Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

rootkit? on 2003


  • This topic is locked This topic is locked
39 replies to this topic

#1 martinswain

martinswain

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:45 PM

Posted 21 March 2016 - 05:59 PM

Hi, I have a virused server 2003. I cleaned up a bunch of trojans etc, but there's one that keeps coming back. It creates a folder in windows temp folder called mst, then a new exe called mtdc.exe appears in it periodically, along with a bunch of dlls. When that happens the CPU goes to 100%. I've scanned the computer with a bunch of tools but can't find anything. I think it's been rooted because as soon as I delete the folder called mst it reappears. It uses ftp to download itself and other malware as well, so I tried renaming the ftp executable, but it alse reappears immedietly. I scanned with farbar as per the instructions, here is the frst log. I appreciate any help anyone might be able to offer, I'm finding this difficult.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Administrator (administrator) on SERVER10 (21-03-2016 16:33:44)
Running from C:\Documents and Settings\Administrator.SPARTEK\My Documents\Downloads
Loaded Profiles: Administrator (Available Profiles: Administrator & Administrator)
Platform: Microsoft Windows Server 2003 R2 Service Pack 2 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> winlogon.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> nvsvc64.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> MsMpEng.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> spoolsv.exe
Failed to access process -> msdtc.exe
Failed to access process -> svchost.exe
Failed to access process -> lmgrd.exe
Failed to access process -> sqlservr.exe
Failed to access process -> sqlservr.exe
Failed to access process -> svchost.exe
Failed to access process -> mssearch.exe
Failed to access process -> metrowks.exe
Failed to access process -> OcsService.exe
Failed to access process -> wmiprvse.exe
Failed to access process -> sqlagent.EXE
Failed to access process -> sqlagent.exe
Failed to access process -> svchost.exe
Failed to access process -> alg.exe
Failed to access process -> explorer.exe
Failed to access process -> svchost.exe
Failed to access process -> rundll32.exe
Failed to access process -> NetTime.exe
Failed to access process -> msseces.exe
Failed to access process -> ctfmon.exe
Failed to access process -> SvrMgr.exe
Failed to access process -> sqlmangr.exe
Failed to access process -> ctfmon.exe
Failed to access process -> wmiprvse.exe
Failed to access process -> firefox.exe
Failed to access process -> cmd.exe
Failed to access process -> mmc.exe
Failed to access process -> FRST64.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [nettime] => c:\program files (x86)\nettime\nettime.exe [3217501 2000-11-12] (Subjective Software)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1334920 2015-04-02] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] userinit [X]
Winlogon\Notify\crypt32chain: C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
Winlogon\Notify\ScCertProp: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\Schedule: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\sclgntfy: C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation)
Winlogon\Notify\SensLogn: C:\WINDOWS\system32\WlNotify.dll (Microsoft Corporation)
Winlogon\Notify\termsrv: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\wlballoon: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\crypt32chain: C:\WINDOWS\SysWOW64\crypt32.dll [2015-06-26] (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINDOWS\SysWOW64\cryptnet.dll [2007-02-18] (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINDOWS\SysWOW64\cscdll.dll [2007-02-18] (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINDOWS\SysWOW64\dimsntfy.dll [2007-02-18] (Microsoft Corporation)
Winlogon\Notify\EFS: C:\WINDOWS\SysWOW64\sclgntfy.dll [2007-02-18] (Microsoft Corporation)
Winlogon\Notify\ScCertProp-x32: wlnotify.dll [X]
Winlogon\Notify\Schedule-x32: wlnotify.dll [X]
Winlogon\Notify\sclgntfy: C:\WINDOWS\SysWOW64\sclgntfy.dll [2007-02-18] (Microsoft Corporation)
Winlogon\Notify\SensLogn-x32: WlNotify.dll [X]
Winlogon\Notify\wlballoon-x32: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [ShowSuperHidden] 1
HKLM\...\Command Processor:  <======= ATTENTION
HKLM-x32\...\Command Processor: C:\windows\Ouie.exe <======= ATTENTION
HKU\S-1-5-19\...\RunOnce: [tscuninstall] => C:\Windows\system32\tscupgrd.exe [62464 2007-02-18] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [tscuninstall] => C:\Windows\system32\tscupgrd.exe [62464 2007-02-18] (Microsoft Corporation)
HKU\S-1-5-21-2266730830-467084628-1831518713-500\...\Run: [ctfmon.exe] => C:\WINDOWS\system32\ctfmon.exe [20992 2007-02-18] (Microsoft Corporation)
HKU\S-1-5-21-2266730830-467084628-1831518713-500\...\MountPoints2: {dad3c7fa-e3ae-11df-a955-0010b576043c} - I:\LaunchU3.exe -a
HKU\S-1-5-18\...\RunOnce: [tscuninstall] => C:\Windows\system32\tscupgrd.exe [62464 2007-02-18] (Microsoft Corporation)
IFEO\Your Image File Name Here without a path: [Debugger] ntsd -d
Lsa: [Notification Packages] RASSFM KDCSVC WDIGEST scecli
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
SSODL-x32: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\syswow64\SHELL32.dll (Microsoft Corporation)
SSODL-x32: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\syswow64\SHELL32.dll (Microsoft Corporation)
SSODL-x32: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\SysWOW64\stobject.dll (Microsoft Corporation)
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [10512384 2015-02-18] (Microsoft Corporation)
ShellExecuteHooks-x32: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\SysWOW64\shell32.dll [8363008 2015-02-18] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Centaur Service Manager.lnk [2010-07-12]
ShortcutTarget: Centaur Service Manager.lnk -> C:\Program Files (x86)\CDVI Group\Centaur\Centaur Server\SvrMgr.exe (CDVI Group)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk [2010-07-12]
ShortcutTarget: Service Manager.lnk -> C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
GroupPolicyScripts: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 03 C:\WINDOWS\SysWOW64\mswsock.dll [233472 2011-03-03] (Microsoft Corporation)ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 03 C:\Windows\System32\mswsock.dll [492544 2011-03-03] (Microsoft Corporation)ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\..\Interfaces\{82BD85A5-18AC-4272-85A4-D76E6299825D}: [NameServer] 10.0.0.31
Tcpip\..\Interfaces\{BAD3DD07-AE5A-40FC-A9E9-509712A9529A}: [NameServer] 10.0.0.97

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2266730830-467084628-1831518713-500\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2266730830-467084628-1831518713-500\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKU\S-1-5-21-2266730830-467084628-1831518713-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2266730830-467084628-1831518713-500 -> &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll [2007-02-18] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2266730830-467084628-1831518713-500 -> &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll [2015-02-18] (Microsoft Corporation)
DPF: HKLM-x32 {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1277936283412
Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll [2015-06-16] (Microsoft Corporation)
Filter-x32: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\syswow64\urlmon.dll [2015-06-16] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2015-06-16] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\syswow64\urlmon.dll [2015-06-16] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2015-06-16] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\syswow64\urlmon.dll [2015-06-16] (Microsoft Corporation)
Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2015-06-16] (Microsoft Corporation)
Filter-x32: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\syswow64\urlmon.dll [2015-06-16] (Microsoft Corporation)
Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll [2015-02-18] (Microsoft Corporation)
Filter-x32: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\syswow64\SHELL32.dll [2015-02-18] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator.SPARTEK\Application Data\Mozilla\Firefox\Profiles\2vdc7u47.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://start.mozilla.org/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2266730830-467084628-1831518713-500: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-2266730830-467084628-1831518713-500: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-12-18] (Adobe Systems Inc.)
