcache\dimaint.sys
2012-04-19 22:49 . 2008-04-14 04:06 10240 -c--a-w- c:\windows\system32\dllcache\compbatt.sys
2012-04-19 22:48 . 2001-08-18 02:36 102400 -c--a-w- c:\windows\system32\dllcache\binlsvc.dll
2012-04-19 22:47 . 2008-04-14 02:06 10880 -c--a-w- c:\windows\system32\dllcache\admjoy.sys
2012-04-19 17:53 . 2012-04-19 17:53 -------- d-----w- c:\documents and settings\Andrea\Application Data\Malwarebytes
2012-04-19 15:39 . 2008-04-13 23:00 162816 -c--a-w- c:\windows\system32\dllcache\netbt.sys
2012-04-19 15:39 . 2008-04-13 23:00 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
2012-04-19 14:16 . 2012-04-19 14:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-04-19 14:16 . 2012-04-04 19:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-19 14:16 . 2012-04-19 14:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-04-19 13:57 . 2012-04-19 17:29 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2012-04-19 13:18 . 2012-04-19 13:18 -------- d-----w- c:\windows\Downloaded Installations
2012-04-19 13:18 . 2012-04-19 13:18 -------- d-----w- c:\program files\Broadcom
2012-04-19 12:54 . 2012-04-19 12:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Hitman Pro
2012-04-17 14:20 . 2012-04-17 14:20 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
2012-04-12 22:36 . 2012-04-12 22:38 -------- d-----w- c:\documents and settings\Administrator
2012-04-11 11:00 . 2012-04-11 11:00 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple Computer
2012-04-11 03:22 . 2012-04-11 03:22 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
2012-04-10 19:52 . 2012-04-10 19:52 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-13 07:36 . 2011-12-01 22:39 6734704 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-03-01 11:01 . 2008-04-13 23:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 11:01 . 2008-04-13 23:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-03-01 11:01 . 2008-04-13 23:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2008-04-13 23:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2008-04-13 23:00 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2008-04-13 23:00 385024 ------w- c:\windows\system32\html.iec
2012-02-09 11:18 . 2012-02-09 11:18 83968 ----a-w- c:\windows\system32\MDNTFGPC.dll
2012-02-09 11:18 . 2012-02-09 11:18 43008 ----a-w- c:\windows\system32\RPFGPU.exe
2012-02-03 09:22 . 2008-04-13 23:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-01-31 12:44 . 2011-11-30 22:33 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-03-13 04:39 . 2012-04-21 13:33 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-04-20_12.02.02 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-04-22 17:48 . 2012-04-22 17:48 16384 c:\windows\temp\Perflib_Perfdata_734.dat
+ 2012-04-22 17:49 . 2012-04-22 17:49 16384 c:\windows\temp\Perflib_Perfdata_590.dat
+ 2011-03-26 01:02 . 2012-04-22 17:40 263824 c:\windows\system32\FNTCACHE.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-08-20 118784]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-05-20 28160]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-02 15:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-01-04 03:51 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-09-27 12:22 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2010-03-25 01:50 2516296 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
2010-04-02 15:18 1185112 ----a-w- c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-13 23:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
2006-01-06 19:07 188416 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2004-08-20 20:55 155648 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
2005-05-20 18:46 28160 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 10:42 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 19:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 16:59 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
.
R2 ASA License (AMANO);ASA License (AMANO);c:\timeguardian\bin\wrapper.exe -s c:\timeguardian\conf\wrapperasa.conf --> c:\timeguardian\bin\wrapper.exe -s c:\timeguardian\conf\wrapperasa.conf [?]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [3/30/2011 1:17 PM 81920]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [3/30/2011 1:17 PM 2732032]
