Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

cannot load users profile


  • This topic is locked This topic is locked
58 replies to this topic

#1 adaniel

adaniel

  • Members
  • 204 posts
  • OFFLINE
  •  
  • Local time:03:33 AM

Posted 13 December 2013 - 04:37 PM

I was instructed to open a new topic here by 'noknojon' on the 'Am I infected?  What do I do?' forum.  Here is the link to that topic for reference re: what we have done  and the results.  
 
 
I have since run sfc/scannow with no change in symptoms.
 
Thank you in advance for your assistance.
adaniel
 
 
 
DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.45.2
Run by Administrator at 16:27:20 on 2013-12-13
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\scansoft\paperport\11\config\ereg\Ereg.ini"
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
dRunOnce: [tscuninstall] c:\windows\system32\tscupgrd.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - <orphaned>
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} - hxxps://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1314414972062
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: Interfaces\{1BD4802D-DA01-42FE-85E0-B2773E54A51D} : NameServer = 10.0.100.4,10.0.100.225
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Notification Packages =  scecli scecli scecli
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.63\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\yzxi25sm.default\
FF - ExtSQL: !HIDDEN! 2009-08-07 11:05; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
.
==================== Find3M  ====================
.
.
============= FINISH: 16:28:53.56 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,732 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:33 AM

Posted 18 December 2013 - 04:40 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/517385 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 adaniel

adaniel
  • Topic Starter

  • Members
  • 204 posts
  • OFFLINE
  •  
  • Local time:03:33 AM

Posted 19 December 2013 - 08:37 AM

Thank you for your assistance.  The system is running XP Pro SP3.  I do have the XP CD.
 
Problem started as very slow performance, unable to access any web pages.  Scanned with Malwarebytes, SuperAntispyware, ESET Online before posting first on "Am I infected?" forum.  After their help, now have Internet access and performance is normal, but cannot install MSE, nor run MS Fixit tools which are supposed to correct that.  No AV software currently installed.
 
Below are the requested logs.  My original post contains a link to my post on "Am I infected?" so you can see what we have tried to date.
 
Thank you again,
adaniel
 
 
DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.45.2
Run by Administrator at 8:26:52 on 2013-12-19
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\msdtc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\scansoft\paperport\11\config\ereg\Ereg.ini"
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
dRunOnce: [tscuninstall] c:\windows\system32\tscupgrd.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - <orphaned>
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} - hxxps://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1314414972062
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 10.0.100.225
TCP: Interfaces\{1BD4802D-DA01-42FE-85E0-B2773E54A51D} : DHCPNameServer = 10.0.100.225
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Notification Packages =  scecli scecli scecli
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.63\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\yzxi25sm.default\
FF - ExtSQL: !HIDDEN! 2009-08-07 11:05; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
.
==================== Find3M  ====================
.
.
============= FINISH:  8:28:24.17 ===============
 
 
 
 
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
.
==== Installed Programs ======================
.
.
==== End Of File ===========================
 


#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,457 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:33 AM

Posted 23 December 2013 - 11:13 PM

Greetings adaniel and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please run this program for me.

===================================================

Farbar's Service Scanner

--------------------
  • Please download Farbar Service Scanner, save it to your desktop, and run it.
  • Make sure the following options are checked:

Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update
Windows Defender
Other Services

  • Press Scan
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FSS.txt
  • FRST results
  • Addition log

Edited by Oh My, 27 December 2013 - 08:32 AM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#5 adaniel

adaniel
  • Topic Starter

  • Members
  • 204 posts
  • OFFLINE
  •  
  • Local time:03:33 AM

Posted 24 December 2013 - 10:29 AM

Gary,

 

Thank you for your assistance.  

 

Very busy over the next few days with preparations forChristmas and family coming in the day after.  I will download and run the requested scans ASAP and post back.  Just wanted to let you know I saw and appreciate your post.

 

I will follow up on each subsequent post as quickly as possible.  Will be back on regular schedule Jan 2.

 

Best regards,

Allen



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,457 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:33 AM

Posted 24 December 2013 - 10:30 AM

Hi Allen and welcome. Thanks for letting me know and take your time. Talk to you soon.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#7 adaniel

adaniel
  • Topic Starter

  • Members
  • 204 posts
  • OFFLINE
  •  
  • Local time:03:33 AM

Posted 26 December 2013 - 09:54 AM

Gary,

 

Here's the first log.

 

Allen

 

Farbar Service Scanner Version: 05-12-2013
Ran by Administrator (administrator) on 24-12-2013 at 10:37:46
Running from "C:\Documents and Settings\Administrator\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Security Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Other Services:
==============
 
 
File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
 
Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3) 
0x080000000400000001000000020000000300000008000000050000000600000007000000
IpSec Tag value is correct.
 
**** End of log ****


#8 adaniel

adaniel
  • Topic Starter

  • Members
  • 204 posts
  • OFFLINE
  •  
  • Local time:03:33 AM

Posted 26 December 2013 - 11:17 PM

Gary,

 

Here is the second log.

 

Thank you for you help.  I will be out of the office tomorrow, returning late Saturday.

 

Allen

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-12-2013
Ran by Administrator at 2013-12-26 10:04:01
Running from C:\Documents and Settings\Administrator\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
 
==================== Installed Programs ======================
 
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe AIR (Version: 1.5.1.8210)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.2.202.233)
Adobe Reader XI (11.0.05) (Version: 11.0.05)
Apple Application Support (Version: 2.0.1)
Apple Software Update (Version: 2.1.3.127)
Broadcom Management Programs (Version: 9.02.06)
Broadcom TPM Driver Installer (Version: 8.05.04)
Brother MFL-Pro Suite (Version: 1.00)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1)
Citrix online plug-in - web (Version: 12.0.3.6)
Citrix online plug-in (DV) (Version: 12.0.3.6)
Citrix online plug-in (HDX) (Version: 12.0.3.6)
Citrix online plug-in (USB) (Version: 12.0.3.6)
Citrix online plug-in (Web) (Version: 12.0.3.6)
Compatibility Pack for the 2007 Office system (Version: 12.0.6514.5001)
Google Chrome (Version: 31.0.1650.63)
Google Update Helper (Version: 1.3.22.3)
HP Backup and Recovery Manager (Version: 2.3i)
HP Help and Support (Version: 4.2.0010)
HpSdpAppCoreApp (Version: 3.00.0000)
Intel® Graphics Media Accelerator Driver
InterVideo Register Manager (Version: 1.0.4.0)
InterVideo WinDVD
InterVideo WinDVD (Version: 5.0-B11.1145)
Maxtor Manager (Version: 4.02.0303)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Office 2000 SR-1 Professional (Version: 9.00.3821)
Microsoft Office 2003 Web Components (Version: 11.0.8173.0)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 25.0 (x86 en-US) (Version: 25.0)
Mozilla Maintenance Service (Version: 24.1.1)
Mozilla Thunderbird 24.1.1 (x86 en-US) (Version: 24.1.1)
MSN
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PaperPort Image Printer (Version: 1.00.0000)
PDF Complete
QuickTime (Version: 7.70.80.34)
RealDownloader (Version: 1.3.3)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.3)
Realtek High Definition Audio Driver (Version: 5.10.0.5275)
RealUpgrade 1.1 (Version: 1.1.0)
Rhapsody Player Engine (Version: 1.0.604)
ScanSoft PaperPort 11 (Version: 11.1.0000)
Speccy (Version: 1.24)
TestGen
TightVNC 1.2.9 (Version: 1.2.9)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB2904266) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
WebFldrs XP (Version: 9.50.7523)
Windows Easy Transfer
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0 (Version: 04.00.6001.503)
 
==================== Restore Points  =========================
 
Could not list Restore Points. Check WMI.
 
 
==================== Hosts content: ==========================
 
2006-02-27 21:00 - 2013-12-11 00:42 - 00000855 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2023473458-3232408138-820847086-500.job => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2023473458-3232408138-820847086-500.job => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2023473458-3232408138-820847086-500.job => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2023473458-3232408138-820847086-500.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2023473458-3232408138-820847086-500.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-2023473458-3232408138-820847086-500.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-2023473458-3232408138-820847086-500.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
 
==================== Loaded Modules (whitelisted) =============
 
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AVG Anti-Spyware Driver => ""="Driver"
 
==================== Faulty Device Manager Devices =============
 
Could not list Devices. Check WMI.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/25/2013 07:20:00 PM) (Source: Windows Search Service) (User: )
Description: Unable to initialize the filter host process. Terminating.
 
 
Details:
Access is denied.   (0x80070005)
 
Error: (12/25/2013 07:18:00 PM) (Source: Windows Search Service) (User: )
Description: Unable to initialize the filter host process. Terminating.
 
 
Details:
Access is denied.   (0x80070005)
 
Error: (12/25/2013 07:17:47 PM) (Source: Windows Search Service) (User: )
Description: Unable to initialize the filter host process. Terminating.
 
 
Details:
This operation returned because the timeout period expired.   (0x800705b4)
 
Error: (12/25/2013 07:15:50 PM) (Source: Windows Search Service) (User: )
Description: Unable to initialize the filter host process. Terminating.
 
 
Details:
Access is denied.   (0x80070005)
 
Error: (12/25/2013 07:13:50 PM) (Source: Windows Search Service) (User: )
Description: Unable to initialize the filter host process. Terminating.
 
 
Details:
Access is denied.   (0x80070005)
 
Error: (12/25/2013 07:13:37 PM) (Source: Windows Search Service) (User: )
Description: Unable to initialize the filter host process. Terminating.
 
 
Details:
This operation returned because the timeout period expired.   (0x800705b4)
 
Error: (12/25/2013 07:11:40 PM) (Source: Windows Search Service) (User: )
Description: Unable to initialize the filter host process. Terminating.
 
 
Details:
Access is denied.   (0x80070005)
 
Error: (12/25/2013 07:09:40 PM) (Source: Windows Search Service) (User: )
Description: Unable to initialize the filter host process. Terminating.
 
 
Details:
Access is denied.   (0x80070005)
 
Error: (12/25/2013 07:09:27 PM) (Source: Windows Search Service) (User: )
Description: Unable to initialize the filter host process. Terminating.
 
 
Details:
This operation returned because the timeout period expired.   (0x800705b4)
 
Error: (12/25/2013 07:07:30 PM) (Source: Windows Search Service) (User: )
Description: Unable to initialize the filter host process. Terminating.
 
 
Details:
Access is denied.   (0x80070005)
 
 
System errors:
=============
Error: (12/26/2013 10:05:12 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register with DCOM within the required timeout.
 
Error: (12/26/2013 10:04:37 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register with DCOM within the required timeout.
 
Error: (12/26/2013 10:03:31 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register with DCOM within the required timeout.
 
Error: (12/26/2013 10:02:56 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register with DCOM within the required timeout.
 
Error: (12/26/2013 10:02:21 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register with DCOM within the required timeout.
 
Error: (12/26/2013 07:27:57 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}
 
Error: (12/26/2013 02:27:51 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}
 
Error: (12/25/2013 09:27:30 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}
 
Error: (12/25/2013 09:04:33 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register with DCOM within the required timeout.
 
Error: (12/25/2013 09:03:58 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register with DCOM within the required timeout.
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Percentage of memory in use: 59%
Total physical RAM: 1015.23 MB
Available physical RAM: 409.91 MB
Total Pagefile: 2442.51 MB
Available Pagefile: 1913.66 MB
Total Virtual: 2047.88 MB
Available Virtual: 1947.25 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:64.51 GB) (Free:40.63 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (HP_RECOVERY) (Fixed) (Total:10 GB) (Free:3.75 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 75 GB) (Disk ID: D42AD42A)
Partition 1: (Active) - (Size=65 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,457 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:33 AM

Posted 27 December 2013 - 08:33 AM

Thanks for letting me know. Once you are able to post the FRST log I will be able to provide some steps for you to take.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#10 adaniel

adaniel
  • Topic Starter

  • Members
  • 204 posts
  • OFFLINE
  •  
  • Local time:03:33 AM

Posted 27 December 2013 - 08:57 AM

Gary,

 

I apologize.  I didn't read your instructions carefully and missed that I was supposed to post two logs.  Here is the FRST log.

 

Allen

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-12-2013
Ran by Administrator (administrator) on SEGEBADE on 26-12-2013 10:02:27
Running from C:\Documents and Settings\Administrator\Desktop
Microsoft Windows XP Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
 
==================== Could not list processes ===============
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [PPort11reminder] - C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM\...\Run: [MSConfig] - C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe [169984 2008-04-14] (Microsoft Corporation)
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%System32\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKCU\...409d6c4515e9\InprocServer32: [Default-shell32] SHELL32.dll ATTENTION! ====> ZeroAccess/Alureon?
HKCU\...\Policies\system: [DisableCMD] 0
HKCU\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKCU\...\Policies\Explorer: [NoFolderOptions] 0
HKU\Default User\...\RunOnce: [tscuninstall] - C:\WINDOWS\system32\tscupgrd.exe [ 2006-02-27] (Microsoft Corporation)
Lsa: [Notification Packages] scecli scecli scecli
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Status Monitor.lnk
ShortcutTarget: Status Monitor.lnk -> C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
BootExecute: autocheck autochk * pgdfgsvc C 1 -o
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
SearchScopes: HKLM - DefaultScope value is missing.
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} -  No File
Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} -  No File
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.100.225
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\yzxi25sm.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.0 - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @real.com/RhapsodyPlayerEngine - C:\Documents and Settings\Administrator\Application Data\nprhapengine.dll No File
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\yzxi25sm.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
 
Chrome: 
=======
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (AVG Internet Security) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer™ HTML5VideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (TestGen Plug-in 7.3) - C:\Program Files\Mozilla Firefox\plugins\nptgeqplugin.dll (Tamarack Software, Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (RealNetworks™ Chrome Background Extension Plug-In (32-bit) ) - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (RealNetworks Rhapsody Player Engine) - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (RealDownloader) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0
CHR Extension: (Google Wallet) - C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
========================== Services (Whitelisted) =================
 
S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2011-08-11] (SUPERAntiSpyware.com)
S4 Maxtor Sync Service; C:\Program Files\Maxtor\Sync\SyncServices.exe [193888 2008-07-21] (Seagate Technology LLC)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S4 PCA; C:\WINDOWS\SMINST\PCAngel.exe [364544 2006-06-13] (SoftThinks)
S4 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [540448 2007-04-13] (PDF Complete Inc)
S4 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S4 winvnc; C:\Program Files\TightVNC\WinVNC.exe [474624 2003-08-01] (Constantin Kaplinsky)
S4 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"
 