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Administrator.SPARTEK\Application Data\Mozilla\Firefox\Profiles\2vdc7u47.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-02-17] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-03-12] [not signed]

Chrome:
=======
CHR Plugin: (Native Client) - C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Chrome\Application\48.0.2564.116\gcswf32.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-19]
CHR Extension: (Store) - C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-19]
StartMenuInternet: chrome.exe - C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AeLookupSvc; C:\WINDOWS\SysWOW64\aelupsvc.dll [26624 2007-02-18] (Microsoft Corporation)
S4 Alerter; C:\Windows\system32\alrsvc.dll [29696 2007-02-18] (Microsoft Corporation)
S4 AudioSrv; C:\WINDOWS\SysWOW64\audiosrv.dll [41472 2007-02-18] (Microsoft Corporation)
S2 Browser; C:\WINDOWS\SysWOW64\browser.dll [78336 2012-09-12] (Microsoft Corporation)
S4 ClipSrv; C:\Windows\system32\clipsrv.exe [49664 2007-02-18] (Microsoft Corporation)
S4 ClipSrv; C:\WINDOWS\SysWOW64\clipsrv.exe [32256 2007-02-18] (Microsoft Corporation)
S3 Dfs; C:\Windows\system32\Dfssvc.exe [321024 2007-02-18] (Microsoft Corporation)
S3 Dfs; C:\WINDOWS\SysWOW64\Dfssvc.exe [164864 2007-02-18] (Microsoft Corporation)
S3 dmadmin; C:\Windows\System32\dmadmin.exe [399872 2007-02-18] (Microsoft Corporation)
R2 dmserver; C:\Windows\System32\dmserver.dll [37376 2007-02-18] (Microsoft Corporation)
R2 Dnscache; C:\WINDOWS\SysWOW64\dnsrslvr.dll [45568 2011-03-03] (Microsoft Corporation)
R2 ERSvc; C:\Windows\System32\ersvc.dll [31744 2007-02-18] (Microsoft Corporation)
R2 Eventlog; C:\Windows\system32\services.exe [227840 2009-03-19] (Microsoft Corporation)
R2 FLEXlm Service 1; C:\FLEXlm\lmgrd.exe [609280 2003-01-20] (Macrovision Corporation) [File not signed]
R2 helpsvc; C:\Windows\PCHealth\HelpCtr\Binaries\pchsvc.dll [77312 2007-02-18] (Microsoft Corporation)
S3 HTTPFilter; C:\Windows\System32\w3ssl.dll [21504 2007-02-18] (Microsoft Corporation)
S3 HTTPFilter; C:\WINDOWS\SysWOW64\w3ssl.dll [15360 2007-02-18] (Microsoft Corporation)
S3 IASJet; C:\Windows\SysWOW64\iasrecst.dll [162816 2007-02-18] (Microsoft Corporation)
S4 ImapiService; C:\WINDOWS\system32\imapi.exe [265728 2007-02-18] (Microsoft Corporation)
S4 IsmServ; C:\Windows\System32\ismserv.exe [60416 2007-02-18] (Microsoft Corporation)
S4 IsmServ; C:\WINDOWS\SysWOW64\ismserv.exe [40448 2007-02-18] (Microsoft Corporation)
S4 kdc; C:\Windows\System32\lsass.exe [14336 2007-02-18] (Microsoft Corporation)
S4 LicenseService; C:\Windows\System32\llssrv.exe [191488 2007-02-18] (Microsoft Corporation)
S4 LicenseService; C:\WINDOWS\SysWOW64\llssrv.exe [94720 2007-02-18] (Microsoft Corporation)
R2 LmHosts; C:\WINDOWS\SysWOW64\lmhsvc.dll [19968 2007-02-18] (Microsoft Corporation)
S4 MAPPSService; c:\MAPPSService\bin\Debug\MAPPSService.exe [54784 2012-02-17] (Spartek Systems) [File not signed]
S4 Messenger; C:\Windows\System32\msgsvc.dll [57344 2007-02-18] (Microsoft Corporation)
S4 mnmsrvc; C:\WINDOWS\SysWOW64\mnmsrvc.exe [32768 2007-02-18] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23792 2015-04-02] (Microsoft Corporation)
R2 MSSEARCH; C:\Program Files (x86)\Common Files\System\MSSearch\Bin\mssearch.exe [69632 2002-12-04] (Microsoft Corporation) [File not signed]
R2 MSSQL$SERVER10DB; C:\Program Files (x86)\Microsoft SQL Server\MSSQL$SERVER10DB\Binn\sqlservr.exe [7520337 2002-12-17] (Microsoft Corporation) [File not signed]
R2 MSSQLSERVER; C:\Program Files (x86)\Microsoft SQL ServerMSSQL\Binn\sqlservr.exe [7520337 2002-12-17] (Microsoft Corporation) [File not signed]
S3 MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation) [File not signed]
S4 NetDDE; C:\Windows\system32\netdde.exe [160768 2007-02-18] (Microsoft Corporation)
S4 NetDDE; C:\WINDOWS\SysWOW64\netdde.exe [110080 2007-02-18] (Microsoft Corporation)
S4 NetDDEdsdm; C:\Windows\system32\netdde.exe [160768 2007-02-18] (Microsoft Corporation)
S4 NetDDEdsdm; C:\WINDOWS\SysWOW64\netdde.exe [110080 2007-02-18] (Microsoft Corporation)
R3 Netman; C:\WINDOWS\SysWOW64\netman.dll [263680 2007-02-18] (Microsoft Corporation)
R3 Nla; C:\Windows\System32\mswsock.dll [492544 2011-03-03] (Microsoft Corporation)
R3 Nla; C:\WINDOWS\SysWOW64\mswsock.dll [233472 2011-03-03] (Microsoft Corporation)
S3 NtFrs; C:\Windows\system32\ntfrs.exe [1158144 2007-02-18] (Microsoft Corporation)
S3 NtFrs; C:\WINDOWS\SysWOW64\ntfrs.exe [792064 2007-02-18] (Microsoft Corporation)
R3 NtLmSsp; C:\Windows\system32\lsass.exe [14336 2007-02-18] (Microsoft Corporation)
S3 NtmsSvc; C:\Windows\system32\ntmssvc.dll [794112 2007-02-18] (Microsoft Corporation)
R2 nvsvc; C:\Windows\system32\nvsvc64.exe [153600 2007-12-05] (NVIDIA Corporation)
R2 OCS Inventory Service; C:\Program Files (x86)\OCS Inventory Agent\OcsService.exe [35840 2011-10-18] (OCS Inventory NG) [File not signed]
R2 PlugPlay; C:\Windows\system32\services.exe [227840 2009-03-19] (Microsoft Corporation)
R2 PolicyAgent; C:\Windows\system32\lsass.exe [14336 2007-02-18] (Microsoft Corporation)
S3 RasAuto; C:\WINDOWS\SysWOW64\rasauto.dll [91648 2007-02-18] (Microsoft Corporation)
R3 RasMan; C:\WINDOWS\SysWOW64\rasmans.dll [181760 2007-02-18] (Microsoft Corporation)
S3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [212480 2007-02-18] (Microsoft Corporation)
R2 RemoteRegistry; C:\WINDOWS\SysWOW64\regsvc.dll [69120 2007-02-18] (Microsoft Corporation)
S3 RSoPProv; C:\Windows\system32\RSoPProv.exe [103424 2007-02-18] (Microsoft Corporation)
S3 RSoPProv; C:\WINDOWS\SysWOW64\RSoPProv.exe [67072 2007-02-18] (Microsoft Corporation)
S3 sacsvr; C:\Windows\system32\sacsvr.dll [16896 2007-02-18] (Microsoft Corporation)
S3 SCardSvr; C:\Windows\System32\SCardSvr.exe [166400 2007-02-18] (Microsoft Corporation)
S3 SCardSvr; C:\WINDOWS\SysWOW64\SCardSvr.exe [90112 2007-02-18] (Microsoft Corporation)
R2 Schedule; C:\WINDOWS\SysWOW64\schedsvc.dll [202240 2007-02-18] (Microsoft Corporation)
R2 seclogon; C:\WINDOWS\SysWOW64\seclogon.dll [18432 2007-02-18] (Microsoft Corporation)
R2 SQLAgent$SERVER10DB; C:\Program Files (x86)\Microsoft SQL Server\MSSQL$SERVER10DB\Binn\sqlagent.exe [311872 2002-12-17] (Microsoft Corporation) [File not signed]
R2 SQLSERVERAGENT; C:\Program Files (x86)\Microsoft SQL ServerMSSQL\Binn\sqlagent.EXE [311872 2002-12-17] (Microsoft Corporation) [File not signed]