S0 cerc6;cerc6; [x]
S2 AutoProcess (TG);AutoProcess (TG);c:\timeguardian\bin\wrapper.exe -s c:\timeguardian\conf\wrapperauto.conf --> c:\timeguardian\bin\wrapper.exe -s c:\timeguardian\conf\wrapperauto.conf [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5/5/2011 4:49 PM 136176]
S3 Escalation Server (TG);Escalation Server (TG);c:\timeguardian\bin\wrapper.exe -s c:\timeguardian\conf\wrapper.conf --> c:\timeguardian\bin\wrapper.exe -s c:\timeguardian\conf\wrapper.conf [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [5/5/2011 4:49 PM 136176]
S3 MFE_RR;MFE_RR;\??\c:\docume~1\Andrea\LOCALS~1\Temp\mfe_rr.sys --> c:\docume~1\Andrea\LOCALS~1\Temp\mfe_rr.sys [?]
S3 Tomcat6;Apache Tomcat 6;c:\timeguardian\apache-tomcat-6.0.26\bin\tomcat6.exe [3/30/2011 1:16 PM 57344]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [3/25/2011 11:39 PM 11520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
NECUsb3s REG_MULTI_SZ NEC Usb3
.
NETSVCS REQUIRES REPAIRS - current entries shown
6to4
AppMgmt
AudioSrv
Browser
CryptSvc
DMServer
DHCP
ERSvc
EventSystem
FastUserSwitchingCompatibility
HidServ
Ias
Iprip
Irmon
LanmanServer
LanmanWorkstation
Messenger
Netman
Nla
Ntmssvc
NWCWorkstation
Nwsapagent
Rasauto
backupexecagentaccelerator
ssrvc
iaimtv2
SMCB000
3comtftp
venturi2
idebusdr
nvport
networkx
wmp54gv4svc
aswtdi
mwagent
lvmvdrv
MSSQL$MSSMLBIZ
dbmang
avg7rsxp
Pcatip
RR2IOMod
bmuservice
BrScnUsb
artdhcp
nmindexingservice
ccispwdsvc
bmwebcfg
tdcmdpst
svcwmu
upsentry_smart
kservice
smbios
db2
LRMINIPORT
USBCamera
MSICPL
aclient
bwcsrv
zpjava
mi-raysat_3dsmax8
axinstsv
w22n51
hpzius12
mozyFilter
jobserver_report
MASPINT
actser
cnxtdiag
bdrsdrv
bltrust
s117mdm
hcwPVRP2
mbr
mwspollserver
vxsvc
stunnel
rupsmon
cvspydr2
WUSB54GPV4SRV
mcshield
clr_optimization_v2.0.50215_32
mcredirector
DivisCTP
oracleorahomepagingserver
s3twistr
wlluc48
pctfw1
wanatw
mssql$sqlexpress
adminserver
pimsgss
DgiVecp
ZDPSp50
AVCamUSB20
bcserver
ati2mpaa
sis315
sgeclient
roxwatch9
cfosspeed
Mvc25U870_VID_1262&PID_25FD
symids
ATSWPDRV
msi_wlan_service
RioS30
SrvcEPIOMngr
wacomvhid
rmedia
USBModem
mysql
HWSCtrl
iaantmon
dlapoolm
s616mdm
delldmi
Freedom
AFGSp50
lxbs_device
srtspx
vcommmgr
sscdserd
PBADRV
Rasman
Remoteaccess
Schedule
Seclogon
SENS
Sharedaccess
SRService
Tapisrv
Themes
TrkWks
W32Time
WZCSVC
Wmi
WmdmPmSp
winmgmt
wscsvc
xmlprov
napagent
hkmsvc
BITS
wuauserv
ShellHWDetection
helpsvc
WmdmPmSN
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-05 20:49]
.
2012-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-05 20:49]
.
2012-04-22 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 20:39]
.
2012-04-22 c:\windows\Tasks\User_Feed_Synchronization-{EFD986EC-1E46-49EE-956E-59EECC065750}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: scat.suz.com\Cww
Trusted Zone: scat.suz.com\www
Trusted Zone: suz.com\Cww.scat
Trusted Zone: suz.com\www.scat
Trusted Zone: suzuki.com\www.dealer
Trusted Zone: suzukiconnect.com\www
Trusted Zone: suzukidcs.com\www
Trusted Zone: scat.suz.com\cww
Trusted Zone: scat.suz.com\www
Trusted Zone: suz.com\Cww.scat
Trusted Zone: suz.com\www.scat
Trusted Zone: suzuki.com\www.dealer
Trusted Zone: suzukiconnect.com\www
Trusted Zone: suzukidcs.com\www
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
DPF: {5DE9821B-6881-40B1-9A78-EEBE4A8B1BD8} - hxxps://www.suzukiconnect.com/COMMON/installer/scm.CAB
FF - ProfilePath - c:\documents and settings\Andrea\Application Data\Mozilla\Firefox\Profiles\i7gyiczx.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-22 13:50
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3972)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\timeguardian\bin\wrapper.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\timeguardian\jre\bin\java.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2012-04-22 13:53:10 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-22 17:53
ComboFix2.txt 2012-04-20 12:05
ComboFix3.txt 2012-04-19 17:36
ComboFix4.txt 2012-04-19 16:34
ComboFix5.txt 2012-04-22 17:27
.
Pre-Run: 472,806,477,824 bytes free
Post-Run: 472,919,478,272 bytes free
.
- - End Of File - - 6762413D08642182BD1E6DB2F4CE1BB2