==================== Drivers (Whitelisted) ====================
 
S3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
S3 Blfp; C:\Windows\System32\DRIVERS\baspxp32.sys [67584 2006-04-07] (Broadcom Corporation)
S3 brfilt; C:\Windows\System32\Drivers\Brfilt.sys [2944 2001-08-17] (Brother Industries Ltd.)
S3 brparimg; C:\Windows\System32\DRIVERS\BrParImg.sys [3168 2001-08-17] (Brother Industries Ltd.)
S3 BrParWdm; C:\Windows\System32\Drivers\BrParwdm.sys [39552 2001-08-17] (Brother Industries Ltd.)
S3 BrScnUsb; C:\Windows\System32\DRIVERS\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.)
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [145920 2005-01-07] (Windows ® Server 2003 DDK provider)
S3 i81x; C:\Windows\System32\DRIVERS\i81xnt5.sys [161020 2004-08-03] (Intel® Corporation)
S3 iAimFP0; C:\Windows\System32\DRIVERS\wADV01nt.sys [12415 2004-08-03] (Intel® Corporation)
S3 iAimFP1; C:\Windows\System32\DRIVERS\wADV02NT.sys [12127 2004-08-03] (Intel® Corporation)
S3 iAimFP2; C:\Windows\System32\DRIVERS\wADV05NT.sys [11775 2004-08-03] (Intel® Corporation)
S3 iAimFP3; C:\Windows\System32\DRIVERS\wSiINTxx.sys [12063 2004-08-03] (Intel® Corporation)
S3 iAimFP4; C:\Windows\System32\DRIVERS\wVchNTxx.sys [19455 2004-08-03] (Intel® Corporation)
S3 iAimFP5; C:\Windows\System32\DRIVERS\wADV07nt.sys [11807 2004-08-03] (Intel® Corporation)
S3 iAimFP6; C:\Windows\System32\DRIVERS\wADV08nt.sys [11295 2004-08-03] (Intel® Corporation)
S3 iAimFP7; C:\Windows\System32\DRIVERS\wADV09nt.sys [11871 2004-08-03] (Intel® Corporation)
S3 iAimTV0; C:\Windows\System32\DRIVERS\wATV01nt.sys [29311 2004-08-03] (Intel® Corporation)
S3 iAimTV1; C:\Windows\System32\DRIVERS\wATV02NT.sys [19551 2004-08-03] (Intel® Corporation)
S3 iAimTV3; C:\Windows\System32\DRIVERS\wATV04nt.sys [33599 2004-08-03] (Intel® Corporation)
S3 iAimTV4; C:\Windows\System32\DRIVERS\wCh7xxNT.sys [23615 2004-08-03] (Intel® Corporation)
S3 iAimTV5; C:\Windows\System32\DRIVERS\wATV10nt.sys [25471 2004-08-03] (Intel® Corporation)
S3 iAimTV6; C:\Windows\System32\DRIVERS\wATV06nt.sys [22271 2004-08-03] (Intel® Corporation)
S3 mf; C:\Windows\System32\DRIVERS\mf.sys [63744 2008-04-14] (Microsoft Corporation)
S3 MXOPSWD; C:\Windows\System32\DRIVERS\mxopswd.sys [22152 2007-05-03] (Maxtor Corp.)
S1 P3; C:\Windows\System32\DRIVERS\p3.sys [42752 2008-04-14] (Microsoft Corporation)
S4 Symmpi; C:\Windows\system32\DRIVERS\symmpi.sys [28416 2002-04-04] (LSI Logic)
S3 VirtDisk; c:\windows\sminst\VirtDisk.sys [57344 2006-05-05] (XSS)
S1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL; 
U3 mbr; \??\C:\Documents and Settings\Administrator\Local Settings\Temp\mbr.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-12-26 10:02 - 2013-12-26 10:03 - 00016716 _____ C:\Documents and Settings\Administrator\Desktop\FRST.txt
2013-12-26 10:01 - 2013-12-26 10:01 - 01061649 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe
2013-12-26 10:01 - 2013-12-26 10:01 - 00000000 ____D C:\FRST
2013-12-26 09:59 - 2013-12-26 09:59 - 00002087 _____ C:\Documents and Settings\Administrator\Desktop\FSS_131224.txt
2013-12-24 10:37 - 2013-12-24 10:37 - 00002087 _____ C:\Documents and Settings\Administrator\Desktop\FSS.txt
2013-12-24 10:36 - 2013-12-24 10:36 - 00708597 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FSS.exe
2013-12-15 22:01 - 2013-12-15 22:04 - 1245543881 _____ C:\Documents and Settings\All Users\Documents\SaveData.MIG
2013-12-15 19:12 - 2013-12-15 19:13 - 00038968 _____ C:\WINDOWS\WETCable.log
2013-12-15 19:12 - 2013-12-15 19:12 - 00001582 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Easy Transfer.lnk
2013-12-15 19:12 - 2013-12-15 19:12 - 00000000 __HDC C:\WINDOWS\$NtUninstallWETCable$
2013-12-15 19:12 - 2013-12-15 19:12 - 00000000 ____D C:\WINDOWS\LastGood
2013-12-13 16:29 - 2013-12-19 08:28 - 00005702 _____ C:\Documents and Settings\Administrator\Desktop\dds.txt
2013-12-13 16:29 - 2013-12-19 08:28 - 00000229 _____ C:\Documents and Settings\Administrator\Desktop\attach.txt
2013-12-13 16:17 - 2013-12-13 16:17 - 00025992 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\pgdfgsvc.exe
2013-12-13 16:10 - 2008-04-14 05:42 - 00116224 ____C (Xerox) C:\WINDOWS\system32\dllcache\xrxwiadr.dll
2013-12-13 16:09 - 2008-04-14 05:42 - 00018944 ____C () C:\WINDOWS\system32\dllcache\xrxscnui.dll
2013-12-13 16:09 - 2008-04-14 05:42 - 00008192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wshirda.dll
2013-12-13 16:09 - 2008-04-14 00:16 - 00019200 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wstcodec.sys
2013-12-13 16:09 - 2008-04-13 22:05 - 00154624 ____C (Lucent Technologies) C:\WINDOWS\system32\dllcache\wlluc48.sys
2013-12-13 16:09 - 2001-08-17 22:37 - 00099865 ____C (Eicon Technology) C:\WINDOWS\system32\dllcache\xlog.exe
2013-12-13 16:09 - 2001-08-17 22:37 - 00027648 ____C () C:\WINDOWS\system32\dllcache\xrxftplt.exe
2013-12-13 16:09 - 2001-08-17 22:37 - 00004608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xrxflnch.exe
2013-12-13 16:09 - 2001-08-17 22:36 - 00023040 ____C (Xerox Corporation) C:\WINDOWS\system32\dllcache\xrxwbtmp.dll
2013-12-13 16:09 - 2001-08-17 12:12 - 00034890 ____C (Raytheon Corp.) C:\WINDOWS\system32\dllcache\wlandrv2.sys
2013-12-13 16:09 - 2001-08-17 12:11 - 00016970 ____C (US Robotics MCD (Megahertz)) C:\WINDOWS\system32\dllcache\xem336n5.sys
2013-12-13 16:08 - 2008-04-14 05:42 - 00053760 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vfwwdm32.dll
2013-12-13 16:08 - 2008-04-14 00:15 - 00031744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wceusbsh.sys
2013-12-13 16:08 - 2001-08-17 22:36 - 00087040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wiafbdrv.dll
2013-12-13 16:08 - 2001-08-17 22:36 - 00053760 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wiamsmud.dll
2013-12-13 16:08 - 2001-08-17 13:49 - 00024576 ____C (VIA Technologies, Inc.) C:\WINDOWS\system32\dllcache\viairda.sys
2013-12-13 16:08 - 2001-08-17 13:28 - 00771581 ____C (Rockwell) C:\WINDOWS\system32\dllcache\winacisa.sys
2013-12-13 16:08 - 2001-08-17 13:28 - 00701386 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\wdhaalba.sys
2013-12-13 16:08 - 2001-08-17 13:28 - 00604253 ____C (PCTEL, INC.) C:\WINDOWS\system32\dllcache\vmodem.sys
2013-12-13 16:08 - 2001-08-17 13:28 - 00397502 ____C (PCtel, Inc.) C:\WINDOWS\system32\dllcache\vpctcom.sys
2013-12-13 16:08 - 2001-08-17 13:28 - 00064605 ____C (PCtel, Inc.) C:\WINDOWS\system32\dllcache\vvoice.sys
2013-12-13 16:08 - 2001-08-17 12:14 - 00249402 ____C (Xircom) C:\WINDOWS\system32\dllcache\vinwm.sys
2013-12-13 16:08 - 2001-08-17 12:13 - 00019528 ____C (Winbond Electronics Corporation) C:\WINDOWS\system32\dllcache\w840nd.sys
2013-12-13 16:08 - 2001-08-17 12:13 - 00019016 ____C (Winbond Electronics Corporation) C:\WINDOWS\system32\dllcache\w926nd.sys
2013-12-13 16:08 - 2001-08-17 12:13 - 00016925 ____C (Winbond Electronics Corporation) C:\WINDOWS\system32\dllcache\w940nd.sys
2013-12-13 16:08 - 2001-08-17 12:10 - 00035871 ____C (Winbond Electronics Corp.) C:\WINDOWS\system32\dllcache\wbfirdma.sys
2013-12-13 16:07 - 2008-04-14 00:15 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbser.sys
2013-12-13 16:07 - 2008-04-14 00:15 - 00017152 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbohci.sys
2013-12-13 16:07 - 2008-04-13 22:05 - 00032384 ____C (KLSI USA, Inc.) C:\WINDOWS\system32\dllcache\usb101et.sys
2013-12-13 16:07 - 2001-08-17 22:36 - 00094720 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\umaxud32.dll
2013-12-13 16:07 - 2001-08-17 22:36 - 00069632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\umaxu12.dll
2013-12-13 16:07 - 2001-08-17 22:36 - 00050688 ____C (UMAX DATA SYSTEMS INC.) C:\WINDOWS\system32\dllcache\umaxscan.dll
2013-12-13 16:07 - 2001-08-17 22:36 - 00050176 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\umaxp60.dll
2013-12-13 16:07 - 2001-08-17 22:36 - 00047616 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\umaxcam.dll
2013-12-13 16:07 - 2001-08-17 22:36 - 00028160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\umaxu40.dll
2013-12-13 16:07 - 2001-08-17 22:36 - 00026624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\umaxu22.dll
2013-12-13 16:07 - 2001-08-17 13:58 - 00022912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\umaxpcls.sys
2013-12-13 16:07 - 2001-08-17 13:28 - 00794654 ____C (U.S. Robotics, Inc.) C:\WINDOWS\system32\dllcache\usr1801.sys
2013-12-13 16:07 - 2001-08-17 13:28 - 00794399 ____C (U.S. Robotics, Inc.) C:\WINDOWS\system32\dllcache\usr1806v.sys
2013-12-13 16:07 - 2001-08-17 13:28 - 00793598 ____C (U.S. Robotics, Inc.) C:\WINDOWS\system32\dllcache\usr1806.sys
2013-12-13 16:07 - 2001-08-17 13:28 - 00765884 ____C (U.S. Robotics, Inc.) C:\WINDOWS\system32\dllcache\usrti.sys
2013-12-13 16:07 - 2001-08-17 13:28 - 00687999 ____C (U.S. Robotics Corporation) C:\WINDOWS\system32\dllcache\usrwdxjs.sys
2013-12-13 16:07 - 2001-08-17 13:28 - 00224802 ____C (U.S. Robotics Corporation) C:\WINDOWS\system32\dllcache\usr1807a.sys
2013-12-13 16:07 - 2001-08-17 13:28 - 00113762 ____C (U.S. Robotics Corporation) C:\WINDOWS\system32\dllcache\usrpda.sys
2013-12-13 16:07 - 2001-08-17 13:28 - 00007556 ____C (U.S. Robotics Corporation) C:\WINDOWS\system32\dllcache\usroslba.sys
2013-12-13 16:06 - 2008-04-14 05:42 - 00082944 ____C (IBM Corporation) C:\WINDOWS\system32\dllcache\tp4mon.exe
2013-12-13 16:06 - 2001-08-17 22:36 - 00525568 ____C (Trident Microsystems Inc.) C:\WINDOWS\system32\dllcache\tridxp.dll
2013-12-13 16:06 - 2001-08-17 22:36 - 00216064 ____C (UMAX Data Systems Inc.) C:\WINDOWS\system32\dllcache\um34scan.dll
2013-12-13 16:06 - 2001-08-17 22:36 - 00211968 ____C (UMAX Data Systems Inc.) C:\WINDOWS\system32\dllcache\um54scan.dll
2013-12-13 16:06 - 2001-08-17 22:36 - 00031744 ____C (IBM Corporation) C:\WINDOWS\system32\dllcache\tp4.dll
2013-12-13 16:06 - 2001-08-17 22:35 - 00042496 ____C (IBM Corporation) C:\WINDOWS\system32\dllcache\tp4res.dll
2013-12-13 16:06 - 2001-08-17 14:56 - 00440576 ____C (Trident Microsystems Inc.) C:\WINDOWS\system32\dllcache\tridkb.dll
2013-12-13 16:06 - 2001-08-17 14:56 - 00315520 ____C (Trident Microsystems Inc.) C:\WINDOWS\system32\dllcache\trid3d.dll
2013-12-13 16:06 - 2001-08-17 14:02 - 00230912 ____C (Toshiba Corporation) C:\WINDOWS\system32\dllcache\tosdvd03.sys
2013-12-13 16:06 - 2001-08-17 14:01 - 00241664 ____C (Toshiba Corporation) C:\WINDOWS\system32\dllcache\tosdvd02.sys
2013-12-13 16:06 - 2001-08-17 13:52 - 00036736 ____C (Promise Technology, Inc.) C:\WINDOWS\system32\dllcache\ultra.sys
2013-12-13 16:06 - 2001-08-17 13:51 - 00004992 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\toside.sys
2013-12-13 16:06 - 2001-08-17 13:48 - 00011520 ____C (IBM Corporation) C:\WINDOWS\system32\dllcache\twotrack.sys
2013-12-13 16:06 - 2001-08-17 12:51 - 00222336 ____C (Trident Microsystems Inc.) C:\WINDOWS\system32\dllcache\trid3dm.sys
2013-12-13 16:06 - 2001-08-17 12:51 - 00166784 ____C (Trident Microsystems Inc.) C:\WINDOWS\system32\dllcache\tridxpm.sys
2013-12-13 16:06 - 2001-08-17 12:51 - 00159232 ____C (Trident Microsystems Inc.) C:\WINDOWS\system32\dllcache\tridkbm.sys
2013-12-13 16:06 - 2001-08-17 12:14 - 00123995 ____C (Tiger Jet Network) C:\WINDOWS\system32\dllcache\tjisdn.sys
2013-12-13 16:06 - 2001-08-17 12:12 - 00034375 ____C (Intel Corporation) C:\WINDOWS\system32\dllcache\tpro4.sys
2013-12-13 16:06 - 2001-08-17 12:10 - 00028232 ____C (TOSHIBA Corporation) C:\WINDOWS\system32\dllcache\tos4mo.sys
2013-12-13 16:05 - 2008-04-14 00:16 - 00015232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\streamip.sys
2013-12-13 16:05 - 2008-04-14 00:10 - 00149376 ____C (M-Systems) C:\WINDOWS\system32\dllcache\tffsport.sys
2013-12-13 16:05 - 2001-08-17 22:36 - 00155648 ____C (Stallion Technologies) C:\WINDOWS\system32\dllcache\stlnprop.dll
2013-12-13 16:05 - 2001-08-17 22:36 - 00094293 ____C (Perle Systems Ltd. ) C:\WINDOWS\system32\dllcache\sxports.dll
2013-12-13 16:05 - 2001-08-17 22:36 - 00053760 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sw_wheel.dll
2013-12-13 16:05 - 2001-08-17 22:36 - 00053248 ____C (Stallion Technologies) C:\WINDOWS\system32\dllcache\stlncoin.dll
2013-12-13 16:05 - 2001-08-17 22:36 - 00041472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sw_effct.dll
2013-12-13 16:05 - 2001-08-17 22:36 - 00010240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\swpidflt.dll
2013-12-13 16:05 - 2001-08-17 22:36 - 00010240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\swpdflt2.dll
2013-12-13 16:05 - 2001-08-17 14:56 - 00172768 ____C (Number Nine Visual Technology) C:\WINDOWS\system32\dllcache\t2r4disp.dll
2013-12-13 16:05 - 2001-08-17 14:56 - 00081408 ____C (Trident Microsystems Inc.) C:\WINDOWS\system32\dllcache\tgiul50.dll
2013-12-13 16:05 - 2001-08-17 14:02 - 00003968 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\swusbflt.sys
2013-12-13 16:05 - 2001-08-17 13:52 - 00007040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tandqic.sys
2013-12-13 16:05 - 2001-08-17 13:50 - 00103936 ____C (Perle Systems Ltd. ) C:\WINDOWS\system32\dllcache\sx.sys
2013-12-13 16:05 - 2001-08-17 13:49 - 00030464 ____C (Toshiba Corporation) C:\WINDOWS\system32\dllcache\tbatm155.sys
2013-12-13 16:05 - 2001-08-17 12:51 - 00138528 ____C (Trident Microsystems Inc.) C:\WINDOWS\system32\dllcache\tgiulnt5.sys
2013-12-13 16:05 - 2001-08-17 12:50 - 00036640 ____C (Number Nine Visual Technology Corp.) C:\WINDOWS\system32\dllcache\t2r4mini.sys
2013-12-13 16:05 - 2001-08-17 12:18 - 00285760 ____C (Stallion Technologies) C:\WINDOWS\system32\dllcache\stlnata.sys
2013-12-13 16:05 - 2001-08-17 12:13 - 00037961 ____C (TDK Corporation) C:\WINDOWS\system32\dllcache\tdk100b.sys
2013-12-13 16:05 - 2001-08-17 12:13 - 00017129 ____C (TDK Corporation) C:\WINDOWS\system32\dllcache\tdkcd31.sys
2013-12-13 16:04 - 2008-04-14 00:10 - 00007552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sonyait.sys
2013-12-13 16:04 - 2001-08-17 22:36 - 00114688 ____C (Sony Corporation) C:\WINDOWS\system32\dllcache\sonypi.dll