S4 stisvc; C:\WINDOWS\SysWOW64\wiaservc.dll [348160 2007-02-18] (Microsoft Corporation)
S2 SysmonLog; C:\Windows\system32\smlogsvc.exe [133120 2007-02-18] (Microsoft Corporation)
S2 SysmonLog; C:\WINDOWS\SysWOW64\smlogsvc.exe [96256 2007-02-18] (Microsoft Corporation)
S4 TlntSvr; C:\WINDOWS\system32\tlntsvr.exe [113152 2007-02-18] (Microsoft Corporation)
S4 TrkSvr; C:\Windows\system32\trksvr.dll [86528 2007-02-18] (Microsoft Corporation)
S4 TrkSvr; C:\WINDOWS\SysWOW64\trksvr.dll [50688 2007-02-18] (Microsoft Corporation)
R2 TrkWks; C:\WINDOWS\SysWOW64\trkwks.dll [86528 2007-02-18] (Microsoft Corporation)
S4 Tssdis; C:\Windows\System32\tssdis.exe [99840 2007-02-18] (Microsoft Corporation)
S3 UMWdf; C:\WINDOWS\system32\wdfmgr.exe [62976 2007-02-18] (Microsoft Corporation)
S3 UMWdf; C:\WINDOWS\SysWOW64\wdfmgr.exe [39424 2007-02-18] (Microsoft Corporation)
S3 UPS; C:\Windows\System32\ups.exe [34816 2007-02-18] (Microsoft Corporation)
S3 UPS; C:\WINDOWS\SysWOW64\ups.exe [16896 2007-02-18] (Microsoft Corporation)
R2 W32Time; C:\WINDOWS\SysWOW64\w32time.dll [227328 2007-02-18] (Microsoft Corporation)
S3 WmdmPmSN; C:\WINDOWS\SysWOW64\mspmsnsv.dll [25088 2007-02-18] (Microsoft Corporation)
S3 Wmi; C:\Windows\System32\advapi32.dll [1066496 2015-06-27] (Microsoft Corporation)
S3 Wmi; C:\WINDOWS\SysWOW64\advapi32.dll [620032 2015-06-27] (Microsoft Corporation)
R2 wuauserv; C:\WINDOWS\system32\wuauserv.dll [12288 2007-02-18] (Microsoft Corporation)
R2 WZCSVC; C:\Windows\System32\wzcsvc.dll [659968 2007-02-18] (Microsoft Corporation)
R2 WZCSVC; C:\WINDOWS\SysWOW64\wzcsvc.dll [489472 2007-02-18] (Microsoft Corporation)
S3 xmlprov; C:\Windows\System32\xmlprov.dll [326144 2007-02-18] (Microsoft Corporation)
S3 xmlprov; C:\WINDOWS\SysWOW64\xmlprov.dll [131584 2007-02-18] (Microsoft Corporation)
S4 Windows Test 5.0; C:\Program Files\dwzjiw\svchost.exe [X]
S3 WinHttpAutoProxySvc; winhttp.dll [X]
S4 Wsemig makcsysy; C:\Program Files (x86)\Microsoft Nwygpp\Ujqubpd.exe [X]
S4 Wsmwum aqucwsqw; C:\Program Files (x86)\Microsoft Gaeccg\Yiysqmy.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 Abiosdsk; no ImagePath
S4 ACPIEC; C:\Windows\System32\Drivers\ACPIEC.sys [18432 2007-02-18] (Microsoft Corporation)
S4 adpu160m; no ImagePath
S4 adpu320; no ImagePath
S4 aic78u2; no ImagePath
S4 aic78xx; no ImagePath
R2 aksdf; C:\Windows\System32\DRIVERS\aksdf.sys [65024 2006-12-13] (Aladdin Knowledge Systems Ltd.) [File not signed]
S4 AliIde; no ImagePath
S4 AmdIde; no ImagePath
S4 arc; no ImagePath
S4 Atdisk; no ImagePath
S3 Atmarpc; C:\Windows\System32\DRIVERS\atmarpc.sys [106496 2007-02-18] (Microsoft Corporation)
R3 audstub; C:\Windows\System32\DRIVERS\audstub.sys [5632 2005-03-24] (Microsoft Corporation)
R2 CdaC15BA; C:\Windows\System32\DRIVERS\CdaC15BA.sys [13312 2007-02-18] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
R2 CdaD10BA; C:\Windows\System32\DRIVERS\CdaD10BA.sys [13312 2007-02-18] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S1 Changer; no ImagePath
S4 ClusDisk; C:\Windows\System32\DRIVERS\ClusDisk.sys [112640 2007-02-18] (Microsoft Corporation)
S4 CmdIde; no ImagePath
S4 cpqcissm; no ImagePath
R0 DfsDriver; C:\Windows\System32\drivers\Dfs.sys [52736 2007-02-18] (Microsoft Corporation)
S4 dmboot; C:\Windows\System32\drivers\dmboot.sys [415232 2007-02-18] (Microsoft Corporation)
R0 dmio; C:\Windows\System32\drivers\dmio.sys [244224 2007-02-18] (Microsoft Corporation)
R0 dmload; C:\Windows\System32\drivers\dmload.sys [9216 2007-02-18] (Microsoft Corporation)
S4 dpti2o; no ImagePath
S4 elxstor; no ImagePath
R1 Fips; C:\Windows\System32\Drivers\Fips.sys [50176 2007-02-18] (Microsoft Corporation)
R0 Ftdisk; C:\Windows\System32\DRIVERS\ftdisk.sys [240128 2007-02-18] (Microsoft Corporation)
R3 Gpc; C:\Windows\System32\DRIVERS\msgpc.sys [71168 2007-02-18] (Microsoft Corporation)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [239616 2005-07-13] (Windows ® Server 2003 DDK provider)
S4 hpcisss; no ImagePath
S1 i2omgmt; no ImagePath
S4 iirsp; no ImagePath
R1 imapi; C:\Windows\System32\DRIVERS\imapi.sys [72704 2007-02-18] (Microsoft Corporation)
S4 IntelIde; no ImagePath
S3 Ip6Fw; C:\Windows\System32\DRIVERS\Ip6Fw.sys [57856 2007-02-18] (Microsoft Corporation)
R1 IPSec; C:\Windows\System32\DRIVERS\ipsec.sys [156672 2007-02-18] (Microsoft Corporation)
U3 LicenseInfo; no ImagePath
S4 lp6nds35; no ImagePath
R1 mnmdd; C:\Windows\System32\Drivers\mnmdd.sys [8192 2007-02-18] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S4 mraid35x; no ImagePath
S4 nfrd960; no ImagePath
R3 nv; C:\Windows\System32\DRIVERS\nv4_mini.sys [9525888 2007-12-05] (NVIDIA Corporation)
S3 NVENET; C:\Windows\System32\DRIVERS\NVENET.sys [185344 2005-03-24] (NVIDIA Corporation)
S3 PDCOMP; no ImagePath
S3 PDFRAME; no ImagePath
S3 PDRELI; no ImagePath
S3 PDRFRAME; no ImagePath
R3 Ptilink; C:\Windows\System32\DRIVERS\ptilink.sys [31232 2007-02-18] (Parallel Technologies, Inc.)
S4 ql2300; no ImagePath
R3 Raspti; C:\Windows\System32\DRIVERS\raspti.sys [31232 2007-02-18] (Microsoft Corporation)
R1 redbook; C:\Windows\System32\DRIVERS\redbook.sys [64000 2005-03-24] (Microsoft Corporation)
R3 rtl8139; C:\Windows\System32\DRIVERS\RTL39A64.SYS [59904 2005-03-24] (Realtek Semiconductor Corporation)
U5 sacdrv; C:\Windows\System32\Drivers\sacdrv.sys [130560 2007-02-18] (Microsoft Corporation)
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [171008 2007-02-18] (Microsoft Corporation)
S4 Simbad; no ImagePath
S4 symc8xx; no ImagePath
S4 symmpi; no ImagePath
S4 sym_hi; no ImagePath
S4 sym_u3; no ImagePath
S4 TosIde; no ImagePath
S4 ultra; no ImagePath
R3 Update; C:\Windows\System32\DRIVERS\update.sys [81920 2007-02-18] (Microsoft Corporation)
S4 ViaIde; no ImagePath
S3 WDICA; no ImagePath
S3 WLBS; C:\Windows\System32\DRIVERS\wlbs.sys [280576 2007-02-18] (Microsoft Corporation)
S2 DS1410D; SYSTEM32\drivers\DS1410D.SYS [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: Sacsvr -> C:\Windows\system32\sacsvr.dll (Microsoft Corporation)
NETSVC: TrkSvr -> C:\Windows\system32\trksvr.dll (Microsoft Corporation)
NETSVCx32: Browser -> C:\Windows\SysWOW64\browser.dll (Microsoft Corporation)
NETSVCx32: CryptSvc -> C:\Windows\SysWOW64\cryptsvc.dll (Microsoft Corporation)
NETSVCx32: DMServer -> C:\Windows\SysWOW64\dmserver.dll ==> No File
NETSVCx32: EventSystem -> C:\WINDOWS\SysWOW64\es.dll (Microsoft Corporation)
NETSVCx32: HidServ -> C:\Windows\SysWOW64\hidserv.dll ==> No File
NETSVCx32: Iprip -> no filepath.