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:13 AM

Posted 22 April 2012 - 01:27 PM

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)

Programs to remove

Adobe Reader 9.5.0
Java™ 6 Update 26
[/list]


  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
.

Update Adobe Reader

Recently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions.
If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

If you don't like Adobe Reader (53 MB), you can download Foxit PDF Reader(7 MB) from here. It's a much smaller file to download and uses a lot less resources than Adobe Reader.

Note: When installing FoxitReader, be careful not to install anything to do with AskBar.
[/list]

Install Java:

Please go here to install Java

  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here http://www.ccleaner.com/

  • Run the installer to install the application.
  • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
  • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
  • Click Run Cleaner.
  • Close CCleaner.

: Malwarebytes' Anti-Malware :

  • I would like you to rerun MBAM
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
  • If you accidentally close it, the log file is saved here and will be named like this:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


Download HijackThis

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Go Here to download HijackThis Installer
  • Save HijackThis Installer to your desktop.
  • Double-click on the HijackThis Installer icon on your desktop. (Vista and Win 7 right click and run as admin)
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed it will launch Hijackthis.
  • Click on the Do a system scan and save a log file button. It will scan and the log should open in notepad.
  • Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the Analyze This button its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 dmkc1207

dmkc1207
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:13 AM

Posted 22 April 2012 - 03:53 PM

removed/reinstall adobe/java using Revo...logs of hijackthis/mb..thanks again

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:47:17 PM, on 4/22/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\TimeGuardian\bin\wrapper.exe
C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\TimeGuardian\jre\bin\java.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.dealer.suzuki.com
O15 - Trusted Zone: http://www.suzukiconnect.com
O15 - Trusted Zone: http://www.dealer.suzuki.com (HKLM)
O15 - Trusted Zone: http://www.suzukiconnect.com (HKLM)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - https://www.psndealer.com/common/ImageUploader5.cab
O16 - DPF: {5DE9821B-6881-40B1-9A78-EEBE4A8B1BD8} (Suzuki.ManageClient) - https://www.suzukiconnect.com/COMMON/installer/scm.CAB
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} (Photo Upload Plugin Class) - http://mywayphotos.riteaid.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://akamaicdn.webex.com/client/WBXclient-T27L10NSP24-10113/webex/ieatgpc.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ASA License (AMANO) - Unknown owner - C:\TimeGuardian\bin\wrapper.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AutoProcess (TG) - Unknown owner - C:\TimeGuardian\bin\wrapper.exe
O23 - Service: Escalation Server (TG) - Unknown owner - C:\TimeGuardian\bin\wrapper.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Apache Tomcat 6 (Tomcat6) - Apache Software Foundation - C:\TimeGuardian\apache-tomcat-6.0.26\bin\tomcat6.exe

--
End of file - 6906 bytes

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.22.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Andrea :: ANDREA-OFFICE [administrator]

4/22/2012 4:44:35 PM
mbam-log-2012-04-22 (16-44-35).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 196168
Time elapsed: 2 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:13 AM

Posted 22 April 2012 - 05:09 PM

Greetings

These logs are looking very good, we are almost done!!! Just one more scan to go.

:Remove unneeded start-up entries:

This part of the fix is purely optional
These are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Run HijackThis
  • Click on the Scan button
  • Put a check beside all of the items listed below (if present):

    • O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
      O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
  • Close all open windows and browsers/email, etc...
  • Click on the "Fix Checked" button
  • When completed, close the application.

    NOTE**You can research each of those lines >here< and see if you want to keep them or not
    just copy the name between the brackets and paste into the search space
    O4 - HKLM\..\Run: [IntelliPoint]


NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scanner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
  • When asked, allow the ActiveX control to install
    • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options
    Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • Click on copy to clipboard or copy and paste the results here in this topic

Copy and paste that log as a reply to this topic

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users