2013-12-13 16:04 - 2001-08-17 22:36 - 00106584 ____C (Perle Systems Ltd.) C:\WINDOWS\system32\dllcache\spdports.dll
2013-12-13 16:04 - 2001-08-17 22:36 - 00099328 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\srusd.dll
2013-12-13 16:04 - 2001-08-17 22:36 - 00024660 ____C (Perle Systems Ltd.) C:\WINDOWS\system32\dllcache\spxupchk.dll
2013-12-13 16:04 - 2001-08-17 14:56 - 00147200 ____C (Silicon Motion Inc.) C:\WINDOWS\system32\dllcache\smidispb.dll
2013-12-13 16:04 - 2001-08-17 14:07 - 00019072 ____C (Adaptec, Inc.) C:\WINDOWS\system32\dllcache\sparrow.sys
2013-12-13 16:04 - 2001-08-17 13:56 - 00007552 ____C (Sony Corporation) C:\WINDOWS\system32\dllcache\sonypvu1.sys
2013-12-13 16:04 - 2001-08-17 13:53 - 00009600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sonymc.sys
2013-12-13 16:04 - 2001-08-17 13:53 - 00007040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snyaitmc.sys
2013-12-13 16:04 - 2001-08-17 13:51 - 00061824 ____C (Perle Systems Ltd.) C:\WINDOWS\system32\dllcache\speed.sys
2013-12-13 16:04 - 2001-08-17 13:51 - 00016896 ____C (SCM Microsystems, Inc.) C:\WINDOWS\system32\dllcache\stcusb.sys
2013-12-13 16:04 - 2001-08-17 12:51 - 00058368 ____C (Silicon Motion Inc.) C:\WINDOWS\system32\dllcache\smiminib.sys
2013-12-13 16:04 - 2001-08-17 12:51 - 00037040 ____C (Sony Corporation) C:\WINDOWS\system32\dllcache\sonypi.sys
2013-12-13 16:04 - 2001-08-17 12:51 - 00020752 ____C (Sony Corporation) C:\WINDOWS\system32\dllcache\sonync.sys
2013-12-13 16:04 - 2001-08-17 12:12 - 00025034 ____C (SMC Networks, Inc.) C:\WINDOWS\system32\dllcache\smcpwr2n.sys
2013-12-13 16:04 - 2001-08-17 12:11 - 00048736 ____C (3Com) C:\WINDOWS\system32\dllcache\srwlnd5.sys
2013-12-13 16:04 - 2001-08-17 12:10 - 00035913 ____C (SMC) C:\WINDOWS\system32\dllcache\smcirda.sys
2013-12-13 16:03 - 2008-04-14 00:16 - 00011136 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\slip.sys
2013-12-13 16:03 - 2008-04-14 00:06 - 00016000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smbbatt.sys
2013-12-13 16:03 - 2008-04-14 00:06 - 00006912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smbclass.sys
2013-12-13 16:03 - 2008-04-13 22:05 - 00063547 ____C (Symbol Technologies) C:\WINDOWS\system32\dllcache\sla30nd5.sys
2013-12-13 16:03 - 2008-04-13 22:05 - 00032768 ____C (SiS Corporation) C:\WINDOWS\system32\dllcache\sisnic.sys
2013-12-13 16:03 - 2001-08-17 22:36 - 00238592 ____C (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\dllcache\sisgrv.dll
2013-12-13 16:03 - 2001-08-17 22:36 - 00045568 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smb3w.dll
2013-12-13 16:03 - 2001-08-17 22:36 - 00033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smb0w.dll
2013-12-13 16:03 - 2001-08-17 22:36 - 00028672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sma0w.dll
2013-12-13 16:03 - 2001-08-17 22:36 - 00028160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm91w.dll
2013-12-13 16:03 - 2001-08-17 14:56 - 00252032 ____C (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\dllcache\sis300iv.dll
2013-12-13 16:03 - 2001-08-17 14:56 - 00157696 ____C (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\dllcache\sisv256.dll
2013-12-13 16:03 - 2001-08-17 14:56 - 00150144 ____C (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\dllcache\sis6306v.dll
2013-12-13 16:03 - 2001-08-17 13:57 - 00006784 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smbhc.sys
2013-12-13 16:03 - 2001-08-17 12:50 - 00104064 ____C (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\dllcache\sisgrp.sys
2013-12-13 16:03 - 2001-08-17 12:50 - 00101760 ____C (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\dllcache\sis300ip.sys
2013-12-13 16:03 - 2001-08-17 12:50 - 00068608 ____C (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\dllcache\sis6306p.sys
2013-12-13 16:03 - 2001-08-17 12:50 - 00050432 ____C (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\dllcache\sisv.sys
2013-12-13 16:03 - 2001-08-17 12:12 - 00094698 ____C (SysKonnect GmbH.) C:\WINDOWS\system32\dllcache\sk98xwin.sys
2013-12-13 16:03 - 2001-08-17 12:12 - 00091294 ____C (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) C:\WINDOWS\system32\dllcache\skfpwin.sys
2013-12-13 16:03 - 2001-08-17 12:12 - 00024576 ____C (SMC Networks, Inc.) C:\WINDOWS\system32\dllcache\smc8000n.sys
2013-12-13 16:03 - 2001-07-21 14:29 - 00161568 ____C (Micro Systemation) C:\WINDOWS\system32\dllcache\sgsmusb.sys
2013-12-13 16:03 - 2001-07-21 14:29 - 00018400 ____C (Micro Systemation) C:\WINDOWS\system32\dllcache\sgsmld.sys
2013-12-13 16:02 - 2008-04-14 00:15 - 00011520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\scsiscan.sys
2013-12-13 16:02 - 2008-04-14 00:10 - 00043904 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sbp2port.sys
2013-12-13 16:02 - 2001-08-17 22:36 - 00495616 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\sblfx.dll
2013-12-13 16:02 - 2001-08-17 22:36 - 00386560 ____C (Trident Microsystems Inc.) C:\WINDOWS\system32\dllcache\sgiul50.dll
2013-12-13 16:02 - 2001-08-17 14:56 - 00245632 ____C (S3 Graphics, Inc.) C:\WINDOWS\system32\dllcache\s3savmx.dll
2013-12-13 16:02 - 2001-08-17 14:56 - 00210496 ____C (S3 Incorporated) C:\WINDOWS\system32\dllcache\s3mvirge.dll
2013-12-13 16:02 - 2001-08-17 14:56 - 00198400 ____C (S3 Incorporated) C:\WINDOWS\system32\dllcache\s3sav4.dll
2013-12-13 16:02 - 2001-08-17 14:56 - 00179264 ____C (S3 Incorporated) C:\WINDOWS\system32\dllcache\s3sav3d.dll
2013-12-13 16:02 - 2001-08-17 13:53 - 00006912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\seaddsmc.sys
2013-12-13 16:02 - 2001-08-17 13:53 - 00006784 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\serscan.sys
2013-12-13 16:02 - 2001-08-17 13:52 - 00011648 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\scsiprnt.sys
2013-12-13 16:02 - 2001-08-17 13:51 - 00023936 ____C (OMNIKEY AG) C:\WINDOWS\system32\dllcache\sccmusbm.sys
2013-12-13 16:02 - 2001-08-17 13:51 - 00023936 ____C (OMNIKEY AG) C:\WINDOWS\system32\dllcache\sccmn50m.sys
2013-12-13 16:02 - 2001-08-17 13:51 - 00017280 ____C (SCM Microsystems) C:\WINDOWS\system32\dllcache\scr111.sys
2013-12-13 16:02 - 2001-08-17 13:51 - 00016640 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\scmstcs.sys
2013-12-13 16:02 - 2001-08-17 13:48 - 00017664 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sermouse.sys
2013-12-13 16:02 - 2001-08-17 12:51 - 00098080 ____C (Trident Microsystems Inc.) C:\WINDOWS\system32\dllcache\sgiulnt5.sys
2013-12-13 16:02 - 2001-08-17 12:50 - 00077824 ____C (S3 Incorporated) C:\WINDOWS\system32\dllcache\s3sav4m.sys
2013-12-13 16:02 - 2001-08-17 12:50 - 00075392 ____C (S3 Graphics, Inc.) C:\WINDOWS\system32\dllcache\s3savmxm.sys
2013-12-13 16:02 - 2001-08-17 12:50 - 00061504 ____C (S3 Incorporated) C:\WINDOWS\system32\dllcache\s3sav3dm.sys
2013-12-13 16:02 - 2001-08-17 12:19 - 00036480 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\sfmanm.sys
2013-12-13 16:01 - 2008-04-14 05:42 - 00029696 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rw450ext.dll
2013-12-13 16:01 - 2008-04-14 05:42 - 00027648 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rw430ext.dll
2013-12-13 16:01 - 2008-04-14 00:10 - 00079104 ____C (Comtrol Corporation) C:\WINDOWS\system32\dllcache\rocket.sys
2013-12-13 16:01 - 2008-04-13 22:05 - 00020992 ____C (Realtek Semiconductor Corporation) C:\WINDOWS\system32\dllcache\rtl8139.sys
2013-12-13 16:01 - 2001-08-17 22:36 - 00086097 ____C (Xircom) C:\WINDOWS\system32\dllcache\reslog32.dll
2013-12-13 16:01 - 2001-08-17 22:36 - 00082432 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rwia450.dll
2013-12-13 16:01 - 2001-08-17 22:36 - 00079872 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rwia430.dll
2013-12-13 16:01 - 2001-08-17 22:36 - 00062496 ____C (S3 Incorporated) C:\WINDOWS\system32\dllcache\s3mtrio.dll
2013-12-13 16:01 - 2001-08-17 22:36 - 00041472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\qvusd.dll
2013-12-13 16:01 - 2001-08-17 14:56 - 00182272 ____C (S3 Incorporated) C:\WINDOWS\system32\dllcache\s3mt3d.dll
2013-12-13 16:01 - 2001-08-17 13:57 - 00065664 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\s3legacy.sys
2013-12-13 16:01 - 2001-08-17 13:51 - 00019584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rasirda.sys
2013-12-13 16:01 - 2001-08-17 13:28 - 00899146 ____C (Xircom, Inc.) C:\WINDOWS\system32\dllcache\r2mdkxga.sys
2013-12-13 16:01 - 2001-08-17 13:28 - 00714762 ____C (Xircom, Inc.) C:\WINDOWS\system32\dllcache\r2mdmkxx.sys
2013-12-13 16:01 - 2001-08-17 12:50 - 00166720 ____C (S3 Incorporated) C:\WINDOWS\system32\dllcache\s3m.sys
2013-12-13 16:01 - 2001-08-17 12:50 - 00041216 ____C (S3 Incorporated) C:\WINDOWS\system32\dllcache\s3mt3d.sys
2013-12-13 16:01 - 2001-08-17 12:19 - 00030720 ____C (Conexant Systems Inc.) C:\WINDOWS\system32\dllcache\rthwcls.sys
2013-12-13 16:01 - 2001-08-17 12:19 - 00003840 ____C (Conexant Systems Inc.) C:\WINDOWS\system32\dllcache\rpfun.sys
2013-12-13 16:01 - 2001-08-17 12:12 - 00037563 ____C (RadioLAN) C:\WINDOWS\system32\dllcache\rlnet5.sys
2013-12-13 16:01 - 2001-08-17 12:12 - 00019017 ____C (Realtek Semiconductor Corporation) C:\WINDOWS\system32\dllcache\rtl8029.sys
2013-12-13 16:00 - 2008-04-14 05:42 - 00363520 ____C C:\WINDOWS\system32\dllcache\psisdecd.dll
2013-12-13 16:00 - 2008-04-14 05:42 - 00159232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ptpusd.dll
2013-12-13 16:00 - 2008-04-14 05:42 - 00033280 ____C C:\WINDOWS\system32\dllcache\psisrndr.ax
2013-12-13 16:00 - 2008-04-14 00:11 - 00017664 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ppa3.sys
2013-12-13 16:00 - 2008-04-14 00:10 - 00008832 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\powerfil.sys
2013-12-13 16:00 - 2008-04-14 00:10 - 00006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\qic157.sys
2013-12-13 16:00 - 2001-08-17 22:36 - 00121344 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\phvfwext.dll
2013-12-13 16:00 - 2001-08-17 22:36 - 00035328 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\psisload.dll
2013-12-13 16:00 - 2001-08-17 22:36 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ptpusb.dll
2013-12-13 16:00 - 2001-08-17 14:07 - 00019840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\philtune.sys
2013-12-13 16:00 - 2001-08-17 14:04 - 00092416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\phildec.sys
2013-12-13 16:00 - 2001-08-17 13:53 - 00017792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ppa.sys
2013-12-13 16:00 - 2001-08-17 13:53 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pnrmc.sys
2013-12-13 16:00 - 2001-08-17 13:53 - 00003328 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\qv2kux.sys
2013-12-13 16:00 - 2001-08-17 13:52 - 00049024 ____C (QLogic Corporation) C:\WINDOWS\system32\dllcache\ql1280.sys
2013-12-13 16:00 - 2001-08-17 13:52 - 00045312 ____C (QLogic Corporation) C:\WINDOWS\system32\dllcache\ql12160.sys
2013-12-13 16:00 - 2001-08-17 13:52 - 00040448 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ql1240.sys
2013-12-13 16:00 - 2001-08-17 13:52 - 00040320 ____C (QLogic Corporation) C:\WINDOWS\system32\dllcache\ql1080.sys
2013-12-13 16:00 - 2001-08-17 13:52 - 00033152 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ql10wnt.sys
2013-12-13 16:00 - 2001-08-17 13:51 - 00016128 ____C (SCM Microsystems, Inc.) C:\WINDOWS\system32\dllcache\pscr.sys
2013-12-13 16:00 - 2001-08-17 13:28 - 00130942 ____C (PCTEL, INC.) C:\WINDOWS\system32\dllcache\ptserlv.sys
2013-12-13 16:00 - 2001-08-17 13:28 - 00128286 ____C (PCTEL, INC.) C:\WINDOWS\system32\dllcache\ptserli.sys
2013-12-13 16:00 - 2001-08-17 13:28 - 00112574 ____C (PCTEL, INC.) C:\WINDOWS\system32\dllcache\ptserlp.sys
2013-12-13 15:59 - 2008-04-14 05:40 - 00259328 ____C (Microsoft Corp., 3Dlabs Inc. Ltd.) C:\WINDOWS\system32\dllcache\perm3dd.dll
2013-12-13 15:59 - 2008-04-14 05:40 - 00211584 ____C (Microsoft Corp., 3Dlabs Inc. Ltd.) C:\WINDOWS\system32\dllcache\perm2dll.dll
2013-12-13 15:59 - 2008-04-14 00:14 - 00028032 ____C (Microsoft Corp., 3Dlabs Inc. Ltd.) C:\WINDOWS\system32\dllcache\perm3.sys
2013-12-13 15:59 - 2008-04-14 00:14 - 00027904 ____C (Microsoft Corp., 3Dlabs Inc. Ltd.) C:\WINDOWS\system32\dllcache\perm2.sys
2013-12-13 15:59 - 2008-04-13 22:05 - 00029502 ____C (Marconi Communications, Inc.) C:\WINDOWS\system32\dllcache\pca200e.sys
2013-12-13 15:59 - 2008-04-13 21:42 - 00169984 ____C (Cisco Systems) C:\WINDOWS\system32\dllcache\pcx500.sys
2013-12-13 15:59 - 2001-08-17 22:37 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\phdsext.ax
2013-12-13 15:59 - 2001-08-17 22:36 - 00116736 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ovcodec2.dll
2013-12-13 15:59 - 2001-08-17 22:36 - 00086016 ____C (PCtel, Inc.) C:\WINDOWS\system32\dllcache\pctspk.exe
2013-12-13 15:59 - 2001-08-17 22:36 - 00044544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ovui2.dll
2013-12-13 15:59 - 2001-08-17 22:36 - 00041984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ovui2rc.dll
2013-12-13 15:59 - 2001-08-17 22:36 - 00039424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ovcoms.exe
2013-12-13 15:59 - 2001-08-17 22:36 - 00020480 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ovcomc.dll
2013-12-13 15:59 - 2001-08-17 22:36 - 00016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\philcam1.dll
2013-12-13 15:59 - 2001-08-17 14:07 - 00027296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\perc2.sys
2013-12-13 15:59 - 2001-08-17 14:07 - 00005504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\perc2hib.sys
2013-12-13 15:59 - 2001-08-17 14:05 - 00351616 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ovcodek2.sys
2013-12-13 15:59 - 2001-08-17 14:05 - 00031872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ovce.sys
2013-12-13 15:59 - 2001-08-17 14:05 - 00028032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ovcd.sys
2013-12-13 15:59 - 2001-08-17 14:05 - 00025216 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ovsound2.sys