NETSVCx32: LanmanWorkstation -> C:\Windows\SysWOW64\wkssvc.dll ==> No File
NETSVCx32: Messenger -> C:\Windows\SysWOW64\msgsvc.dll ==> No File
NETSVCx32: Netman -> C:\Windows\SysWOW64\netman.dll (Microsoft Corporation)
NETSVCx32: Sacsvr -> C:\Windows\SysWOW64\sacsvr.dll ==> No File
NETSVCx32: Seclogon -> C:\Windows\SysWOW64\seclogon.dll (Microsoft Corporation)
NETSVCx32: TrkWks -> C:\Windows\SysWOW64\trkwks.dll (Microsoft Corporation)
NETSVCx32: TrkSvr -> C:\Windows\SysWOW64\trksvr.dll (Microsoft Corporation)
NETSVCx32: WZCSVC -> C:\Windows\SysWOW64\wzcsvc.dll (Microsoft Corporation)
NETSVCx32: xmlprov -> C:\Windows\SysWOW64\xmlprov.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-21 16:33 - 2016-03-21 16:33 - 00000000 ____D C:\FRST
2016-03-21 16:09 - 2007-02-18 06:00 - 00506488 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDC15.tmp
2016-03-21 16:09 - 2007-02-18 06:00 - 00174200 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDC18.tmp
2016-03-21 16:09 - 2007-02-18 06:00 - 00028288 ____C C:\Windows\System32\dllcache\OLDC1E.tmp
2016-03-21 16:09 - 2007-02-18 06:00 - 00028288 ____C C:\Windows\System32\dllcache\OLDC1B.tmp
2016-03-21 16:09 - 2007-02-18 06:00 - 00016896 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDC23.tmp
2016-03-21 16:09 - 2005-03-24 17:35 - 00232448 ____C (Eicon Networks) C:\Windows\System32\dllcache\xlog.exe
2016-03-21 16:09 - 2005-03-24 17:35 - 00214272 ____C (Microsoft) C:\Windows\System32\dllcache\yk51x64.sys
2016-03-21 16:08 - 2007-02-17 01:47 - 05820416 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBD6.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 01852928 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBB2.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 01152000 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBFE.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 01102848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBAE.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00605696 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBC6.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00577024 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB5E.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00538624 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBCA.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00442880 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBFA.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00409600 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBE6.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00276480 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB72.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00228864 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB62.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00201728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB7E.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00170496 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBC2.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00169472 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB86.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00130048 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBAA.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00120320 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBF6.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00119296 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB52.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00114688 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBBA.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00109056 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB9E.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00108544 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBB6.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00098304 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB6A.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00096768 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDC02.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00094720 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB56.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00092160 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBEA.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00091648 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBD2.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00091648 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB92.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00089088 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB8E.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00089088 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB66.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00087040 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB7A.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00072704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB9A.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00072704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB96.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00072192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB5A.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00070144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBCE.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00062976 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBDE.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00060928 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB4E.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00060416 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB8A.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00050688 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB6E.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00050176 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBA2.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00047104 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBE2.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00044032 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB76.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00029696 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBBE.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00023552 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBDA.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00022528 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBF2.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00014336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBEE.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB82.tmp
2016-03-21 16:08 - 2007-02-17 01:47 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBA6.tmp
2016-03-21 16:08 - 2007-02-17 01:05 - 00024192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wstcodec.sys
2016-03-21 16:08 - 2007-02-17 01:04 - 00532480 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wpdmtpdr.dll
2016-03-21 16:08 - 2007-02-17 01:04 - 00202752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wpdmtp.dll
2016-03-21 16:08 - 2005-03-24 17:35 - 00097280 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wpdmtpus.dll
2016-03-21 16:08 - 2005-03-24 17:35 - 00093696 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wpdconns.dll
2016-03-21 16:08 - 2005-03-24 17:35 - 00055808 ____C (S2io Inc.) C:\Windows\System32\dllcache\xenamd64.sys
2016-03-21 16:08 - 2005-03-24 17:35 - 00029696 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wpdusb.sys
2016-03-21 16:08 - 2005-03-24 17:35 - 00015360 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wpdtrace.dll
2016-03-21 16:07 - 2007-02-18 06:00 - 01167360 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAF0.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 01151488 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB3C.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00723968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAED.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00651776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB3F.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00543232 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA9A.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00441344 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAE7.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00349696 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA9D.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00302080 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAF9.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00237056 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB1B.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00214528 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB42.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00214528 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB33.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00214528 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB15.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00195584 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB48.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00192512 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB39.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00154624 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB45.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00154624 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB36.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00154624 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB18.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00150528 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB1E.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00148480 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAB2.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00118784 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB00.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00108032 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAF6.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00105984 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB06.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00097280 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB0C.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00092672 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAB5.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00089600 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB27.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00088576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB2A.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00088576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAF3.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00083456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAEA.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00083456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAB8.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00080384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAD6.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00079360 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB03.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00073216 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB09.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00068096 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB12.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00066048 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB0F.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00062464 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDABB.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00057856 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAAC.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00056832 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAE4.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00055808 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAD9.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00039936 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB2D.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00039424 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAAF.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00031744 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA8B.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00031232 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAA6.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00028160 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA8E.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00025088 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDACA.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00024064 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAA9.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00023552 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB30.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00023040 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDACD.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA91.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00016384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDABE.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00013824 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA94.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAC1.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00011264 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB21.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA97.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAC4.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAD0.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB24.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAC7.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAA0.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAD3.tmp
2016-03-21 16:07 - 2007-02-18 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAA3.tmp
2016-03-21 16:07 - 2007-02-18 05:00 - 00054272 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wvfwwdm32.dll
2016-03-21 16:07 - 2007-02-18 05:00 - 00029184 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wvidcap.ax
2016-03-21 16:07 - 2007-02-17 01:02 - 00187904 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wdmaud.sys
2016-03-21 16:07 - 2007-02-17 01:02 - 00119552 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wceusbsh.sys
2016-03-21 16:07 - 2007-02-17 01:01 - 00081920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\vfwwdm32.dll
2016-03-21 16:07 - 2007-02-17 01:01 - 00044032 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\vidcap.ax
2016-03-21 16:07 - 2005-03-24 17:35 - 00015872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmiacpi.sys
2016-03-21 16:07 - 2005-03-24 17:34 - 00128000 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wiafbdrv.dll
2016-03-21 16:07 - 2005-03-24 17:34 - 00114816 ____C (VIA Networking Technologies, Inc. ) C:\Windows\System32\dllcache\wetn5b64.sys
2016-03-21 16:07 - 2005-03-24 17:34 - 00036352 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wdmaud.drv
2016-03-21 16:07 - 2005-03-24 17:34 - 00017920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wd.sys
2016-03-21 16:07 - 2005-03-24 17:34 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\viaide.sys
2016-03-21 16:06 - 2013-08-07 11:09 - 00027648 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA76.tmp
2016-03-21 16:06 - 2013-07-22 00:27 - 00032896 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA7B.tmp
2016-03-21 16:06 - 2013-02-12 13:34 - 00024064 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA6D.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 01413398 ____C C:\Windows\System32\dllcache\OLDA24.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00921600 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA1E.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00574464 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA21.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00455272 ____C C:\Windows\System32\dllcache\OLDA1B.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00455168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA30.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00432128 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA2D.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00390656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA0C.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00200704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA12.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00196608 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA44.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00187392 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA15.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00171484 ____C C:\Windows\System32\dllcache\OLDA18.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00118272 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA5E.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00114176 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA47.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00096768 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA50.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00076800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA61.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00073728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA7E.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00070656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA27.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00065536 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA53.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00064512 ____C (Stallion Technologies) C:\Windows\System32\dllcache\OLD9EF.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00061952 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9F8.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00046592 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA2A.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00038912 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA33.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00034304 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA64.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00029184 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA0F.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00026624 ____C (Symbios Logic Inc.) C:\Windows\System32\dllcache\OLDA01.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00026112 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA3B.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00021504 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA67.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00015360 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA6A.tmp
2016-03-21 16:06 - 2007-02-18 06:00 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA36.tmp
2016-03-21 16:06 - 2007-02-17 01:47 - 00178688 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9F5.tmp
2016-03-21 16:06 - 2007-02-17 01:00 - 00216320 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usbvideo.sys
2016-03-21 16:06 - 2007-02-17 01:00 - 00102912 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usbaudio.sys
2016-03-21 16:06 - 2007-02-17 01:00 - 00061440 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\uliagpkx.sys
2016-03-21 16:06 - 2007-02-17 01:00 - 00058880 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\uagp35.sys
2016-03-21 16:06 - 2007-02-17 01:00 - 00042496 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usbccid.sys
2016-03-21 16:06 - 2007-02-17 01:00 - 00029696 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usbprint.sys
2016-03-21 16:06 - 2007-02-17 00:59 - 00147456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\sysaudio.sys
2016-03-21 16:06 - 2006-08-30 19:20 - 00197696 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA5B.tmp
2016-03-21 16:06 - 2006-08-30 19:20 - 00197024 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA57.tmp
2016-03-21 16:06 - 2005-03-24 17:34 - 00318976 ____C (Trident Microsystems Inc.) C:\Windows\System32\dllcache\trid3d.dll
2016-03-21 16:06 - 2005-03-24 17:34 - 00254464 ____C (Trident Microsystems Inc.) C:\Windows\System32\dllcache\trid3dm.sys
2016-03-21 16:06 - 2005-03-24 17:34 - 00084992 ____C (LSI Logic) C:\Windows\System32\dllcache\symmpi.sys
2016-03-21 16:06 - 2005-03-24 17:34 - 00042496 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usbser.sys
2016-03-21 16:06 - 2005-03-24 17:34 - 00041984 ____C (LSI Logic) C:\Windows\System32\dllcache\symc8xx.sys
2016-03-21 16:06 - 2005-03-24 17:34 - 00038912 ____C (Promise Technology, Inc.) C:\Windows\System32\dllcache\ultra.sys
2016-03-21 16:06 - 2005-03-24 17:34 - 00034432 ____C (ULi Electronics Inc.) C:\Windows\System32\dllcache\uli5261.sys
2016-03-21 16:06 - 2005-03-24 17:34 - 00012288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\tandqic.sys
2016-03-21 16:06 - 2005-03-24 17:34 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\toside.sys
2016-03-21 16:06 - 2005-03-24 17:25 - 00086528 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\swmidi.sys
2016-03-21 16:06 - 2005-03-24 17:25 - 00039936 ____C (LSI Logic) C:\Windows\System32\dllcache\sym_u3.sys
2016-03-21 16:06 - 2005-03-24 17:25 - 00037376 ____C (LSI Logic) C:\Windows\System32\dllcache\sym_hi.sys
2016-03-21 16:06 - 2005-03-24 17:25 - 00028160 ____C (SCM Microsystems, Inc.) C:\Windows\System32\dllcache\stcusb.sys
2016-03-21 16:06 - 2005-03-24 17:25 - 00024576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\streamip.sys
2016-03-21 16:05 - 2007-02-18 06:00 - 00668672 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9A9.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00623104 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9B8.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00544256 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9B5.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00472576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD98D.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00387584 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD95D.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00373760 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9BE.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00240640 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD990.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00219136 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD960.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00215552 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD986.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00147192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD912.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00109568 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD97C.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00094720 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9D6.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00078072 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD90F.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00067696 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD915.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00064512 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9D9.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00061952 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9C4.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00060928 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9AF.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00056568 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD918.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00053248 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD981.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00040960 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9B2.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00035328 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9E7.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00027136 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD96B.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00026624 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD976.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00024660 ____C (Perle Systems Ltd.) C:\Windows\System32\dllcache\OLD9E4.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00024064 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9EA.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD979.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00016896 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9AC.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00016384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD993.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00014848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD99C.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9A6.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00012288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD99F.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00011264 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9C7.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9CA.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9D1.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9C1.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9BB.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD999.tmp
2016-03-21 16:05 - 2007-02-18 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD996.tmp
2016-03-21 16:05 - 2007-02-17 00:55 - 00076800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD98A.tmp
2016-03-21 16:05 - 2007-02-17 00:55 - 00012800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\sonyait.sys
2016-03-21 16:05 - 2007-02-17 00:55 - 00010240 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\splitter.sys
2016-03-21 16:05 - 2007-02-17 00:54 - 01971200 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD928.tmp
2016-03-21 16:05 - 2007-02-17 00:54 - 00549888 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD93C.tmp
2016-03-21 16:05 - 2007-02-17 00:54 - 00351744 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD938.tmp
2016-03-21 16:05 - 2007-02-17 00:54 - 00209920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD944.tmp
2016-03-21 16:05 - 2007-02-17 00:54 - 00152576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD973.tmp
2016-03-21 16:05 - 2007-02-17 00:54 - 00115200 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD934.tmp
2016-03-21 16:05 - 2007-02-17 00:54 - 00092160 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD94C.tmp
2016-03-21 16:05 - 2007-02-17 00:54 - 00091648 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD930.tmp
2016-03-21 16:05 - 2007-02-17 00:54 - 00070144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD940.tmp
2016-03-21 16:05 - 2007-02-17 00:54 - 00058880 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD948.tmp
2016-03-21 16:05 - 2007-02-17 00:54 - 00056832 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD954.tmp
2016-03-21 16:05 - 2007-02-17 00:54 - 00052224 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD92C.tmp
2016-03-21 16:05 - 2007-02-17 00:54 - 00040448 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD950.tmp
2016-03-21 16:05 - 2007-02-17 00:54 - 00028672 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD958.tmp
2016-03-21 16:05 - 2007-02-17 00:54 - 00019968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\scsiscan.sys
2016-03-21 16:05 - 2007-02-17 00:54 - 00012288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD91C.tmp
2016-03-21 16:05 - 2007-02-17 00:54 - 00011264 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD924.tmp
2016-03-21 16:05 - 2007-02-16 22:06 - 00024064 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD96F.tmp
2016-03-21 16:05 - 2005-03-24 17:24 - 00043008 ____C (SiS Corporation) C:\Windows\System32\dllcache\sisnic.sys
2016-03-21 16:05 - 2005-03-24 17:24 - 00036864 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD964.tmp
2016-03-21 16:05 - 2005-03-24 17:24 - 00032256 ____C (SCM Microsystems) C:\Windows\System32\dllcache\scr111.sys
2016-03-21 16:05 - 2005-03-24 17:24 - 00031232 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\scmstcs.sys
2016-03-21 16:05 - 2005-03-24 17:24 - 00030720 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\sermouse.sys
2016-03-21 16:05 - 2005-03-24 17:24 - 00019968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\slip.sys
2016-03-21 16:05 - 2005-03-24 17:24 - 00019968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\scsiprnt.sys
2016-03-21 16:05 - 2005-03-24 17:24 - 00017920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\sonymc.sys
2016-03-21 16:05 - 2005-03-24 17:24 - 00016384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9A3.tmp
2016-03-21 16:05 - 2005-03-24 17:24 - 00013824 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\spctramc.sys
2016-03-21 16:05 - 2005-03-24 17:24 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\snyaitmc.sys
2016-03-21 16:05 - 2005-03-24 17:24 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\seaddsmc.sys
2016-03-21 16:05 - 2005-03-24 17:24 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\serscan.sys
2016-03-21 16:05 - 2005-03-24 17:24 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9CE.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 01153536 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8B5.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00699904 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8D4.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00667648 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8CE.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00651264 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8EE.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00514048 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8BB.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00492544 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8F4.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00344064 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8DF.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00299008 ____C (3Com Corporation) C:\Windows\System32\dllcache\OLD87E.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00228352 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8C1.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00204800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD848.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00197632 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD89B.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00192000 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8D1.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00188928 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD898.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00137728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8B8.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00116736 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD876.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00107008 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8CB.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00083748 ____C C:\Windows\System32\dllcache\OLD861.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00083748 ____C C:\Windows\System32\dllcache\OLD85E.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00083748 ____C C:\Windows\System32\dllcache\OLD85B.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00083748 ____C C:\Windows\System32\dllcache\OLD858.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00082944 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD852.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00078336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD879.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00076800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD83F.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00060416 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD84B.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00054272 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8DA.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00050176 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8EB.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00049664 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8A6.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00044032 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8AF.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00039936 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8E2.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00036864 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8A0.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00035840 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8E5.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00034304 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8FA.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00034304 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8F1.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00031232 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8C4.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00029184 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8BE.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00027648 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8B2.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00026624 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8A3.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00022528 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8D7.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00020992 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD845.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00016896 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8FF.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00012400 ____C C:\Windows\System32\dllcache\OLD895.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00012288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD855.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD842.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00010240 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD902.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00009728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8F7.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8E8.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00004608 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8A9.tmp
2016-03-21 16:04 - 2007-02-18 06:00 - 00004096 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8AC.tmp
2016-03-21 16:04 - 2007-02-18 05:00 - 00198656 ____C C:\Windows\System32\dllcache\wPsisDecd.dll
2016-03-21 16:04 - 2007-02-18 05:00 - 00135680 ____C C:\Windows\System32\dllcache\wPsisRndr.ax
2016-03-21 16:04 - 2007-02-17 01:47 - 00087040 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD838.tmp
2016-03-21 16:04 - 2007-02-17 00:53 - 00073728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\sbp2port.sys
2016-03-21 16:04 - 2007-02-17 00:53 - 00040576 ____C (OMNIKEY AG) C:\Windows\System32\dllcache\sccmusbm.sys
2016-03-21 16:04 - 2007-02-17 00:51 - 00051200 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\rndismpx.sys
2016-03-21 16:04 - 2007-02-17 00:51 - 00032256 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ramdisk.sys
2016-03-21 16:04 - 2007-02-17 00:50 - 00316928 ____C C:\Windows\System32\dllcache\psisdecd.dll