2013-12-13 15:59 - 2001-08-17 14:04 - 00173696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\philcam2.sys
2013-12-13 15:59 - 2001-08-17 14:04 - 00075776 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\philcam1.sys
2013-12-13 15:59 - 2001-08-17 12:12 - 00030495 ____C (Linksys) C:\WINDOWS\system32\dllcache\pc100nds.sys
2013-12-13 15:59 - 2001-08-17 12:12 - 00026153 ____C (Linksys) C:\WINDOWS\system32\dllcache\pcmlm56.sys
2013-12-13 15:59 - 2001-08-17 12:11 - 00035328 ____C (AMD Inc.) C:\WINDOWS\system32\dllcache\pcntpci5.sys
2013-12-13 15:59 - 2001-08-17 12:11 - 00030282 ____C (AMD Inc.) C:\WINDOWS\system32\dllcache\pcntn5hl.sys
2013-12-13 15:59 - 2001-08-17 12:11 - 00029769 ____C (AMD Inc.) C:\WINDOWS\system32\dllcache\pcntn5m.sys
2013-12-13 15:58 - 2008-04-14 00:24 - 00028672 ____C (National Semiconductor Corporation) C:\WINDOWS\system32\dllcache\nscirda.sys
2013-12-13 15:58 - 2008-04-14 00:16 - 00061696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ohci1394.sys
2013-12-13 15:58 - 2008-04-13 22:05 - 00132695 ____C (802.11b) C:\WINDOWS\system32\dllcache\netwlan5.sys
2013-12-13 15:58 - 2001-08-17 22:36 - 00123776 ____C (NVIDIA Corporation) C:\WINDOWS\system32\dllcache\nv3.dll
2013-12-13 15:58 - 2001-08-17 14:05 - 00048000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ovcam2.sys
2013-12-13 15:58 - 2001-08-17 14:05 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ovca.sys
2013-12-13 15:58 - 2001-08-17 13:53 - 00007552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\nsmmc.sys
2013-12-13 15:58 - 2001-08-17 13:47 - 00009344 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntapm.sys
2013-12-13 15:58 - 2001-08-17 13:28 - 00054186 ____C (Ositech Communications, Inc.) C:\WINDOWS\system32\dllcache\otcsercb.sys
2013-12-13 15:58 - 2001-08-17 12:50 - 00198144 ____C (NVIDIA Corporation) C:\WINDOWS\system32\dllcache\nv3.sys
2013-12-13 15:58 - 2001-08-17 12:49 - 00051552 ____C (Kensington Technology Group) C:\WINDOWS\system32\dllcache\ntgrip.sys
2013-12-13 15:58 - 2001-08-17 12:20 - 00126080 ____C (NeoMagic Corporation) C:\WINDOWS\system32\dllcache\nm5a2wdm.sys
2013-12-13 15:58 - 2001-08-17 12:20 - 00087040 ____C (NeoMagic Corporation) C:\WINDOWS\system32\dllcache\nm6wdm.sys
2013-12-13 15:58 - 2001-08-17 12:20 - 00054528 ____C (Yamaha Corp.) C:\WINDOWS\system32\dllcache\opl3sax.sys
2013-12-13 15:58 - 2001-08-17 12:12 - 00043689 ____C (Ositech Communications, Inc.) C:\WINDOWS\system32\dllcache\otceth5.sys
2013-12-13 15:58 - 2001-08-17 12:12 - 00032840 ____C (NETGEAR Corporation.) C:\WINDOWS\system32\dllcache\ngrpci.sys
2013-12-13 15:58 - 2001-08-17 12:12 - 00027209 ____C (Ositech Communications, Inc.) C:\WINDOWS\system32\dllcache\otc06x5.sys
2013-12-13 15:58 - 2001-08-17 12:11 - 00065278 ____C (Compaq Computer Corporation) C:\WINDOWS\system32\dllcache\netflx3.sys
2013-12-13 15:57 - 2008-04-14 00:16 - 00085248 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\nabtsfec.sys
2013-12-13 15:57 - 2008-04-14 00:16 - 00049024 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstape.sys
2013-12-13 15:57 - 2008-04-14 00:16 - 00010880 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndisip.sys
2013-12-13 15:57 - 2008-04-14 00:09 - 00005504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstee.sys
2013-12-13 15:57 - 2001-08-17 22:36 - 00060480 ____C (NeoMagic Corporation) C:\WINDOWS\system32\dllcache\neo20xx.dll
2013-12-13 15:57 - 2001-08-17 22:36 - 00059104 ____C (Number Nine Visual Technology Corp.) C:\WINDOWS\system32\dllcache\n9i128v2.dll
2013-12-13 15:57 - 2001-08-17 22:36 - 00019968 ____C (Moxa Technologies Co., Ltd) C:\WINDOWS\system32\dllcache\mxicfg.dll
2013-12-13 15:57 - 2001-08-17 22:36 - 00007168 ____C (Moxa Technologies Co., Ltd) C:\WINDOWS\system32\dllcache\mxport.dll
2013-12-13 15:57 - 2001-08-17 14:56 - 00091488 ____C (Number Nine Visual Technology Corp.) C:\WINDOWS\system32\dllcache\n9i3disp.dll
2013-12-13 15:57 - 2001-08-17 14:56 - 00035392 ____C (Number Nine Visual Technology Corp.) C:\WINDOWS\system32\dllcache\n9i128.dll
2013-12-13 15:57 - 2001-08-17 13:50 - 00075520 ____C (Moxa Technologies Co., Ltd.) C:\WINDOWS\system32\dllcache\mxport.sys
2013-12-13 15:57 - 2001-08-17 13:50 - 00021888 ____C (Moxa Technologies Co., Ltd.) C:\WINDOWS\system32\dllcache\mxcard.sys
2013-12-13 15:57 - 2001-08-17 13:49 - 00019968 ____C (Macronix International Co., Ltd.                                               ) C:\WINDOWS\system32\dllcache\mxnic.sys
2013-12-13 15:57 - 2001-08-17 13:49 - 00015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ne2000.sys
2013-12-13 15:57 - 2001-08-17 13:48 - 00012416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msriffwv.sys
2013-12-13 15:57 - 2001-08-17 12:50 - 00103296 ____C (Matrox Graphics Inc) C:\WINDOWS\system32\dllcache\mtxvideo.sys
2013-12-13 15:57 - 2001-08-17 12:50 - 00039264 ____C (NeoMagic Corporation) C:\WINDOWS\system32\dllcache\neo20xx.sys
2013-12-13 15:57 - 2001-08-17 12:50 - 00033088 ____C (Number Nine Visual Technology Corp.) C:\WINDOWS\system32\dllcache\n9i128v2.sys
2013-12-13 15:57 - 2001-08-17 12:50 - 00027936 ____C (Number Nine Visual Technology Corp.) C:\WINDOWS\system32\dllcache\n9i3d.sys
2013-12-13 15:57 - 2001-08-17 12:50 - 00013664 ____C (Number Nine Visual Technology Corp.) C:\WINDOWS\system32\dllcache\n9i128.sys
2013-12-13 15:57 - 2001-08-17 12:11 - 00128000 ____C (Compaq Computer Corporation) C:\WINDOWS\system32\dllcache\n100325.sys
2013-12-13 15:57 - 2001-08-17 12:11 - 00052255 ____C (Compaq Computer Corporation) C:\WINDOWS\system32\dllcache\n1000nt5.sys
2013-12-13 15:56 - 2008-04-14 05:42 - 00056832 ____C C:\WINDOWS\system32\dllcache\msdvbnp.ax
2013-12-13 15:56 - 2008-04-14 00:24 - 00022016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msircomm.sys
2013-12-13 15:56 - 2008-04-14 00:16 - 00051200 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdv.sys
2013-12-13 15:56 - 2008-04-14 00:16 - 00015232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mpe.sys
2013-12-13 15:56 - 2008-04-14 00:11 - 00026112 ____C (Sony Corporation) C:\WINDOWS\system32\dllcache\memstpci.sys
2013-12-13 15:56 - 2001-08-17 22:36 - 00047616 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\memgrp.dll
2013-12-13 15:56 - 2001-08-17 14:56 - 00235648 ____C (Matrox Graphics Inc.) C:\WINDOWS\system32\dllcache\mgaud.dll
2013-12-13 15:56 - 2001-08-17 14:02 - 00035200 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msgame.sys
2013-12-13 15:56 - 2001-08-17 14:00 - 00002944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msmpu401.sys
2013-12-13 15:56 - 2001-08-17 13:58 - 00008320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\memcard.sys
2013-12-13 15:56 - 2001-08-17 13:57 - 00016128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\modemcsa.sys
2013-12-13 15:56 - 2001-08-17 13:52 - 00017280 ____C (American Megatrends Inc.) C:\WINDOWS\system32\dllcache\mraid35x.sys
2013-12-13 15:56 - 2001-08-17 13:52 - 00006528 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\miniqic.sys
2013-12-13 15:56 - 2001-08-17 13:48 - 00006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfsio.sys
2013-12-13 15:56 - 2001-08-17 12:50 - 00320384 ____C (Matrox Graphics Inc.) C:\WINDOWS\system32\dllcache\mgaum.sys
2013-12-13 15:56 - 2001-08-17 12:12 - 00164586 ____C (Madge Networks Ltd) C:\WINDOWS\system32\dllcache\mdgndis5.sys
2013-12-13 15:55 - 2008-04-14 05:42 - 00091136 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kswdmcap.ax
2013-12-13 15:55 - 2008-04-14 05:42 - 00061952 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kstvtune.ax
2013-12-13 15:55 - 2008-04-14 05:42 - 00043008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ksxbar.ax
2013-12-13 15:55 - 2008-04-14 05:41 - 00253952 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kdsusd.dll
2013-12-13 15:55 - 2008-04-14 05:41 - 00048640 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kdsui.dll
2013-12-13 15:55 - 2008-04-14 00:10 - 00034688 ____C (Toshiba Corp.) C:\WINDOWS\system32\dllcache\lbrtfdc.sys
2013-12-13 15:55 - 2008-04-14 00:10 - 00007040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ltotape.sys
2013-12-13 15:55 - 2008-04-13 23:53 - 00606684 ____C (LT) C:\WINDOWS\system32\dllcache\ltmdmnt.sys
2013-12-13 15:55 - 2008-04-13 23:53 - 00420992 ____C (LT) C:\WINDOWS\system32\dllcache\ltmdmntt.sys
2013-12-13 15:55 - 2008-04-13 22:09 - 00020864 ____C (Logitech Inc.) C:\WINDOWS\system32\dllcache\lwadihid.sys
2013-12-13 15:55 - 2001-08-17 22:36 - 00058880 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\m3092dc.dll
2013-12-13 15:55 - 2001-08-17 22:36 - 00058368 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\m3091dc.dll
2013-12-13 15:55 - 2001-08-17 22:36 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kousd.dll
2013-12-13 15:55 - 2001-08-17 13:53 - 00004992 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\loop.sys
2013-12-13 15:55 - 2001-08-17 13:52 - 00007424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mammoth.sys
2013-12-13 15:55 - 2001-08-17 13:51 - 00015744 ____C (Litronic Industries) C:\WINDOWS\system32\dllcache\lit220p.sys
2013-12-13 15:55 - 2001-08-17 13:28 - 00802683 ____C (Lucent Technologies) C:\WINDOWS\system32\dllcache\ltsm.sys
2013-12-13 15:55 - 2001-08-17 13:28 - 00797500 ____C (LT) C:\WINDOWS\system32\dllcache\ltsmt.sys
2013-12-13 15:55 - 2001-08-17 13:28 - 00727786 ____C (Xircom, Inc.) C:\WINDOWS\system32\dllcache\ltck000c.sys
2013-12-13 15:55 - 2001-08-17 13:28 - 00576746 ____C (LT) C:\WINDOWS\system32\dllcache\ltmdmntl.sys
2013-12-13 15:55 - 2001-08-17 12:49 - 00022848 ____C (Logitech Inc.) C:\WINDOWS\system32\dllcache\lwusbhid.sys
2013-12-13 15:55 - 2001-08-17 12:19 - 00048768 ____C (ESS Technology, Inc.) C:\WINDOWS\system32\dllcache\maestro.sys
2013-12-13 15:55 - 2001-08-17 12:12 - 00070730 ____C (Linksys Group, Inc.) C:\WINDOWS\system32\dllcache\lne100tx.sys
2013-12-13 15:55 - 2001-08-17 12:12 - 00026442 ____C (SMSC) C:\WINDOWS\system32\dllcache\lanepic5.sys
2013-12-13 15:55 - 2001-08-17 12:12 - 00020573 ____C (The Linksts Group ) C:\WINDOWS\system32\dllcache\lne100.sys
2013-12-13 15:55 - 2001-08-17 12:12 - 00019016 ____C (Kingston Technology Company                                                             ) C:\WINDOWS\system32\dllcache\ktc111.sys
2013-12-13 15:55 - 2001-08-17 12:11 - 00025065 ____C (D-Link) C:\WINDOWS\system32\dllcache\lmndis3.sys
2013-12-13 15:54 - 2008-04-14 05:42 - 00151552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irftp.exe
2013-12-13 15:54 - 2008-04-14 05:42 - 00016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ipsink.ax
2013-12-13 15:54 - 2008-04-14 05:41 - 00028160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irmon.dll
2013-12-13 15:54 - 2008-04-14 05:39 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbd106.dll
2013-12-13 15:54 - 2008-04-14 00:24 - 00088192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irda.sys
2013-12-13 15:54 - 2001-08-17 22:36 - 00090200 ____C (Perle Systems Ltd. ) C:\WINDOWS\system32\dllcache\io8ports.dll
2013-12-13 15:54 - 2001-08-17 22:36 - 00008704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdjpn.dll
2013-12-13 15:54 - 2001-08-17 22:36 - 00008192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdkor.dll
2013-12-13 15:54 - 2001-08-17 14:55 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbd101c.dll
2013-12-13 15:54 - 2001-08-17 14:55 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbd101b.dll
2013-12-13 15:54 - 2001-08-17 14:55 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbd103.dll
2013-12-13 15:54 - 2001-08-17 13:52 - 00016000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ini910u.sys
2013-12-13 15:54 - 2001-08-17 13:51 - 00018688 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irsir.sys
2013-12-13 15:54 - 2001-08-17 13:50 - 00038784 ____C (Perle Systems Ltd. ) C:\WINDOWS\system32\dllcache\io8.sys
2013-12-13 15:54 - 2001-08-17 13:49 - 00026624 ____C (SigmaTel, Inc.) C:\WINDOWS\system32\dllcache\irstusb.sys
2013-12-13 15:54 - 2001-08-17 13:49 - 00023552 ____C (MKNet Corporation) C:\WINDOWS\system32\dllcache\irmk7.sys
2013-12-13 15:54 - 2001-08-17 13:47 - 00013056 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inport.sys
2013-12-13 15:54 - 2001-08-17 12:12 - 00045632 ____C (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) C:\WINDOWS\system32\dllcache\ip5515.sys
2013-12-13 15:53 - 2008-04-14 04:41 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieencode.dll
2013-12-13 15:53 - 2008-04-14 00:11 - 00018560 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\i2omp.sys
2013-12-13 15:53 - 2008-04-14 00:11 - 00008576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\i2omgmt.sys
2013-12-13 15:53 - 2001-08-17 22:36 - 00372824 ____C (Xircom) C:\WINDOWS\system32\dllcache\iconf32.dll
2013-12-13 15:53 - 2001-08-17 22:36 - 00091136 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icam4com.dll
2013-12-13 15:53 - 2001-08-17 22:36 - 00061952 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icam4ext.dll
2013-12-13 15:53 - 2001-08-17 22:36 - 00045056 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icam5com.dll
2013-12-13 15:53 - 2001-08-17 22:36 - 00026624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icam3ext.dll
2013-12-13 15:53 - 2001-08-17 22:36 - 00020480 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icam5ext.dll
2013-12-13 15:53 - 2001-08-17 22:34 - 00009216 ____C (IBM Corporation) C:\WINDOWS\system32\dllcache\ibmsgnet.dll
2013-12-13 15:53 - 2001-08-17 14:56 - 00353184 ____C (Intel Corporation) C:\WINDOWS\system32\dllcache\i740dnt5.dll
2013-12-13 15:53 - 2001-08-17 14:06 - 00154496 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icam4usb.sys
2013-12-13 15:53 - 2001-08-17 14:06 - 00100992 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icam5usb.sys
2013-12-13 15:53 - 2001-08-17 14:06 - 00038528 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ibmvcap.sys