2016-03-21 16:04 - 2007-02-17 00:50 - 00271872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ptpusd.dll
2016-03-21 16:04 - 2007-02-17 00:50 - 00025344 ____C (SCM Microsystems, Inc.) C:\Windows\System32\dllcache\pscr.sys
2016-03-21 16:04 - 2007-02-17 00:50 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\qic157.sys
2016-03-21 16:04 - 2007-02-17 00:44 - 00246272 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\portcls.sys
2016-03-21 16:04 - 2007-02-17 00:44 - 00016384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\pnpmem.sys
2016-03-21 16:04 - 2007-02-17 00:44 - 00015872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\powerfil.sys
2016-03-21 16:04 - 2005-03-24 17:25 - 00026417 ____C C:\Windows\System32\dllcache\OLD892.tmp
2016-03-21 16:04 - 2005-03-24 17:25 - 00011781 ____C C:\Windows\System32\dllcache\OLD886.tmp
2016-03-21 16:04 - 2005-03-24 17:25 - 00010571 ____C C:\Windows\System32\dllcache\OLD88E.tmp
2016-03-21 16:04 - 2005-03-24 17:25 - 00006331 ____C C:\Windows\System32\dllcache\OLD8C8.tmp
2016-03-21 16:04 - 2005-03-24 17:25 - 00003912 ____C C:\Windows\System32\dllcache\OLD882.tmp
2016-03-21 16:04 - 2005-03-24 17:24 - 00796160 ____C (QLogic Corporation) C:\Windows\System32\dllcache\ql2300.sys
2016-03-21 16:04 - 2005-03-24 17:24 - 00044032 ____C (OMNIKEY AG) C:\Windows\System32\dllcache\sccmn50m.sys
2016-03-21 16:04 - 2005-03-24 17:24 - 00039424 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD88A.tmp
2016-03-21 16:04 - 2005-03-24 17:24 - 00037888 ____C (Realtek Semiconductor Corporation ) C:\Windows\System32\dllcache\rtl69a64.sys
2016-03-21 16:04 - 2005-03-24 17:24 - 00014848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\qlstrmc.sys
2016-03-21 16:04 - 2005-03-24 17:24 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\qntmmc.sys
2016-03-21 16:04 - 2005-03-24 17:24 - 00010240 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\rsmgrstr.dll
2016-03-21 16:04 - 2005-03-24 17:23 - 00057344 ____C C:\Windows\System32\dllcache\psisrndr.ax
2016-03-21 16:04 - 2005-03-24 17:22 - 00013824 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\pnrmc.sys
2016-03-21 16:03 - 2007-02-18 06:00 - 10011497 ____C C:\Windows\System32\dllcache\OLD82C.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 01004904 ____C C:\Windows\System32\dllcache\OLD81D.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00978944 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD799.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00948656 ____C C:\Windows\System32\dllcache\OLD81A.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00920576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD776.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00888832 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD823.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00867242 ____C C:\Windows\System32\dllcache\OLD817.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00825038 ____C C:\Windows\System32\dllcache\OLD814.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00733292 ____C C:\Windows\System32\dllcache\OLD829.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00535040 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD826.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00487472 ____C C:\Windows\System32\dllcache\OLD80E.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00487472 ____C C:\Windows\System32\dllcache\OLD80B.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00208744 ____C C:\Windows\System32\dllcache\OLD820.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00206848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD769.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00197632 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD796.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00194048 ____C C:\Windows\System32\dllcache\OLD7F9.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00188140 ____C C:\Windows\System32\dllcache\OLD811.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00184320 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD7A9.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00174803 ____C C:\Windows\System32\dllcache\OLD802.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00174803 ____C C:\Windows\System32\dllcache\OLD7FF.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00145408 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD7B0.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00130048 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD783.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00118784 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD7F0.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00117248 ____C C:\Windows\System32\dllcache\OLD7FC.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00115712 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD82F.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00106496 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD779.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00079360 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD7F5.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00075776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD832.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00061440 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD77C.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00059392 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD805.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00057344 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD7A2.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00055296 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD808.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00054784 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD7E3.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00050176 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD7B4.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00026624 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD786.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00023552 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD770.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00022528 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD773.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00022016 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD7C1.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00019968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD7D9.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00018432 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD7BB.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00017920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD7C7.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00017920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD789.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00016896 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD7E6.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00016896 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD7DD.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00016896 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD7CD.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00015872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD7BE.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00014848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD7D1.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00014336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD793.tmp
2016-03-21 16:03 - 2007-02-18 06:00 - 00014336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD78C.tmp
2016-03-21 16:03 - 2007-02-17 01:47 - 00102912 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD766.tmp
2016-03-21 16:03 - 2007-02-17 01:47 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD79F.tmp
2016-03-21 16:03 - 2007-02-17 00:44 - 00161024 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\phildec.sys
2016-03-21 16:03 - 2007-02-17 00:42 - 00093440 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ohci1394.sys
2016-03-21 16:03 - 2007-02-17 00:41 - 00124416 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\nv_agp.sys
2016-03-21 16:03 - 2005-03-24 17:22 - 00016384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\plasmc.sys
2016-03-21 16:03 - 2005-03-24 17:21 - 00092160 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\nic1394.sys
2016-03-21 16:03 - 2005-03-24 17:21 - 00053248 ____C (IBM Corporation) C:\Windows\System32\dllcache\nfrd960.sys
2016-03-21 16:03 - 2005-03-24 17:21 - 00022528 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ne2000.sys
2016-03-21 16:03 - 2005-03-24 17:21 - 00017408 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ndisip.sys
2016-03-21 16:03 - 2005-03-24 17:21 - 00016384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD790.tmp
2016-03-21 16:03 - 2005-03-24 17:21 - 00014336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\nsmmc.sys
2016-03-21 16:02 - 2007-02-18 06:00 - 01875968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD73B.tmp
2016-03-21 16:02 - 2007-02-18 06:00 - 01875968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD738.tmp
2016-03-21 16:02 - 2007-02-18 06:00 - 00431104 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD72F.tmp
2016-03-21 16:02 - 2007-02-18 06:00 - 00206848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD757.tmp
2016-03-21 16:02 - 2007-02-18 06:00 - 00136192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD732.tmp
2016-03-21 16:02 - 2007-02-18 06:00 - 00132096 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD75A.tmp
2016-03-21 16:02 - 2007-02-18 06:00 - 00094208 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD735.tmp
2016-03-21 16:02 - 2007-02-18 06:00 - 00058368 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD73E.tmp
2016-03-21 16:02 - 2007-02-18 06:00 - 00052736 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD74C.tmp
2016-03-21 16:02 - 2007-02-18 06:00 - 00038400 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD741.tmp
2016-03-21 16:02 - 2007-02-18 06:00 - 00022016 ____C (Moxa Technologies Co., Ltd) C:\Windows\System32\dllcache\OLD75D.tmp
2016-03-21 16:02 - 2007-02-18 06:00 - 00013824 ____C (Moxa Technologies Co., Ltd) C:\Windows\System32\dllcache\OLD760.tmp
2016-03-21 16:02 - 2007-02-18 05:00 - 00057856 ____C C:\Windows\System32\dllcache\wMSDvbNP.ax
2016-03-21 16:02 - 2007-02-17 00:39 - 00103680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\nabtsfec.sys
2016-03-21 16:02 - 2007-02-17 00:39 - 00062976 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mstape.sys
2016-03-21 16:02 - 2007-02-17 00:39 - 00012288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mskssrv.sys
2016-03-21 16:02 - 2007-02-17 00:39 - 00008064 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mstee.sys
2016-03-21 16:02 - 2007-02-17 00:39 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mspclock.sys
2016-03-21 16:02 - 2007-02-17 00:39 - 00006912 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mspqm.sys
2016-03-21 16:02 - 2007-02-17 00:38 - 00094720 ____C C:\Windows\System32\dllcache\msdvbnp.ax
2016-03-21 16:02 - 2007-02-17 00:38 - 00071680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msdv.sys
2016-03-21 16:02 - 2007-02-16 21:33 - 00397312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD754.tmp
2016-03-21 16:02 - 2005-03-24 17:21 - 00036352 ____C (LSI Logic Corporation) C:\Windows\System32\dllcache\mraid35x.sys
2016-03-21 16:02 - 2005-03-24 17:21 - 00028672 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\modemcsa.sys
2016-03-21 16:02 - 2005-03-24 17:21 - 00023040 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mpe.sys
2016-03-21 16:02 - 2005-03-24 17:21 - 00005120 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msmpu401.sys
2016-03-21 16:01 - 2007-02-18 06:00 - 01158818 ____C C:\Windows\System32\dllcache\OLD6BD.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 01158818 ____C C:\Windows\System32\dllcache\OLD6BA.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00538112 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD705.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00350208 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD719.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00201728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6E5.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00142336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD702.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00116756 ____C C:\Windows\System32\dllcache\OLD6C3.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00116756 ____C C:\Windows\System32\dllcache\OLD6C0.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00114688 ____C C:\Windows\System32\dllcache\OLD71C.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00113664 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD711.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00102400 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD70E.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00072704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6B4.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00059904 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6AF.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00052224 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6DF.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00050688 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6B7.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00043008 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6D5.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00037376 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6DC.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00033792 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6F6.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00033792 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6E2.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00031744 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6E8.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00029696 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6FC.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00025600 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6EB.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00023040 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6F9.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00017920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6FF.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00017920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6EE.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00015872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD716.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00014848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6D2.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6F1.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD645.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00010240 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD65F.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00010240 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD64A.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00009728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD662.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00009216 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD71F.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD665.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD668.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD659.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD653.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD64D.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5FD.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD65C.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD623.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD603.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD600.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6A9.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6A3.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD693.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD68B.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD683.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD67B.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD673.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD66B.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD656.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD650.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD63B.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD62B.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD61B.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD613.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD60B.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5DF.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6A6.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD69B.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD698.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD690.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD678.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD633.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD630.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD628.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD620.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD618.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD608.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5F5.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5E7.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5E4.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6AC.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6A0.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD688.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD680.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD670.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD640.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD638.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD610.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5FA.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5EF.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5EC.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5DC.tmp
2016-03-21 16:01 - 2007-02-18 06:00 - 00005632 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5F2.tmp
2016-03-21 16:01 - 2007-02-18 05:00 - 00130048 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wksproxy.ax
2016-03-21 16:01 - 2007-02-18 05:00 - 00090624 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkswdmcap.ax
2016-03-21 16:01 - 2007-02-18 05:00 - 00061952 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkstvtune.ax
2016-03-21 16:01 - 2007-02-18 05:00 - 00043008 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wksxbar.ax
2016-03-21 16:01 - 2007-02-18 05:00 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD625.tmp
2016-03-21 16:01 - 2007-02-18 05:00 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD605.tmp
2016-03-21 16:01 - 2007-02-18 05:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD695.tmp
2016-03-21 16:01 - 2007-02-18 05:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD68D.tmp
2016-03-21 16:01 - 2007-02-18 05:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD685.tmp
2016-03-21 16:01 - 2007-02-18 05:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD67D.tmp
2016-03-21 16:01 - 2007-02-18 05:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD675.tmp
2016-03-21 16:01 - 2007-02-18 05:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD66D.tmp
2016-03-21 16:01 - 2007-02-18 05:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD63D.tmp
2016-03-21 16:01 - 2007-02-18 05:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD62D.tmp
2016-03-21 16:01 - 2007-02-18 05:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD61D.tmp
2016-03-21 16:01 - 2007-02-18 05:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD615.tmp
2016-03-21 16:01 - 2007-02-18 05:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD60D.tmp
2016-03-21 16:01 - 2007-02-18 05:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5E1.tmp
2016-03-21 16:01 - 2007-02-18 05:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5D9.tmp
2016-03-21 16:01 - 2007-02-18 05:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD69D.tmp
2016-03-21 16:01 - 2007-02-18 05:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD635.tmp
2016-03-21 16:01 - 2007-02-18 05:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5F7.tmp
2016-03-21 16:01 - 2007-02-18 05:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5E9.tmp
2016-03-21 16:01 - 2007-02-17 00:36 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ltotape.sys
2016-03-21 16:01 - 2007-02-17 00:35 - 00250880 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ksproxy.ax
2016-03-21 16:01 - 2007-02-17 00:35 - 00138752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kswdmcap.ax
2016-03-21 16:01 - 2007-02-17 00:35 - 00088064 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kstvtune.ax
2016-03-21 16:01 - 2007-02-17 00:35 - 00026112 ____C (Litronic Industries) C:\Windows\System32\dllcache\lit220p.sys
2016-03-21 16:01 - 2007-02-17 00:34 - 00012288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdjpn.dll
2016-03-21 16:01 - 2007-02-17 00:34 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdkor.dll
2016-03-21 16:01 - 2005-03-24 17:21 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\miniqic.sys
2016-03-21 16:01 - 2005-03-24 17:20 - 00569344 ____C (Agere Systems) C:\Windows\System32\dllcache\ltmdm64.sys
2016-03-21 16:01 - 2005-03-24 17:20 - 00204288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kmixer.sys
2016-03-21 16:01 - 2005-03-24 17:20 - 00074752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ksxbar.ax
2016-03-21 16:01 - 2005-03-24 17:20 - 00015872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\libxprmc.sys
2016-03-21 16:01 - 2005-03-24 17:20 - 00012800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mammoth.sys
2016-03-21 16:01 - 2005-03-24 17:20 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\m4mc.sys
2016-03-21 16:01 - 2005-03-24 17:20 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\loop.sys
2016-03-21 16:00 - 2007-02-18 06:00 - 14694768 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD514.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 09206120 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD52C.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00854376 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD517.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00400384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD53B.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00394240 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD53E.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00338944 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD54A.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00327168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD526.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00276992 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD541.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00274944 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD520.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00234496 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD529.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00195584 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD544.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00184320 ____C ( ) C:\Windows\System32\dllcache\OLD55D.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00179712 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD523.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00174592 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD50B.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00137584 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD511.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00113152 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD50E.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00100864 ____C C:\Windows\System32\dllcache\OLD538.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00100864 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD52F.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00049664 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD56B.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00047104 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD560.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00035328 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD563.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00028160 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD574.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD577.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00017920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD547.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00016384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD568.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00014848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD532.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00010240 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD56E.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00010240 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD54D.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00009216 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD535.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD582.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5D1.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5A7.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD571.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD550.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5BD.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD587.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5D7.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5D4.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5B5.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5AD.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5AA.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5A4.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD59A.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD595.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD590.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD58D.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5CB.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5C5.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5C2.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5BA.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD59F.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD58A.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5CE.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5C8.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5B2.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD51A.tmp
2016-03-21 16:00 - 2007-02-18 06:00 - 00005120 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD51D.tmp
2016-03-21 16:00 - 2007-02-18 05:00 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5BF.tmp
2016-03-21 16:00 - 2007-02-18 05:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5B7.tmp
2016-03-21 16:00 - 2007-02-18 05:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5AF.tmp
2016-03-21 16:00 - 2006-08-30 19:16 - 01499904 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD558.tmp
2016-03-21 16:00 - 2006-08-30 19:16 - 01489152 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD554.tmp
2016-03-21 16:00 - 2005-03-24 17:20 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\jvcmc.sys
2016-03-21 16:00 - 2005-03-24 17:20 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbd106.dll
2016-03-21 16:00 - 2005-03-24 17:20 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbd101c.dll
2016-03-21 16:00 - 2005-03-24 17:20 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbd103.dll
2016-03-21 16:00 - 2005-03-24 17:20 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbd101b.dll
2016-03-21 16:00 - 2005-03-24 17:19 - 00070784 ____C (Intel Corporation) C:\Windows\System32\dllcache\ixg5132e.sys
2016-03-21 16:00 - 2005-03-24 17:19 - 00023552 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ipsink.ax
2016-03-21 16:00 - 2005-03-24 17:19 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\jetpack.exe
2016-03-21 16:00 - 2005-03-24 17:19 - 00010240 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD57B.tmp
2016-03-21 16:00 - 2005-03-24 17:19 - 00009216 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\intelide.sys
2016-03-21 15:59 - 2007-02-18 06:00 - 10660216 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD508.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 01298432 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD454.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 01106944 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4C3.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00993672 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4FF.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00815104 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4F6.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00732160 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4D8.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00695808 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4C6.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00647168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4DB.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00581120 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4BD.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00576000 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4D2.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00492032 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD428.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00346624 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD499.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00342016 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4D5.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00336896 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD487.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00331264 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4C0.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00324608 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4EA.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00323072 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4B7.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00312832 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD490.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00241664 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD42B.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00216576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD493.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00210944 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4BA.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00198144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4ED.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00167936 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD48A.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00167424 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD502.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00153600 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4A8.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00146944 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3EF.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00141312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4F0.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00139776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD49C.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00139264 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4A2.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00134339 ____C C:\Windows\System32\dllcache\OLD49F.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00123392 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD478.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00122880 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD47B.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00112128 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD466.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00109056 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4AB.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00107520 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD505.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00105984 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4C9.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00105984 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD457.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00100864 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD481.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00096768 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4A5.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00094208 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4CC.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00079872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4F9.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00078336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4F3.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00076288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD469.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00069120 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4AE.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00068608 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD484.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00066560 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD434.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00060121 ____C C:\Windows\System32\dllcache\OLD460.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00059904 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD412.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00055704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4CF.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00055296 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4FC.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00052093 ____C C:\Windows\System32\dllcache\OLD45A.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00050900 ____C C:\Windows\System32\dllcache\OLD496.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00048640 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD437.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00039103 ____C C:\Windows\System32\dllcache\OLD47E.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00037888 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD43D.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00035840 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3F7.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00035328 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4B1.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00035074 ____C C:\Windows\System32\dllcache\OLD451.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00034604 ____C C:\Windows\System32\dllcache\OLD48D.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00034518 ____C C:\Windows\System32\dllcache\OLD45D.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00034304 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD472.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00032887 ____C C:\Windows\System32\dllcache\OLD463.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00032256 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4E4.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00030208 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD44B.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00029184 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD475.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00027136 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD42E.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00025600 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD408.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00025600 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3FA.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00022016 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD40F.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00020992 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4E7.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00020480 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4B4.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00018944 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD431.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00016896 ____C (Hilgraeve, Inc.) C:\Windows\System32\dllcache\OLD425.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00013877 ____C C:\Windows\System32\dllcache\OLD44E.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD43A.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00009728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4DE.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00009216 ____C (IBM Corporation) C:\Windows\System32\dllcache\OLD440.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4E1.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3FD.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00005632 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3F2.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00003584 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD46C.tmp