2013-12-13 15:53 - 2001-08-17 14:05 - 00141056 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icam3.sys
2013-12-13 15:53 - 2001-08-17 12:49 - 00058592 ____C (Intel Corporation) C:\WINDOWS\system32\dllcache\i740nt5.sys
2013-12-13 15:53 - 2001-08-17 12:12 - 00109085 ____C (IBM Corporation) C:\WINDOWS\system32\dllcache\ibmtrp.sys
2013-12-13 15:53 - 2001-08-17 12:12 - 00100936 ____C (IBM Corporation) C:\WINDOWS\system32\dllcache\ibmtok.sys
2013-12-13 15:53 - 2001-08-17 12:11 - 00028700 ____C (IBM Corp.) C:\WINDOWS\system32\dllcache\ibmexmp.sys
2013-12-13 15:52 - 2001-08-17 22:36 - 00324608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpojwia.dll
2013-12-13 15:52 - 2001-08-17 22:36 - 00165888 ____C () C:\WINDOWS\system32\dllcache\hpgt53.dll
2013-12-13 15:52 - 2001-08-17 22:36 - 00126976 ____C (Hewlett Packard) C:\WINDOWS\system32\dllcache\hpgt34tk.dll
2013-12-13 15:52 - 2001-08-17 22:36 - 00101376 ____C () C:\WINDOWS\system32\dllcache\hpgt34.dll
2013-12-13 15:52 - 2001-08-17 22:36 - 00093696 ____C () C:\WINDOWS\system32\dllcache\hpgt42.dll
2013-12-13 15:52 - 2001-08-17 22:36 - 00089088 ____C () C:\WINDOWS\system32\dllcache\hpgt33.dll
2013-12-13 15:52 - 2001-08-17 22:36 - 00068608 ____C (Avisioin) C:\WINDOWS\system32\dllcache\hpgt53tk.dll
2013-12-13 15:52 - 2001-08-17 22:36 - 00048128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpgt33tk.dll
2013-12-13 15:52 - 2001-08-17 22:36 - 00032768 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpgtmcro.dll
2013-12-13 15:52 - 2001-08-17 22:36 - 00031232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpgt42tk.dll
2013-12-13 15:52 - 2001-08-17 22:36 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hr1w.dll
2013-12-13 15:52 - 2001-08-17 22:36 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpsjmcro.dll
2013-12-13 15:52 - 2001-08-17 22:36 - 00009759 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_inst.dll
2013-12-13 15:52 - 2001-08-17 14:07 - 00025952 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpn.sys
2013-12-13 15:52 - 2001-08-17 13:52 - 00005760 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpt4qic.sys
2013-12-13 15:52 - 2001-08-17 13:28 - 00542879 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_msft.sys
2013-12-13 15:52 - 2001-08-17 13:28 - 00488383 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_v124.sys
2013-12-13 15:52 - 2001-08-17 13:28 - 00391199 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_k56k.sys
2013-12-13 15:52 - 2001-08-17 13:28 - 00289887 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_fall.sys
2013-12-13 15:52 - 2001-08-17 13:28 - 00199711 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_faxx.sys
2013-12-13 15:52 - 2001-08-17 13:28 - 00150239 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_amos.sys
2013-12-13 15:52 - 2001-08-17 13:28 - 00115807 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_fsks.sys
2013-12-13 15:52 - 2001-08-17 13:28 - 00073279 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_spkp.sys
2013-12-13 15:52 - 2001-08-17 13:28 - 00067167 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_bsc2.sys
2013-12-13 15:52 - 2001-08-17 13:28 - 00057471 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_samp.sys
2013-12-13 15:52 - 2001-08-17 13:28 - 00050751 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_tone.sys
2013-12-13 15:52 - 2001-08-17 13:28 - 00044863 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_soar.sys
2013-12-13 15:51 - 2008-04-14 00:15 - 00059136 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\gckernel.sys
2013-12-13 15:51 - 2008-04-14 00:10 - 00028288 ____C (Gemplus) C:\WINDOWS\system32\dllcache\grserial.sys
2013-12-13 15:51 - 2008-04-14 00:06 - 00020352 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidbatt.sys
2013-12-13 15:51 - 2001-08-17 22:36 - 00123392 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpgt21tk.dll
2013-12-13 15:51 - 2001-08-17 22:36 - 00119296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpdigwia.dll
2013-12-13 15:51 - 2001-08-17 22:36 - 00083968 ____C () C:\WINDOWS\system32\dllcache\hpgt21.dll
2013-12-13 15:51 - 2001-08-17 14:02 - 00008576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidgame.sys
2013-12-13 15:51 - 2001-08-17 14:02 - 00002688 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidswvd.sys
2013-12-13 15:51 - 2001-08-17 13:51 - 00082304 ____C (Gemplus) C:\WINDOWS\system32\dllcache\grclass.sys
2013-12-13 15:51 - 2001-08-17 13:51 - 00017408 ____C (Gemplus) C:\WINDOWS\system32\dllcache\gpr400.sys
2013-12-13 15:51 - 2001-08-17 13:28 - 00907456 ____C (Conexant) C:\WINDOWS\system32\dllcache\hcf_msft.sys
2013-12-13 15:50 - 2008-04-14 00:15 - 00010624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\gameenum.sys
2013-12-13 15:50 - 2008-04-13 22:05 - 00034173 ____C (Marconi Communications, Inc.) C:\WINDOWS\system32\dllcache\forehe.sys
2013-12-13 15:50 - 2001-08-17 22:36 - 00092160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fuusd.dll
2013-12-13 15:50 - 2001-08-17 22:36 - 00071680 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fnfilter.dll
2013-12-13 15:50 - 2001-08-17 14:56 - 01733120 ____C (Matrox Graphics Inc.) C:\WINDOWS\system32\dllcache\g400d.dll
2013-12-13 15:50 - 2001-08-17 14:56 - 00470144 ____C (Matrox Graphics Inc.) C:\WINDOWS\system32\dllcache\g200d.dll
2013-12-13 15:50 - 2001-08-17 12:49 - 00322432 ____C (Matrox Graphics Inc.) C:\WINDOWS\system32\dllcache\g400m.sys
2013-12-13 15:50 - 2001-08-17 12:49 - 00320384 ____C (Matrox Graphics Inc.) C:\WINDOWS\system32\dllcache\g200m.sys
2013-12-13 15:50 - 2001-08-17 12:15 - 00455680 ____C (AVM GmbH) C:\WINDOWS\system32\dllcache\fus2base.sys
2013-12-13 15:50 - 2001-08-17 12:15 - 00455296 ____C (AVM GmbH) C:\WINDOWS\system32\dllcache\fusbbase.sys
2013-12-13 15:50 - 2001-08-17 12:15 - 00454912 ____C (AVM GmbH) C:\WINDOWS\system32\dllcache\fxusbase.sys
2013-12-13 15:50 - 2001-08-17 12:15 - 00442240 ____C (AVM GmbH) C:\WINDOWS\system32\dllcache\fpnpbase.sys
2013-12-13 15:50 - 2001-08-17 12:14 - 00444416 ____C (AVM GmbH) C:\WINDOWS\system32\dllcache\fpcibase.sys
2013-12-13 15:50 - 2001-08-17 12:14 - 00441728 ____C (AVM GmbH) C:\WINDOWS\system32\dllcache\fpcmbase.sys
2013-12-13 15:50 - 2001-08-17 12:13 - 00027165 ____C (VIA Technologies, Inc.              ) C:\WINDOWS\system32\dllcache\fetnd5.sys
2013-12-13 15:50 - 2001-08-17 12:12 - 00024618 ____C (NETGEAR) C:\WINDOWS\system32\dllcache\fa410nd5.sys
2013-12-13 15:50 - 2001-08-17 12:12 - 00016074 ____C (NETGEAR Corp.) C:\WINDOWS\system32\dllcache\fa312nd5.sys
2013-12-13 15:50 - 2001-08-17 12:11 - 00012362 ____C (FUJITSU LIMITED) C:\WINDOWS\system32\dllcache\f3ab18xi.sys
2013-12-13 15:50 - 2001-08-17 12:11 - 00011850 ____C (FUJITSU LIMITED) C:\WINDOWS\system32\dllcache\f3ab18xj.sys
2013-12-13 15:50 - 2001-08-17 12:10 - 00022090 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\fem556n5.sys
2013-12-13 15:49 - 2008-04-13 22:06 - 00137088 ____C (ESS Technology, Inc.) C:\WINDOWS\system32\dllcache\essm2e.sys
2013-12-13 15:49 - 2001-08-17 22:36 - 00061952 ____C (Equinox Systems Inc.) C:\WINDOWS\system32\dllcache\eqnloop.exe
2013-12-13 15:49 - 2001-08-17 22:36 - 00053248 ____C (Equinox Systems Inc.) C:\WINDOWS\system32\dllcache\eqndiag.exe
2013-12-13 15:49 - 2001-08-17 22:36 - 00051200 ____C (Equinox Systems Inc.) C:\WINDOWS\system32\dllcache\eqnlogr.exe
2013-12-13 15:49 - 2001-08-17 22:36 - 00045568 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esunib.dll
2013-12-13 15:49 - 2001-08-17 22:36 - 00045568 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esuni.dll
2013-12-13 15:49 - 2001-08-17 22:36 - 00043008 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esucm.dll
2013-12-13 15:49 - 2001-08-17 22:36 - 00034816 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esuimg.dll
2013-12-13 15:49 - 2001-08-17 13:53 - 00007296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\elmsmc.sys
2013-12-13 15:49 - 2001-08-17 13:52 - 00007040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\exabyte2.sys
2013-12-13 15:49 - 2001-08-17 13:50 - 00144896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\epcfw2k.sys
2013-12-13 15:49 - 2001-08-17 13:50 - 00114944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\epstw2k.sys
2013-12-13 15:49 - 2001-08-17 13:46 - 00006400 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\enum1394.sys
2013-12-13 15:49 - 2001-08-17 13:28 - 00634134 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el656ct5.sys
2013-12-13 15:49 - 2001-08-17 13:28 - 00595647 ____C (ESS Technology, Inc.) C:\WINDOWS\system32\dllcache\es56cvmp.sys
2013-12-13 15:49 - 2001-08-17 13:28 - 00594238 ____C (ESS Technology, Inc.) C:\WINDOWS\system32\dllcache\es56hpi.sys
2013-12-13 15:49 - 2001-08-17 13:28 - 00347550 ____C (ESS Technology, Inc.) C:\WINDOWS\system32\dllcache\es56tpi.sys
2013-12-13 15:49 - 2001-08-17 13:28 - 00241206 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el656se5.sys
2013-12-13 15:49 - 2001-08-17 12:19 - 00283904 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\emu10k1m.sys
2013-12-13 15:49 - 2001-08-17 12:19 - 00174464 ____C (ESS Technology, Inc.) C:\WINDOWS\system32\dllcache\es198x.sys
2013-12-13 15:49 - 2001-08-17 12:19 - 00072192 ____C (ESS Technology Inc.) C:\WINDOWS\system32\dllcache\es1969.sys
2013-12-13 15:49 - 2001-08-17 12:19 - 00063360 ____C (ESS Technology, Inc.) C:\WINDOWS\system32\dllcache\ess.sys
2013-12-13 15:49 - 2001-08-17 12:19 - 00040704 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\es1371mp.sys
2013-12-13 15:49 - 2001-08-17 12:19 - 00037120 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\es1370mp.sys
2013-12-13 15:49 - 2001-08-17 12:17 - 00629952 ____C (Equinox Systems Inc.) C:\WINDOWS\system32\dllcache\eqn.sys
2013-12-13 15:49 - 2001-08-17 12:12 - 00018503 ____C (Intel Corporation) C:\WINDOWS\system32\dllcache\epro4.sys
2013-12-13 15:49 - 2001-08-17 12:12 - 00016998 ____C (Intel Corporation) C:\WINDOWS\system32\dllcache\ex10.sys
2013-12-13 15:49 - 2001-08-17 12:11 - 00455199 ____C (3Com Corporation.) C:\WINDOWS\system32\dllcache\el985n51.sys
2013-12-13 15:49 - 2001-08-17 12:11 - 00171520 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el99xn51.sys
2013-12-13 15:49 - 2001-08-17 12:11 - 00153631 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el90xnd5.sys
2013-12-13 15:49 - 2001-08-17 12:11 - 00077386 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el656nd5.sys
2013-12-13 15:49 - 2001-08-17 12:11 - 00070174 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el98xn5.sys
2013-12-13 15:49 - 2001-08-17 12:11 - 00069194 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el656cd5.sys
2013-12-13 15:49 - 2001-08-17 12:11 - 00066591 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el90xbc5.sys
2013-12-13 15:49 - 2001-08-17 12:10 - 00069692 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el575nd5.sys
2013-12-13 15:49 - 2001-08-17 12:10 - 00055999 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el556nd5.sys
2013-12-13 15:49 - 2001-08-17 12:10 - 00044103 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el515.sys
2013-12-13 15:49 - 2001-08-17 12:10 - 00026141 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el589nd5.sys
2013-12-13 15:49 - 2001-08-17 12:10 - 00025159 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\elnk3.sys
2013-12-13 15:49 - 2001-08-17 12:10 - 00024653 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el574nd4.sys
2013-12-13 15:49 - 2001-08-17 12:10 - 00019996 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\em556n4.sys
2013-12-13 15:48 - 2008-04-14 05:42 - 00020992 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dshowext.ax
2013-12-13 15:48 - 2008-04-14 00:10 - 00008320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dlttape.sys
2013-12-13 15:48 - 2008-04-14 00:09 - 00206976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dot4.sys
2013-12-13 15:48 - 2001-08-17 22:36 - 00614429 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\digiview.exe
2013-12-13 15:48 - 2001-08-17 22:36 - 00419357 ____C (Digi International) C:\WINDOWS\system32\dllcache\dgconfig.dll
2013-12-13 15:48 - 2001-08-17 22:36 - 00256512 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\devcon32.dll
2013-12-13 15:48 - 2001-08-17 22:36 - 00236060 ____C (Eicon Technology) C:\WINDOWS\system32\dllcache\ditrace.exe
2013-12-13 15:48 - 2001-08-17 22:36 - 00229462 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\digifwrk.dll
2013-12-13 15:48 - 2001-08-17 22:36 - 00159828 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\digihlc.dll
2013-12-13 15:48 - 2001-08-17 22:36 - 00131156 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\digidbp.dll
2013-12-13 15:48 - 2001-08-17 22:36 - 00110621 ____C (Digi International, Inc.) C:\WINDOWS\system32\dllcache\digirlpt.dll
2013-12-13 15:48 - 2001-08-17 22:36 - 00110592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dc260usd.dll
2013-12-13 15:48 - 2001-08-17 22:36 - 00102484 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\digiinf.dll
2013-12-13 15:48 - 2001-08-17 22:36 - 00086016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dc240usd.dll
2013-12-13 15:48 - 2001-08-17 22:36 - 00080896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dc210usd.dll
2013-12-13 15:48 - 2001-08-17 22:36 - 00065622 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\digiasyn.dll
2013-12-13 15:48 - 2001-08-17 22:36 - 00041046 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\digiisdn.dll
2013-12-13 15:48 - 2001-08-17 22:36 - 00038985 ____C (Eicon Technology) C:\WINDOWS\system32\dllcache\disrvsu.dll
2013-12-13 15:48 - 2001-08-17 22:36 - 00037962 ____C C:\WINDOWS\system32\dllcache\divaprop.dll
2013-12-13 15:48 - 2001-08-17 22:36 - 00031305 ____C (Eicon Technology) C:\WINDOWS\system32\dllcache\disrvpp.dll
2013-12-13 15:48 - 2001-08-17 22:36 - 00029768 ____C C:\WINDOWS\system32\dllcache\divasu.dll
2013-12-13 15:48 - 2001-08-17 22:36 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dc210_32.dll
2013-12-13 15:48 - 2001-08-17 22:36 - 00024064 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\devldr32.exe
2013-12-13 15:48 - 2001-08-17 22:36 - 00006729 ____C (Eicon Technology) C:\WINDOWS\system32\dllcache\disrvci.dll
2013-12-13 15:48 - 2001-08-17 22:36 - 00006216 ____C C:\WINDOWS\system32\dllcache\divaci.dll
2013-12-13 15:48 - 2001-08-17 13:52 - 00014720 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dac960nt.sys
2013-12-13 15:48 - 2001-08-17 13:52 - 00007424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ddsmc.sys
2013-12-13 15:48 - 2001-08-17 13:47 - 00023808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dot4usb.sys
2013-12-13 15:48 - 2001-08-17 13:47 - 00012928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dot4prt.sys
2013-12-13 15:48 - 2001-08-17 13:47 - 00008704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dot4scan.sys
2013-12-13 15:48 - 2001-08-17 12:20 - 00334208 ____C (Yamaha Corp.) C:\WINDOWS\system32\dllcache\ds1wdm.sys
2013-12-13 15:48 - 2001-08-17 12:17 - 00090525 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\digifep5.sys
2013-12-13 15:48 - 2001-08-17 12:17 - 00042432 ____C (Digi International, Inc.) C:\WINDOWS\system32\dllcache\digirlpt.sys
2013-12-13 15:48 - 2001-08-17 12:17 - 00029531 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\dgapci.sys
2013-12-13 15:48 - 2001-08-17 12:14 - 00952007 ____C (Eicon Technology) C:\WINDOWS\system32\dllcache\diwan.sys
2013-12-13 15:48 - 2001-08-17 12:14 - 00021606 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\digiisdn.sys
2013-12-13 15:48 - 2001-08-17 12:13 - 00103044 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\digidxb.sys
2013-12-13 15:48 - 2001-08-17 12:13 - 00091305 ____C (Eicon Technology) C:\WINDOWS\system32\dllcache\dimaint.sys
2013-12-13 15:48 - 2001-08-17 12:13 - 00037735 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\digiasyn.sys
2013-12-13 15:48 - 2001-08-17 12:12 - 00063208 ____C (Intel Corporation.) C:\WINDOWS\system32\dllcache\dc21x4.sys
2013-12-13 15:48 - 2001-08-17 12:12 - 00050719 ____C (Intel Corporation) C:\WINDOWS\system32\dllcache\e1000nt5.sys
2013-12-13 15:48 - 2001-08-17 12:12 - 00028062 ____C (National Semiconductor Coproration) C:\WINDOWS\system32\dllcache\dp83820.sys
2013-12-13 15:48 - 2001-08-17 12:12 - 00019594 ____C (Intel Corporation) C:\WINDOWS\system32\dllcache\e100isa4.sys
2013-12-13 15:48 - 2001-08-17 12:11 - 00029696 ____C (CNet Technology, Inc.                                                    ) C:\WINDOWS\system32\dllcache\dm9pci5.sys
2013-12-13 15:48 - 2001-08-17 12:11 - 00026698 ____C (D-Link Corporation) C:\WINDOWS\system32\dllcache\dlh5xnd5.sys
2013-12-13 15:48 - 2001-08-17 12:11 - 00024649 ____C (D-Link) C:\WINDOWS\system32\dllcache\dfe650d.sys
2013-12-13 15:48 - 2001-08-17 12:11 - 00024648 ____C (D-Link) C:\WINDOWS\system32\dllcache\dfe650.sys
2013-12-13 15:48 - 2001-08-17 12:11 - 00020928 ____C (Digital Networks, LLC) C:\WINDOWS\system32\dllcache\defpa.sys
2013-12-13 15:47 - 2008-04-14 05:41 - 00249856 ____C (Comtrol® Corporation) C:\WINDOWS\system32\dllcache\ctmasetp.dll
2013-12-13 15:47 - 2008-04-14 00:16 - 00017024 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ccdecode.sys
2013-12-13 15:47 - 2008-04-14 00:11 - 00008192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\changer.sys
2013-12-13 15:47 - 2008-04-14 00:06 - 00013952 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cmbatt.sys
2013-12-13 15:47 - 2008-04-14 00:06 - 00010240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\compbatt.sys
2013-12-13 15:47 - 2008-04-13 22:06 - 00048640 ____C (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwrwdm.sys
2013-12-13 15:47 - 2001-08-17 22:36 - 00216064 ____C (COMPAQ Inc.) C:\WINDOWS\system32\dllcache\cpscan.dll
2013-12-13 15:47 - 2001-08-17 22:36 - 00175104 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\csamsp.dll
2013-12-13 15:47 - 2001-08-17 22:36 - 00044032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cnusd.dll
2013-12-13 15:47 - 2001-08-17 22:36 - 00032256 ____C (Eicon Technology Corporation) C:\WINDOWS\system32\dllcache\diapi2NT.dll
2013-12-13 15:47 - 2001-08-17 22:36 - 00028672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyycoins.dll
2013-12-13 15:47 - 2001-08-17 22:36 - 00027648 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyzports.dll
2013-12-13 15:47 - 2001-08-17 22:36 - 00027648 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyyports.dll
2013-12-13 15:47 - 2001-08-17 22:36 - 00027136 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyzcoins.dll
2013-12-13 15:47 - 2001-08-17 22:36 - 00004096 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\ctwdm32.dll
2013-12-13 15:47 - 2001-08-17 14:56 - 00170880 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cl546x.dll
2013-12-13 15:47 - 2001-08-17 14:56 - 00111232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cl5465.dll
2013-12-13 15:47 - 2001-08-17 14:56 - 00091264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cirrus.dll
2013-12-13 15:47 - 2001-08-17 14:02 - 00272640 ____C (RAVISENT Technologies Inc.) C:\WINDOWS\system32\dllcache\cinemclc.sys
2013-12-13 15:47 - 2001-08-17 13:57 - 00248064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cl546xm.sys
2013-12-13 15:47 - 2001-08-17 13:57 - 00045696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cirrus.sys
2013-12-13 15:47 - 2001-08-17 13:52 - 00179584 ____C (Mylex Corporation) C:\WINDOWS\system32\dllcache\dac2w2k.sys
2013-12-13 15:47 - 2001-08-17 13:52 - 00014976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cpqarray.sys
2013-12-13 15:47 - 2001-08-17 13:52 - 00007680 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cd20xrnt.sys
2013-12-13 15:47 - 2001-08-17 13:51 - 00020736 ____C (OMNIKEY AG) C:\WINDOWS\system32\dllcache\cmbp0wdm.sys
2013-12-13 15:47 - 2001-08-17 13:51 - 00006656 ____C (CMD Technology, Inc.) C:\WINDOWS\system32\dllcache\cmdide.sys
2013-12-13 15:47 - 2001-08-17 13:50 - 00050176 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyyport.sys
2013-12-13 15:47 - 2001-08-17 13:50 - 00049792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyzport.sys
2013-12-13 15:47 - 2001-08-17 13:50 - 00017152 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyclad-z.sys
2013-12-13 15:47 - 2001-08-17 13:50 - 00014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyclom-y.sys
2013-12-13 15:47 - 2001-08-17 13:28 - 00714698 ____C (Xircom, Inc.) C:\WINDOWS\system32\dllcache\cbmdmkxx.sys
2013-12-13 15:47 - 2001-08-17 12:19 - 00111872 ____C (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwcspud.sys
2013-12-13 15:47 - 2001-08-17 12:19 - 00096256 ____C (Copyright © Creative Technology Ltd. 1994-2001) C:\WINDOWS\system32\dllcache\ctlsb16.sys
2013-12-13 15:47 - 2001-08-17 12:19 - 00093952 ____C (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwcwdm.sys
2013-12-13 15:47 - 2001-08-17 12:19 - 00072832 ____C (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwbwdm.sys
2013-12-13 15:47 - 2001-08-17 12:19 - 00042112 ____C (Conexant Systems Inc.) C:\WINDOWS\system32\dllcache\crtaud.sys
2013-12-13 15:47 - 2001-08-17 12:19 - 00006912 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\ctlfacem.sys
2013-12-13 15:47 - 2001-08-17 12:19 - 00003712 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\ctljystk.sys
2013-12-13 15:47 - 2001-08-17 12:19 - 00003584 ____C (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwcosnt5.sys
2013-12-13 15:47 - 2001-08-17 12:19 - 00003072 ____C (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwbmidi.sys
2013-12-13 15:47 - 2001-08-17 12:19 - 00003072 ____C (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwbase.sys
2013-12-13 15:47 - 2001-08-17 12:13 - 00980034 ____C (Xircom) C:\WINDOWS\system32\dllcache\cicap.sys
2013-12-13 15:47 - 2001-08-17 12:13 - 00164923 ____C (Eicon Technology) C:\WINDOWS\system32\dllcache\diapi2.sys
2013-12-13 15:47 - 2001-08-17 12:13 - 00049182 ____C (Xircom, Inc.) C:\WINDOWS\system32\dllcache\cem56n5.sys
2013-12-13 15:47 - 2001-08-17 12:13 - 00046108 ____C (Xircom, Inc.) C:\WINDOWS\system32\dllcache\cben5.sys
2013-12-13 15:47 - 2001-08-17 12:13 - 00027164 ____C (Xircom, Inc.) C:\WINDOWS\system32\dllcache\ce3n5.sys
2013-12-13 15:47 - 2001-08-17 12:13 - 00022044 ____C (Xircom, Inc.) C:\WINDOWS\system32\dllcache\cem33n5.sys
2013-12-13 15:47 - 2001-08-17 12:13 - 00022044 ____C (Xircom, Inc.) C:\WINDOWS\system32\dllcache\cem28n5.sys
2013-12-13 15:47 - 2001-08-17 12:13 - 00021533 ____C (Compaq Computer Corporation) C:\WINDOWS\system32\dllcache\cpqndis5.sys
2013-12-13 15:47 - 2001-08-17 12:13 - 00021530 ____C (Xircom, Inc.) C:\WINDOWS\system32\dllcache\ce2n5.sys
2013-12-13 15:47 - 2001-08-17 12:12 - 00117760 ____C (Intel Corporation) C:\WINDOWS\system32\dllcache\d100ib5.sys
2013-12-13 15:47 - 2001-08-17 12:12 - 00039680 ____C (Silicom Ltd.) C:\WINDOWS\system32\dllcache\cb325.sys
2013-12-13 15:47 - 2001-08-17 12:12 - 00037916 ____C (Fast Ethernet Controller Provider) C:\WINDOWS\system32\dllcache\cb102.sys
2013-12-13 15:47 - 2001-08-17 12:11 - 00060970 ____C (Compaq Computer Corp.) C:\WINDOWS\system32\dllcache\cpqtrnd5.sys
2013-12-13 15:47 - 2001-08-17 12:11 - 00039936 ____C (Conexant Systems, Inc.) C:\WINDOWS\system32\dllcache\cnxt1803.sys
2013-12-13 15:46 - 2008-04-14 05:42 - 00018432 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bdaplgin.ax
2013-12-13 15:46 - 2008-04-14 05:41 - 00121856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camext30.dll
2013-12-13 15:46 - 2008-04-14 00:16 - 00038912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\avc.sys
2013-12-13 15:46 - 2008-04-14 00:16 - 00013696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\avcstrm.sys
2013-12-13 15:46 - 2008-04-14 00:16 - 00011776 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bdasup.sys
2013-12-13 15:46 - 2008-04-14 00:06 - 00014208 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\battc.sys
2013-12-13 15:46 - 2008-04-13 22:05 - 00036224 ____C (ADMtek Incorporated.) C:\WINDOWS\system32\dllcache\an983.sys
2013-12-13 15:46 - 2001-08-17 22:37 - 00244224 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camext20.ax
2013-12-13 15:46 - 2001-08-17 22:37 - 00116736 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camext30.ax
2013-12-13 15:46 - 2001-08-17 22:37 - 00073216 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camexo20.ax
2013-12-13 15:46 - 2001-08-17 22:36 - 00236032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camext20.dll
2013-12-13 15:46 - 2001-08-17 22:36 - 00144384 ____C (AVM GmbH) C:\WINDOWS\system32\dllcache\avmenum.dll
2013-12-13 15:46 - 2001-08-17 22:36 - 00102400 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\binlsvc.dll
2013-12-13 15:46 - 2001-08-17 22:36 - 00087552 ____C (AVM GmbH) C:\WINDOWS\system32\dllcache\avmcoxp.dll
2013-12-13 15:46 - 2001-08-17 22:36 - 00081408 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\brmfcwia.dll
2013-12-13 15:46 - 2001-08-17 22:36 - 00074240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camexo20.dll
2013-12-13 15:46 - 2001-08-17 22:36 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\atievxx.exe
2013-12-13 15:46 - 2001-08-17 14:56 - 00342336 ____C (3Dfx Interactive, Inc.) C:\WINDOWS\system32\dllcache\banshee.dll
2013-12-13 15:46 - 2001-08-17 14:56 - 00268160 ____C (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atidvai.dll
2013-12-13 15:46 - 2001-08-17 14:56 - 00137216 ____C (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atidrae.dll
2013-12-13 15:46 - 2001-08-17 14:56 - 00104832 ____C (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atiraged.dll
2013-12-13 15:46 - 2001-08-17 14:55 - 00382592 ____C (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atidrab.dll
2013-12-13 15:46 - 2001-08-17 14:55 - 00096128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ati.dll
2013-12-13 15:46 - 2001-08-17 14:05 - 00314752 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camdro21.sys
2013-12-13 15:46 - 2001-08-17 14:04 - 00223232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camdrv21.sys
2013-12-13 15:46 - 2001-08-17 14:04 - 00171264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camdrv30.sys
2013-12-13 15:46 - 2001-08-17 14:01 - 00036096 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\avcaudio.sys
2013-12-13 15:46 - 2001-08-17 13:57 - 00077568 ____C (ATI Technologies, Inc.) C:\WINDOWS\system32\dllcache\ati.sys
2013-12-13 15:46 - 2001-08-17 13:52 - 00026496 ____C (Advanced System Products, Inc.) C:\WINDOWS\system32\dllcache\asc.sys
2013-12-13 15:46 - 2001-08-17 13:52 - 00022400 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\asc3350p.sys
2013-12-13 15:46 - 2001-08-17 13:52 - 00012032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\amsint.sys
2013-12-13 15:46 - 2001-08-17 13:51 - 00014848 ____C (Advanced System Products, Inc.) C:\WINDOWS\system32\dllcache\asc3550.sys
2013-12-13 15:46 - 2001-08-17 13:51 - 00013824 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bulltlp3.sys
2013-12-13 15:46 - 2001-08-17 13:47 - 00006272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\apmbatt.sys
2013-12-13 15:46 - 2001-08-17 13:28 - 00871388 ____C (BCM) C:\WINDOWS\system32\dllcache\bcmdm.sys
2013-12-13 15:46 - 2001-08-17 13:12 - 00012160 ____C (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brfiltlo.sys
2013-12-13 15:46 - 2001-08-17 13:12 - 00011008 ____C (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brusbmdm.sys
2013-12-13 15:46 - 2001-08-17 13:12 - 00010368 ____C (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brusbscn.sys
2013-12-13 15:46 - 2001-08-17 13:12 - 00003968 ____C (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brfiltup.sys
2013-12-13 15:46 - 2001-08-17 12:49 - 00075136 ____C (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atimpae.sys
2013-12-13 15:46 - 2001-08-17 12:49 - 00049920 ____C C:\WINDOWS\system32\dllcache\atirtcap.sys
2013-12-13 15:46 - 2001-08-17 12:49 - 00046464 ____C C:\WINDOWS\system32\dllcache\atibt829.sys
2013-12-13 15:46 - 2001-08-17 12:49 - 00026880 ____C C:\WINDOWS\system32\dllcache\atirtsnd.sys
2013-12-13 15:46 - 2001-08-17 12:49 - 00026624 ____C C:\WINDOWS\system32\dllcache\ativxbar.sys
2013-12-13 15:46 - 2001-08-17 12:49 - 00023552 ____C C:\WINDOWS\system32\dllcache\atixbar.sys
2013-12-13 15:46 - 2001-08-17 12:49 - 00019456 ____C C:\WINDOWS\system32\dllcache\ativttxx.sys
2013-12-13 15:46 - 2001-08-17 12:49 - 00017152 ____C C:\WINDOWS\system32\dllcache\atitvsnd.sys
2013-12-13 15:46 - 2001-08-17 12:49 - 00017152 ____C C:\WINDOWS\system32\dllcache\atitunep.sys
2013-12-13 15:46 - 2001-08-17 12:49 - 00010240 ____C C:\WINDOWS\system32\dllcache\atipcxxx.sys
2013-12-13 15:46 - 2001-08-17 12:49 - 00009472 ____C C:\WINDOWS\system32\dllcache\ativmdcd.sys
2013-12-13 15:46 - 2001-08-17 12:48 - 00289664 ____C (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atimpab.sys
2013-12-13 15:46 - 2001-08-17 12:48 - 00281600 ____C (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atimtai.sys
2013-12-13 15:46 - 2001-08-17 12:48 - 00070528 ____C (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atiragem.sys
2013-12-13 15:46 - 2001-08-17 12:48 - 00036128 ____C (3Dfx Interactive, Inc.) C:\WINDOWS\system32\dllcache\banshee.sys
2013-12-13 15:46 - 2001-08-17 12:19 - 00036992 ____C (Aztech Systems Ltd) C:\WINDOWS\system32\dllcache\aztw2320.sys
2013-12-13 15:46 - 2001-08-17 12:13 - 00089952 ____C (AVM GmbH) C:\WINDOWS\system32\dllcache\b1cbase.sys
2013-12-13 15:46 - 2001-08-17 12:13 - 00037568 ____C (AVM GmbH) C:\WINDOWS\system32\dllcache\avmwan.sys
2013-12-13 15:46 - 2001-08-17 12:12 - 00097354 ____C (Bay Networks, Inc.) C:\WINDOWS\system32\dllcache\aspndis3.sys
2013-12-13 15:46 - 2001-08-17 12:11 - 00066557 ____C (Broadcom Corporation) C:\WINDOWS\system32\dllcache\bcm42u.sys
2013-12-13 15:46 - 2001-08-17 12:11 - 00054271 ____C (Broadcom Corporation) C:\WINDOWS\system32\dllcache\bcm42xx5.sys
2013-12-13 15:46 - 2001-08-17 12:11 - 00031529 ____C (BreezeCOM) C:\WINDOWS\system32\dllcache\brzwlan.sys
2013-12-13 15:46 - 2001-08-17 12:11 - 00026568 ____C (Broadcom Corporation) C:\WINDOWS\system32\dllcache\bcm4e5.sys
2013-12-13 15:46 - 2001-08-17 12:11 - 00016969 ____C (AmbiCom, Inc.) C:\WINDOWS\system32\dllcache\amb8002.sys
2013-12-13 15:45 - 2008-04-14 00:16 - 00053376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\1394bus.sys
2013-12-13 15:45 - 2008-04-14 00:16 - 00048128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\61883.sys
2013-12-13 15:45 - 2008-04-14 00:10 - 00012288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\4mmdat.sys
2013-12-13 15:45 - 2008-04-13 22:06 - 00231552 ____C (Acer Laboratories Inc.) C:\WINDOWS\system32\dllcache\ac97ali.sys
2013-12-13 15:45 - 2008-04-13 22:06 - 00084480 ____C (VIA Technologies, Inc.) C:\WINDOWS\system32\dllcache\ac97via.sys
2013-12-13 15:45 - 2008-04-13 22:06 - 00010880 ____C (Aureal, Inc.) C:\WINDOWS\system32\dllcache\admjoy.sys
2013-12-13 15:45 - 2001-08-17 22:37 - 00024576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agcgauge.ax
2013-12-13 15:45 - 2001-08-17 22:36 - 00462848 ____C (Aureal Inc.) C:\WINDOWS\system32\dllcache\a3dapi.dll
2013-12-13 15:45 - 2001-08-17 22:36 - 00098304 ____C (Aureal Semiconductor) C:\WINDOWS\system32\dllcache\a3d.dll
2013-12-13 15:45 - 2001-08-17 22:36 - 00061440 ____C (Color Flatbed Scanner) C:\WINDOWS\system32\dllcache\acerscad.dll
2013-12-13 15:45 - 2001-08-17 14:56 - 00066048 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\s3legacy.dll
2013-12-13 15:45 - 2001-08-17 14:55 - 00689216 ____C (3dfx Interactive, Inc.) C:\WINDOWS\system32\dllcache\3dfxvs.dll
2013-12-13 15:45 - 2001-08-17 14:55 - 00038400 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\8514a.dll
2013-12-13 15:45 - 2001-08-17 14:06 - 00011264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\1394vdbg.sys
2013-12-13 15:45 - 2001-08-17 13:53 - 00007424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\adicvls.sys
2013-12-13 15:45 - 2001-08-17 13:52 - 00023552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\abp480n5.sys
2013-12-13 15:45 - 2001-08-17 13:52 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aha154x.sys
2013-12-13 15:45 - 2001-08-17 13:51 - 00005248 ____C (Acer Laboratories Inc.) C:\WINDOWS\system32\dllcache\aliide.sys
2013-12-13 15:45 - 2001-08-17 13:49 - 00026624 ____C (Acer Laboratories Inc.) C:\WINDOWS\system32\dllcache\alifir.sys
2013-12-13 15:45 - 2001-08-17 13:28 - 00762780 ____C (3Com, Inc.) C:\WINDOWS\system32\dllcache\3cwmcru.sys
2013-12-13 15:45 - 2001-08-17 12:48 - 00148352 ____C (3dfx Interactive, Inc.) C:\WINDOWS\system32\dllcache\3dfxvsm.sys
2013-12-13 15:45 - 2001-08-17 12:20 - 00297728 ____C (Silicon Integrated Systems Corp.) C:\WINDOWS\system32\dllcache\ac97sis.sys
2013-12-13 15:45 - 2001-08-17 12:19 - 00747392 ____C (Aureal, Inc.) C:\WINDOWS\system32\dllcache\adm8830.sys
2013-12-13 15:45 - 2001-08-17 12:19 - 00584448 ____C (Aureal, Inc.) C:\WINDOWS\system32\dllcache\adm8810.sys
2013-12-13 15:45 - 2001-08-17 12:19 - 00553984 ____C (Aureal, Inc.) C:\WINDOWS\system32\dllcache\adm8820.sys
2013-12-13 15:45 - 2001-08-17 12:11 - 00046112 ____C (Adaptec, Inc ) C:\WINDOWS\system32\dllcache\adptsf50.sys
2013-12-13 15:45 - 2001-08-17 12:11 - 00027678 ____C (Acer Laboratories Inc.) C:\WINDOWS\system32\dllcache\ali5261.sys
2013-12-13 15:45 - 2001-08-17 12:11 - 00020160 ____C (ADMtek Incorporated) C:\WINDOWS\system32\dllcache\adm8511.sys
2013-12-12 16:43 - 2013-12-12 16:43 - 00003340 _____ C:\Documents and Settings\Administrator\My Documents\VolumeC.txt
2013-12-12 13:14 - 2013-12-12 13:17 - 00001738 _____ C:\WINDOWS\KB904423.log
2013-12-11 17:32 - 2013-12-11 17:32 - 04101441 _____ C:\Documents and Settings\Administrator\Desktop\tdsskiller.zip
2013-12-11 17:32 - 2013-12-11 17:32 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\tdsskiller
2013-12-11 17:12 - 2013-12-11 17:12 - 04779896 _____ (Piriform Ltd) C:\Documents and Settings\Administrator\Desktop\spsetup124.exe
2013-12-11 17:12 - 2013-12-11 17:12 - 00000654 _____ C:\Documents and Settings\All Users\Desktop\Speccy.lnk
2013-12-11 17:12 - 2013-12-11 17:12 - 00000000 ____D C:\Program Files\Speccy
2013-12-11 17:12 - 2013-12-11 17:12 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Speccy
2013-12-11 17:11 - 2013-12-11 17:11 - 00899584 _____ C:\Documents and Settings\Administrator\Desktop\MicrosoftFixit50535.msi
2013-12-11 17:10 - 2013-12-11 17:11 - 00214252 _____ C:\Documents and Settings\Administrator\Desktop\avgremover.log
2013-12-11 16:36 - 2013-12-11 16:36 - 01163104 _____ (AVG Technologies CZ, s.r.o.) C:\Documents and Settings\Administrator\Desktop\avg_remover_stf_x86_2011_1322.exe
2013-12-11 16:36 - 2013-12-11 16:36 - 00891200 _____ C:\Documents and Settings\Administrator\Desktop\SecurityCheck (1).exe
2013-12-11 09:55 - 2013-12-11 09:28 - 00991232 _____ C:\Documents and Settings\Administrator\Desktop\MicrosoftFixit50267.msi
2013-12-11 09:45 - 2013-12-11 09:46 - 00015066 _____ C:\WINDOWS\KB2898785-IE8.log
2013-12-11 09:45 - 2013-12-11 09:45 - 00007388 _____ C:\WINDOWS\KB2904266.log
2013-12-11 09:45 - 2013-12-11 09:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-11 09:45 - 2013-12-11 09:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-11 09:40 - 2013-12-11 09:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-11 09:40 - 2013-12-11 09:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-11 09:40 - 2013-12-11 09:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-11 09:16 - 2013-12-11 09:45 - 00015188 _____ C:\WINDOWS\KB2898715.log
2013-12-11 09:16 - 2013-12-11 09:40 - 00014025 _____ C:\WINDOWS\KB2893294.log
2013-12-11 09:15 - 2013-12-11 09:40 - 00014808 _____ C:\WINDOWS\KB2893984.log
2013-12-11 09:15 - 2013-12-11 09:40 - 00013420 _____ C:\WINDOWS\KB2892075.log
2013-12-11 08:26 - 2013-12-13 16:14 - 00002039 _____ C:\WINDOWS\epplauncher.mif
2013-12-11 00:41 - 2013-12-11 00:43 - 00181064 _____ (Sysinternals) C:\WINDOWS\PSEXESVC.EXE
2013-12-11 00:18 - 2013-12-11 00:18 - 00000000 ____D C:\RegBackup
2013-12-10 21:57 - 2013-12-10 21:57 - 00000000 ____D C:\Program Files\Tweaking.com
2013-12-10 08:09 - 2013-12-10 08:10 - 00002224 _____ C:\Documents and Settings\Administrator\Desktop\Rkill.txt
2013-12-10 02:28 - 2013-12-10 02:27 - 00001487 _____ C:\Documents and Settings\Administrator\Desktop\JRT.txt
2013-12-09 23:56 - 2013-12-09 23:56 - 00000000 ____D C:\WINDOWS\ERUNT
2013-12-09 23:47 - 2013-12-09 23:51 - 00000000 ____D C:\AdwCleaner
2013-12-09 22:21 - 2013-12-09 22:57 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2013-12-09 22:20 - 2013-12-09 22:57 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\mbar
2013-12-09 16:37 - 2013-12-19 08:38 - 00000000 ____D C:\Documents and Settings\Administrator\My Documents\MalwareLogs_2013-12-09
2013-12-09 14:25 - 2013-12-09 14:25 - 00000000 ____D C:\Documents and Settings\gsegebade\Local Settings\Application Data\Thunderbird
2013-12-09 14:24 - 2013-12-09 14:24 - 00000000 ____D C:\Documents and Settings\gsegebade\Local Settings\Application Data\Scansoft
2013-12-09 14:24 - 2013-12-09 14:24 - 00000000 ____D C:\Documents and Settings\gsegebade\Local Settings\Application Data\Citrix
2013-12-09 13:56 - 2013-12-09 13:56 - 00000000 ____D C:\Documents and Settings\gsegebade\Local Settings\Application Data\Google
2013-12-09 13:53 - 2012-12-17 14:44 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\FreePriceAlerts
2013-12-09 13:53 - 2011-08-28 13:00 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\abelhadigital.com
2013-12-09 13:53 - 2011-08-23 16:04 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\Google
2013-12-09 13:53 - 2011-03-13 00:52 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\InterVideo
2013-12-09 13:53 - 2010-11-13 00:28 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\Apple Computer
2013-12-09 13:53 - 2008-09-13 23:39 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\AdobeUM
2013-12-09 13:53 - 2008-02-24 18:20 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\CVS
2013-12-09 13:53 - 2007-06-12 13:52 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\Grisoft
2013-12-09 13:52 - 2013-12-09 13:53 - 00000000 __SHD C:\Documents and Settings\gsegebade\UserData
2013-12-09 13:52 - 2013-11-10 20:00 - 00000000 ____D C:\Documents and Settings\gsegebade\My Documents\MalwareLogs_2013-11-10
2013-12-09 13:52 - 2013-09-03 07:18 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\RealNetworks
2013-12-09 13:52 - 2013-07-31 19:48 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\Windows Search
2013-12-09 13:52 - 2011-09-04 06:25 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\Adobe
2013-12-09 13:52 - 2011-08-28 13:22 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\Windows Desktop Search
2013-12-09 13:52 - 2010-02-13 01:20 - 00000000 __SHD C:\Documents and Settings\gsegebade\IECompatCache
2013-12-09 13:52 - 2009-08-28 15:39 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\Malwarebytes
2013-12-09 13:52 - 2009-06-04 20:59 - 00000000 __SHD C:\Documents and Settings\gsegebade\PrivacIE
2013-12-09 13:52 - 2007-06-22 08:42 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\Macromedia
2013-12-09 13:52 - 2007-06-19 23:33 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\Sun
2013-12-09 13:52 - 2007-06-15 14:27 - 00000000 ____D C:\Documents and Settings\gsegebade\My Documents\My Received Files
2013-12-09 13:52 - 2007-06-15 14:27 - 00000000 ____D C:\Documents and Settings\gsegebade\My Documents\My eBooks
2013-12-09 13:52 - 2007-06-15 09:39 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\Microsoft Web Folders
2013-12-09 13:52 - 2007-06-12 13:55 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\Talkback
2013-12-09 13:51 - 2012-12-17 14:42 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\Real
2013-12-09 13:51 - 2012-01-10 12:12 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\ICAClient
2013-12-09 13:51 - 2010-10-28 16:00 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\Thunderbird
2013-12-09 13:51 - 2010-10-28 16:00 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\Mozilla
2013-12-09 13:51 - 2010-10-09 10:08 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\AVG10
2013-12-09 13:50 - 2013-12-09 13:34 - 00000803 _____ C:\Documents and Settings\gsegebade\Start Menu\Programs\Internet Explorer.lnk
2013-12-09 13:34 - 2013-12-09 13:34 - 00000803 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk
2013-12-09 13:25 - 2013-12-09 14:25 - 00000178 ___SH C:\Documents and Settings\gsegebade\ntuser.ini
2013-12-09 13:25 - 2013-12-09 13:52 - 00000000 ____D C:\Documents and Settings\gsegebade
2013-12-09 13:25 - 2013-12-09 13:34 - 00000738 _____ C:\Documents and Settings\gsegebade\Start Menu\Programs\Outlook Express.lnk
2013-12-09 13:25 - 2013-12-09 13:33 - 00000792 _____ C:\Documents and Settings\gsegebade\Start Menu\Programs\Windows Media Player.lnk
2013-12-09 13:25 - 2009-06-04 20:57 - 00000000 __SHD C:\Documents and Settings\gsegebade\IETldCache
2013-12-09 13:25 - 2007-12-01 15:23 - 00000000 ___RD C:\Documents and Settings\gsegebade\Start Menu\Programs\Accessories
2013-12-09 13:25 - 2007-05-22 13:24 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\SampleView
2013-12-09 13:25 - 2007-05-22 13:22 - 00001044 _____ C:\Documents and Settings\gsegebade\Start Menu\Register your Desktop.lnk
2013-12-09 13:25 - 2007-05-22 13:20 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\Symantec
2013-12-09 13:25 - 2007-05-22 13:17 - 00000000 ____D C:\Documents and Settings\gsegebade\Application Data\InstallShield
2013-12-09 13:25 - 2006-04-25 12:32 - 00001503 _____ C:\Documents and Settings\gsegebade\Start Menu\Programs\Remote Assistance.lnk
2013-12-09 11:14 - 2013-12-09 11:14 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-05 10:34 - 2013-12-05 10:34 - 00001804 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2013-12-05 10:34 - 2013-12-05 10:34 - 00001734 _____ C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
2013-12-05 09:54 - 2013-12-05 09:54 - 101604682 _____ C:\2013-12-05.reg
 
==================== One Month Modified Files and Folders =======
 
2013-12-26 10:03 - 2013-12-26 10:02 - 00016716 _____ C:\Documents and Settings\Administrator\Desktop\FRST.txt
2013-12-26 10:01 - 2013-12-26 10:01 - 01061649 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe
2013-12-26 10:01 - 2013-12-26 10:01 - 00000000 ____D C:\FRST
2013-12-26 09:59 - 2013-12-26 09:59 - 00002087 _____ C:\Documents and Settings\Administrator\Desktop\FSS_131224.txt
2013-12-26 09:39 - 2012-03-29 17:44 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-26 09:27 - 2010-01-31 09:49 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-26 07:39 - 2006-04-25 13:05 - 00031882 _____ C:\WINDOWS\SchedLgU.Txt
2013-12-26 03:00 - 2006-04-25 13:05 - 01314953 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-25 10:27 - 2010-01-31 09:49 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-24 10:37 - 2013-12-24 10:37 - 00002087 _____ C:\Documents and Settings\Administrator\Desktop\FSS.txt
2013-12-24 10:36 - 2013-12-24 10:36 - 00708597 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FSS.exe
2013-12-23 18:03 - 2013-04-07 17:03 - 00000342 _____ C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2023473458-3232408138-820847086-500.job
2013-12-21 11:31 - 2013-04-07 17:03 - 00000324 _____ C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2023473458-3232408138-820847086-500.job
2013-12-20 19:52 - 2010-02-10 15:57 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-12-19 23:52 - 2012-12-17 14:43 - 00000294 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2023473458-3232408138-820847086-500.job
2013-12-19 23:52 - 2012-12-17 14:42 - 00000302 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2023473458-3232408138-820847086-500.job
2013-12-19 23:52 - 2010-03-14 17:53 - 00000302 _____ C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-2023473458-3232408138-820847086-500.job
2013-12-19 08:38 - 2013-12-09 16:37 - 00000000 ____D C:\Documents and Settings\Administrator\My Documents\MalwareLogs_2013-12-09
2013-12-19 08:28 - 2013-12-13 16:29 - 00005702 _____ C:\Documents and Settings\Administrator\Desktop\dds.txt
2013-12-19 08:28 - 2013-12-13 16:29 - 00000229 _____ C:\Documents and Settings\Administrator\Desktop\attach.txt
2013-12-17 12:33 - 2011-08-26 15:57 - 00435744 _____ C:\WINDOWS\setupapi.log
2013-12-16 12:57 - 2013-11-20 06:31 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-12-15 22:04 - 2013-12-15 22:01 - 1245543881 _____ C:\Documents and Settings\All Users\Documents\SaveData.MIG
2013-12-15 22:04 - 2006-04-25 12:39 - 00076977 _____ C:\WINDOWS\comsetup.log
2013-12-15 19:14 - 2007-05-22 13:04 - 00000000 ____D C:\WINDOWS\Registration
2013-12-15 19:13 - 2013-12-15 19:12 - 00038968 _____ C:\WINDOWS\WETCable.log
2013-12-15 19:13 - 2006-04-25 13:00 - 01548844 _____ C:\WINDOWS\tsoc.log
2013-12-15 19:13 - 2006-04-25 12:59 - 01808668 _____ C:\WINDOWS\iis6.log
2013-12-15 19:13 - 2006-04-25 12:39 - 00679484 _____ C:\WINDOWS\ntdtcsetup.log
2013-12-15 19:13 - 2006-04-25 12:39 - 00180857 _____ C:\WINDOWS\ocmsn.log
2013-12-15 19:13 - 2006-04-25 12:39 - 00170685 _____ C:\WINDOWS\tabletoc.log
2013-12-15 19:13 - 2006-04-25 12:39 - 00001393 _____ C:\WINDOWS\imsins.log
2013-12-15 19:12 - 2013-12-15 19:12 - 00001582 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Easy Transfer.lnk
2013-12-15 19:12 - 2013-12-15 19:12 - 00000000 __HDC C:\WINDOWS\$NtUninstallWETCable$
2013-12-15 19:12 - 2013-12-15 19:12 - 00000000 ____D C:\WINDOWS\LastGood
2013-12-15 19:12 - 2006-04-25 12:28 - 03347274 _____ C:\WINDOWS\FaxSetup.log
2013-12-15 19:12 - 2006-04-25 12:28 - 01630529 _____ C:\WINDOWS\ocgen.log
2013-12-15 19:12 - 2006-04-25 12:28 - 00588527 _____ C:\WINDOWS\netfxocm.log
2013-12-15 19:12 - 2006-04-25 12:28 - 00232851 _____ C:\WINDOWS\MedCtrOC.log
2013-12-15 19:12 - 2006-04-25 12:28 - 00168452 _____ C:\WINDOWS\msgsocm.log
2013-12-15 19:12 - 2006-04-25 12:26 - 01043008 _____ C:\WINDOWS\msmqinst.log
2013-12-15 19:10 - 2006-04-25 12:59 - 00001374 _____ C:\WINDOWS\system32\wpa.dbl
2013-12-13 16:17 - 2013-12-13 16:17 - 00025992 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\pgdfgsvc.exe
2013-12-13 16:14 - 2013-12-11 08:26 - 00002039 _____ C:\WINDOWS\epplauncher.mif
2013-12-13 16:13 - 2013-04-07 17:03 - 00000316 _____ C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2023473458-3232408138-820847086-500.job
2013-12-13 16:13 - 2012-05-14 21:31 - 00000294 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-2023473458-3232408138-820847086-500.job
2013-12-13 16:12 - 2006-04-25 13:05 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2013-12-13 16:12 - 2006-04-25 13:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-13 16:12 - 2006-04-25 05:22 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-12-13 16:12 - 2006-04-25 05:22 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-12-12 16:43 - 2013-12-12 16:43 - 00003340 _____ C:\Documents and Settings\Administrator\My Documents\VolumeC.txt
2013-12-12 13:17 - 2013-12-12 13:14 - 00001738 _____ C:\WINDOWS\KB904423.log
2013-12-11 17:32 - 2013-12-11 17:32 - 04101441 _____ C:\Documents and Settings\Administrator\Desktop\tdsskiller.zip
2013-12-11 17:32 - 2013-12-11 17:32 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\tdsskiller
2013-12-11 17:12 - 2013-12-11 17:12 - 04779896 _____ (Piriform Ltd) C:\Documents and Settings\Administrator\Desktop\spsetup124.exe
2013-12-11 17:12 - 2013-12-11 17:12 - 00000654 _____ C:\Documents and Settings\All Users\Desktop\Speccy.lnk
2013-12-11 17:12 - 2013-12-11 17:12 - 00000000 ____D C:\Program Files\Speccy
2013-12-11 17:12 - 2013-12-11 17:12 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Speccy
2013-12-11 17:11 - 2013-12-11 17:11 - 00899584 _____ C:\Documents and Settings\Administrator\Desktop\MicrosoftFixit50535.msi
2013-12-11 17:11 - 2013-12-11 17:10 - 00214252 _____ C:\Documents and Settings\Administrator\Desktop\avgremover.log
2013-12-11 17:11 - 2010-10-09 10:03 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG10
2013-12-11 16:36 - 2013-12-11 16:36 - 01163104 _____ (AVG Technologies CZ, s.r.o.) C:\Documents and Settings\Administrator\Desktop\avg_remover_stf_x86_2011_1322.exe
2013-12-11 16:36 - 2013-12-11 16:36 - 00891200 _____ C:\Documents and Settings\Administrator\Desktop\SecurityCheck (1).exe
2013-12-11 09:53 - 2006-04-25 12:39 - 00273376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-11 09:48 - 2007-06-12 12:33 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Google
2013-12-11 09:48 - 2007-05-22 13:18 - 00000000 ____D C:\Program Files\Google
2013-12-11 09:48 - 2007-05-22 13:18 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
2013-12-11 09:46 - 2013-12-11 09:45 - 00015066 _____ C:\WINDOWS\KB2898785-IE8.log
2013-12-11 09:46 - 2009-06-04 20:55 - 00000000 ____D C:\WINDOWS\ie8updates
2013-12-11 09:46 - 2007-06-13 14:03 - 00374488 _____ C:\WINDOWS\updspapi.log
2013-12-11 09:46 - 2006-04-25 12:39 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-12-11 09:45 - 2013-12-11 09:45 - 00007388 _____ C:\WINDOWS\KB2904266.log
2013-12-11 09:45 - 2013-12-11 09:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-11 09:45 - 2013-12-11 09:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-11 09:45 - 2013-12-11 09:16 - 00015188 _____ C:\WINDOWS\KB2898715.log
2013-12-11 09:45 - 2013-11-09 08:39 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-11 09:45 - 2007-06-12 15:20 - 00881904 _____ C:\WINDOWS\system32\TZLog.log
2013-12-11 09:41 - 2007-06-15 09:43 - 88123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-11 09:40 - 2013-12-11 09:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-11 09:40 - 2013-12-11 09:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-11 09:40 - 2013-12-11 09:40 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-11 09:40 - 2013-12-11 09:16 - 00014025 _____ C:\WINDOWS\KB2893294.log
2013-12-11 09:40 - 2013-12-11 09:15 - 00014808 _____ C:\WINDOWS\KB2893984.log
2013-12-11 09:40 - 2013-12-11 09:15 - 00013420 _____ C:\WINDOWS\KB2892075.log
2013-12-11 09:28 - 2013-12-11 09:55 - 00991232 _____ C:\Documents and Settings\Administrator\Desktop\MicrosoftFixit50267.msi
2013-12-11 08:55 - 2011-08-25 21:08 - 00000211 ___SH C:\boot.ini
2013-12-11 08:55 - 2006-04-25 12:32 - 00000603 _____ C:\WINDOWS\win.ini
2013-12-11 08:55 - 2006-04-25 05:19 - 00000227 _____ C:\WINDOWS\system.ini
2013-12-11 08:54 - 2011-08-21 18:31 - 00000000 ____D C:\WINDOWS\pss
2013-12-11 08:48 - 2007-05-22 13:22 - 00000000 ____D C:\WINDOWS\SMINST
2013-12-11 08:46 - 2011-08-26 17:54 - 00020690 _____ C:\WINDOWS\KB942288-v3.log
2013-12-11 08:27 - 2010-02-13 12:06 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-12-11 08:25 - 2010-02-13 01:07 - 00000000 ____D C:\Program Files\SpywareBlaster
2013-12-11 08:25 - 2009-08-28 15:38 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-11 08:25 - 2009-08-28 15:38 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2013-12-11 08:10 - 2008-06-20 13:51 - 00000000 ____D C:\Program Files\AVG
2013-12-11 08:06 - 2011-08-28 13:00 - 00000000 ____D C:\Program Files\HostsMan
2013-12-11 08:06 - 2011-08-28 13:00 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\abelhadigital.com
2013-12-11 00:43 - 2013-12-11 00:41 - 00181064 _____ (Sysinternals) C:\WINDOWS\PSEXESVC.EXE
2013-12-11 00:39 - 2007-05-22 13:04 - 00000000 ____D C:\WINDOWS\repair
2013-12-11 00:18 - 2013-12-11 00:18 - 00000000 ____D C:\RegBackup
2013-12-10 21:57 - 2013-12-10 21:57 - 00000000 ____D C:\Program Files\Tweaking.com
2013-12-10 08:10 - 2013-12-10 08:09 - 00002224 _____ C:\Documents and Settings\Administrator\Desktop\Rkill.txt
2013-12-10 02:27 - 2013-12-10 02:28 - 00001487 _____ C:\Documents and Settings\Administrator\Desktop\JRT.txt
2013-12-09 23:56 - 2013-12-09 23:56 - 00000000 ____D C:\WINDOWS\ERUNT
2013-12-09 23:51 - 2013-12-09 23:47 - 00000000 ____D C:\AdwCleaner
2013-12-09 22:57 - 2013-12-09 22:21 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
2013-12-09 22:57 - 2013-12-09 22:20 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\mbar
2013-12-09 14:27 - 2008-02-23 01:14 - 00000000 ____D C:\WINDOWS\system32\LogFiles
2013-12-09 14:25 - 2013-12-09 14:25 - 00000000 ____D C:\Documents and Settings\gsegebade\Local Settings\Application Data\Thunderbird
2013-12-09 14:25 - 2013-12-09 13:25 - 00000178 ___SH C:\Documents and Settings\gsegebade\ntuser.ini
2013-12-09 14:24 - 2013-12-09 14:24 - 00000000 ____D C:\Documents and Settings\gsegebade\Local Settings\Application Data\Scansoft
2013-12-09 14:24 - 2013-12-09 14:24 - 00000000 ____D C:\Documents and Settings\gsegebade\Local Settings\Application Data\Citrix
2013-12-09 13:59 - 2007-05-22 13:04 - 00000000 ____D C:\Documents and Settings\Administrator
2013-12-09 13:56 - 2013-12-09 13:56 - 00000000 ____D C:\Documents and Settings\gsegebade\Local Settings\Application Data\Google
2013-12-09 13:53 - 2013-12-09 13:52 - 00000000 __SHD C:\Documents and Settings\gsegebade\UserData
2013-12-09 13:52 - 2013-12-09 13:25 - 00000000 ____D C:\Documents and Settings\gsegebade
2013-12-09 13:50 - 2006-04-25 12:40 - 00033687 _____ C:\WINDOWS\wmsetup.log
2013-12-09 13:34 - 2013-12-09 13:50 - 00000803 _____ C:\Documents and Settings\gsegebade\Start Menu\Programs\Internet Explorer.lnk
2013-12-09 13:34 - 2013-12-09 13:34 - 00000803 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk
2013-12-09 13:34 - 2013-12-09 13:25 - 00000738 _____ C:\Documents and Settings\gsegebade\Start Menu\Programs\Outlook Express.lnk
2013-12-09 13:34 - 2006-04-25 12:41 - 00000738 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk
2013-12-09 13:33 - 2013-12-09 13:25 - 00000792 _____ C:\Documents and Settings\gsegebade\Start Menu\Programs\Windows Media Player.lnk
2013-12-09 13:33 - 2006-04-25 12:40 - 00000792 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk
2013-12-09 11:16 - 2011-08-25 23:52 - 00000000 __SHD C:\Documents and Settings\NetworkService.NT AUTHORITY
2013-12-09 11:16 - 2011-08-25 23:52 - 00000000 __SHD C:\Documents and Settings\LocalService.NT AUTHORITY
2013-12-09 11:14 - 2013-12-09 11:14 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-09 11:14 - 2012-08-21 22:26 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-08 22:05 - 2013-11-09 13:53 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2013-12-05 10:35 - 2007-06-14 14:48 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
2013-12-05 10:34 - 2013-12-05 10:34 - 00001804 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2013-12-05 10:34 - 2013-12-05 10:34 - 00001734 _____ C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
2013-12-05 10:33 - 2010-10-08 02:59 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-12-05 10:33 - 2008-09-13 23:42 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Adobe
2013-12-05 10:33 - 2007-05-22 13:17 - 00000000 ____D C:\Program Files\Adobe
2013-12-05 09:54 - 2013-12-05 09:54 - 101604682 _____ C:\2013-12-05.reg
2013-12-04 16:31 - 2010-03-14 17:49 - 00001813 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2013-12-01 16:09 - 2007-06-15 09:42 - 00002473 _____ C:\Documents and Settings\Administrator\Desktop\Microsoft Word.lnk
 
Some content of TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\temp\ICReinstall_Install_WinsockxpFix.exe
C:\Documents and Settings\Administrator\Local Settings\temp\Quarantine.exe
C:\Documents and Settings\Administrator\Local Settings\temp\_TinDel.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== End Of Log ============================


#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,457 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:33 AM

Posted 27 December 2013 - 09:02 AM

No problem at all. I will be reviewing it a bit later and posting back. Whenever you able to get to it we will carry on! Thanks for being so attentive in your replies. I really do appreciate it.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,457 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:33 AM

Posted 27 December 2013 - 01:04 PM

Hi Allen,

It appears there has been quite a bit of work done already before posting in this forum. Let's see if we can makes some additional progress.

Please start with this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%System32\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
HKCU\...409d6c4515e9\InprocServer32: [Default-shell32] SHELL32.dll ATTENTION! ====> ZeroAccess/Alureon?
SearchScopes: HKLM - DefaultScope value is missing.
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} -  No File
Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} -  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Documents and Settings\Administrator\Local Settings\temp\ICReinstall_Install_WinsockxpFix.exe
C:\Documents and Settings\Administrator\Local Settings\temp\Quarantine.exe
C:\Documents and Settings\Administrator\Local Settings\temp\_TinDel.exe
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#13 adaniel

adaniel
  • Topic Starter

  • Members
  • 204 posts
  • OFFLINE
  •  
  • Local time:03:33 AM

Posted 29 December 2013 - 08:05 PM

Gary,

 

Here is the log.

 

Thank you,

Allen

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 29-12-2013 01
Ran by Administrator at 2013-12-29 20:09:11 Run:1
Running from C:\Documents and Settings\Administrator\Desktop
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%System32\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
HKCU\...409d6c4515e9\InprocServer32: [Default-shell32] SHELL32.dll ATTENTION! ====> ZeroAccess/Alureon?
SearchScopes: HKLM - DefaultScope value is missing.
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} -  No File
Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} -  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Documents and Settings\Administrator\Local Settings\temp\ICReinstall_Install_WinsockxpFix.exe
C:\Documents and Settings\Administrator\Local Settings\temp\Quarantine.exe
C:\Documents and Settings\Administrator\Local Settings\temp\_TinDel.exe
*****************
 
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKCU\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} => Key deleted successfully. If the key returned, move the associated file, reboot and list the key for deletion.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} => Value deleted successfully.
HKCR\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{472734EA-242A-422B-ADF8-83D1E48CC825} => Value deleted successfully.
HKCR\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825} => Key not found.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\ICReinstall_Install_WinsockxpFix.exe => Moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\Quarantine.exe => Moved successfully.
C:\Documents and Settings\Administrator\Local Settings\temp\_TinDel.exe => Moved successfully.
 
==== End of Fixlog ====


#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,457 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:33 AM

Posted 29 December 2013 - 09:47 PM

Good, can you please recap the symptoms you are having now that we have run this fix.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#15 adaniel

adaniel
  • Topic Starter

  • Members
  • 204 posts
  • OFFLINE
  •  
  • Local time:03:33 AM

Posted 30 December 2013 - 11:01 AM

Gary,

 

Two main symptoms I was having when referred to this forum:

 

1) When computer is started he always logged in as administrator.  Now it gives the error "Cannot load user's profile.

 

2)The folks on the "Am I infected..." forum had me uninstall all anti-malware and antivirus software and wanted me to iinstall Microsoft Security Essentials.  The MSE installation failed.

 

I still cannot install it.  The window that comes up says:

 

Microsoft Security Essentials installation error

 

Cannot complete the Security Essentials installation

 

An error has prevented the Security Essentials setup wizard from completing

successfully.  Please restart your computer and try again.

 

 

Error code:0x80070656

 

Restarting does not help.  Other than that, the system seems to be running pretty well.  I have not noticed any strange or slow behavior.

 

Thank you,

Allen


Edited by adaniel, 30 December 2013 - 11:31 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users