2016-03-21 15:59 - 2007-02-18 06:00 - 00003072 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD46F.tmp
2016-03-21 15:59 - 2007-02-18 05:00 - 00096256 ____C C:\Windows\System32\dllcache\ieencode.dll
2016-03-21 15:59 - 2007-02-18 05:00 - 00082432 ____C C:\Windows\System32\dllcache\wieencode.dll
2016-03-21 15:59 - 2007-02-17 00:28 - 00385024 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hpojwia.dll
2016-03-21 15:59 - 2007-02-17 00:28 - 00035840 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hidbatt.sys
2016-03-21 15:59 - 2005-03-24 17:19 - 00048128 ____C (Intel Corp./ICP vortex GmbH) C:\Windows\System32\dllcache\iirsp.sys
2016-03-21 15:59 - 2005-03-24 17:19 - 00009709 ____C C:\Windows\System32\dllcache\OLD448.tmp
2016-03-21 15:59 - 2005-03-24 17:18 - 01080832 ____C (Conexant Systems, Inc.) C:\Windows\System32\dllcache\hsf_dp4.sys
2016-03-21 15:59 - 2005-03-24 17:18 - 00804352 ____C (Conexant Systems, Inc.) C:\Windows\System32\dllcache\hsfcnxt4.sys
2016-03-21 15:59 - 2005-03-24 17:18 - 00241664 ____C (Windows ® Server 2003 DDK provider) C:\Windows\System32\dllcache\hdaudio.sys
2016-03-21 15:59 - 2005-03-24 17:18 - 00236032 ____C (Conexant Systems, Inc.) C:\Windows\System32\dllcache\hsfbs4.sys
2016-03-21 15:59 - 2005-03-24 17:18 - 00080896 ____C (Windows ® Server 2003 DDK provider) C:\Windows\System32\dllcache\hdashcut.exe
2016-03-21 15:59 - 2005-03-24 17:18 - 00044544 ____C (Gemplus) C:\Windows\System32\dllcache\grserial.sys
2016-03-21 15:59 - 2005-03-24 17:18 - 00037402 ____C (Conexant Systems, Inc.) C:\Windows\System32\dllcache\hsfc4.dll
2016-03-21 15:59 - 2005-03-24 17:18 - 00031232 ____C (Hewlett-Packard Company) C:\Windows\System32\dllcache\hpcisss.sys
2016-03-21 15:59 - 2005-03-24 17:18 - 00030720 ____C (Gemplus) C:\Windows\System32\dllcache\gpr400.sys
2016-03-21 15:59 - 2005-03-24 17:18 - 00028672 ____C (Windows ® Server 2003 DDK provider) C:\Windows\System32\dllcache\hdaprop.dll
2016-03-21 15:59 - 2005-03-24 17:18 - 00019968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hpmc.sys
2016-03-21 15:59 - 2005-03-24 17:18 - 00012288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hidgame.sys
2016-03-21 15:59 - 2005-03-24 17:18 - 00009728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hpt4qic.sys
2016-03-21 15:59 - 2005-03-24 17:18 - 00006144 ____C (Windows ® Server 2003 DDK provider) C:\Windows\System32\dllcache\hdaudres.dll
2016-03-21 15:58 - 2007-02-18 06:00 - 00737792 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD39A.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00737280 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD39D.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00573952 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3B5.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00528384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD332.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00514587 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD2E4.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00469504 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3B8.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00467456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD33D.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00421376 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD32B.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00419328 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD35F.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00414208 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3C5.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00398336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3E6.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00305664 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3BB.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00286720 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD362.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00282112 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD369.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00260096 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD347.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00177664 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD328.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00162816 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD2FD.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00137728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3D0.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00132608 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3D7.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00129024 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD352.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00116224 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD2F7.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00095232 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD359.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00077824 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD310.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00072704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3A0.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00072704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD35C.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00063488 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD340.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00055808 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3A3.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00047616 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD37F.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00038400 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3AA.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00036352 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3BE.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00034304 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD38D.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00034304 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD2FA.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00027648 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD374.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00023040 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD38A.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00022016 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD304.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00018944 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD30A.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00014848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD307.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00009728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD390.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00009216 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD31F.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00009216 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD319.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD393.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD325.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD322.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD30D.tmp
2016-03-21 15:58 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD31C.tmp
2016-03-21 15:58 - 2007-02-17 06:03 - 00155136 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD366.tmp
2016-03-21 15:58 - 2007-02-17 06:03 - 00148992 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD344.tmp
2016-03-21 15:58 - 2007-02-17 06:03 - 00034816 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3A7.tmp
2016-03-21 15:58 - 2007-02-17 06:02 - 00467456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD32F.tmp
2016-03-21 15:58 - 2007-02-17 06:02 - 00398336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3DF.tmp
2016-03-21 15:58 - 2007-02-17 06:02 - 00392192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3C2.tmp
2016-03-21 15:58 - 2007-02-17 06:02 - 00092160 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3CD.tmp
2016-03-21 15:58 - 2007-02-17 06:02 - 00084480 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3D4.tmp
2016-03-21 15:58 - 2007-02-17 06:02 - 00023040 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD383.tmp
2016-03-21 15:58 - 2007-02-17 06:02 - 00018944 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD371.tmp
2016-03-21 15:58 - 2007-02-17 06:02 - 00015872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD37C.tmp
2016-03-21 15:58 - 2007-02-17 00:22 - 00061952 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\gagp30kx.sys
2016-03-21 15:58 - 2007-02-16 22:06 - 00138752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD34B.tmp
2016-03-21 15:58 - 2007-02-16 22:05 - 00491520 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD33A.tmp
2016-03-21 15:58 - 2007-02-16 22:05 - 00466432 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD336.tmp
2016-03-21 15:58 - 2007-02-16 22:05 - 00405504 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3E3.tmp
2016-03-21 15:58 - 2007-02-16 22:05 - 00387072 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3C9.tmp
2016-03-21 15:58 - 2007-02-16 22:05 - 00153088 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD36D.tmp
2016-03-21 15:58 - 2007-02-16 22:05 - 00081920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3DB.tmp
2016-03-21 15:58 - 2007-02-16 22:05 - 00040960 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD378.tmp
2016-03-21 15:58 - 2007-02-16 22:05 - 00036864 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD387.tmp
2016-03-21 15:58 - 2007-02-16 22:05 - 00033280 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3AE.tmp
2016-03-21 15:58 - 2007-02-16 21:13 - 00737280 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD397.tmp
2016-03-21 15:58 - 2007-02-16 21:13 - 00128512 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD356.tmp
2016-03-21 15:58 - 2007-02-16 21:13 - 00128512 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD34F.tmp
2016-03-21 15:58 - 2006-08-30 19:20 - 00102400 ____C (Installshield Software Corporation ) C:\Windows\System32\dllcache\OLD3B2.tmp
2016-03-21 15:58 - 2005-03-24 17:18 - 00063872 ____C (VIA Networking Technologies, Inc. ) C:\Windows\System32\dllcache\get5a64.sys
2016-03-21 15:58 - 2005-03-24 17:17 - 00652288 ____C (AVM Berlin) C:\Windows\System32\dllcache\fpcibase.sys
2016-03-21 15:58 - 2005-03-24 17:17 - 00643072 ____C (AVM Berlin) C:\Windows\System32\dllcache\fpcmbase.sys
2016-03-21 15:58 - 2005-03-24 17:17 - 00391680 ____C (Emulex Corporation) C:\Windows\System32\dllcache\elxstor.sys
2016-03-21 15:58 - 2005-03-24 17:17 - 00232960 ____C (Intel Corporation) C:\Windows\System32\dllcache\e1g5132e.sys
2016-03-21 15:58 - 2005-03-24 17:17 - 00191744 ____C (Intel Corporation) C:\Windows\System32\dllcache\efe5b32e.sys
2016-03-21 15:58 - 2005-03-24 17:17 - 00103936 ____C (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esucm.dll
2016-03-21 15:58 - 2005-03-24 17:17 - 00081408 ____C (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esunib.dll
2016-03-21 15:58 - 2005-03-24 17:17 - 00081408 ____C (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esuni.dll
2016-03-21 15:58 - 2005-03-24 17:17 - 00076800 ____C (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esuimg.dll
2016-03-21 15:58 - 2005-03-24 17:17 - 00062848 ____C (VIA Technologies, Inc. ) C:\Windows\System32\dllcache\fet5a64.sys
2016-03-21 15:58 - 2005-03-24 17:17 - 00017408 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\examc.sys
2016-03-21 15:58 - 2005-03-24 17:17 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\elmsmc.sys
2016-03-21 15:58 - 2005-03-24 17:17 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\exabyte2.sys
2016-03-21 15:58 - 2005-03-24 17:17 - 00011264 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\enum1394.sys
2016-03-21 15:58 - 2005-03-24 17:16 - 00035328 ____C (Adaptec, Inc.) C:\Windows\System32\dllcache\dpti2o.sys
2016-03-21 15:58 - 2005-03-24 17:16 - 00032768 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dot4usb.sys
2016-03-21 15:57 - 2007-02-18 06:00 - 01311744 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD2C6.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00963584 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD2A2.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00873472 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD2C9.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00841728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD1F8.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00759808 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD2C3.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00543708 ____C C:\Windows\System32\dllcache\OLD213.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00535552 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD231.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00480256 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD234.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00462929 ____C C:\Windows\System32\dllcache\OLD1FE.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00462929 ____C C:\Windows\System32\dllcache\OLD1FB.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00427138 ____C C:\Windows\System32\dllcache\OLD219.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00409168 ____C C:\Windows\System32\dllcache\OLD22B.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00362496 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD20D.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00311808 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD2D2.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00279894 ____C C:\Windows\System32\dllcache\OLD216.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00270848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD2A7.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00249856 ____C C:\Windows\System32\dllcache\OLD207.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00212992 ____C (Digi International Inc.) C:\Windows\System32\dllcache\OLD295.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00199680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD210.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00187904 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD2D5.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00173568 ____C C:\Windows\System32\dllcache\OLD20A.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00118272 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD28A.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00102400 ____C (Digi International Inc.) C:\Windows\System32\dllcache\OLD2AC.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00102304 ____C C:\Windows\System32\dllcache\OLD22E.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00102304 ____C C:\Windows\System32\dllcache\OLD228.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00098304 ____C (Digi International Inc.) C:\Windows\System32\dllcache\OLD2AF.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00088576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD254.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00079360 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD28D.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00063488 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD201.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00056320 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD204.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00053248 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD24E.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00045056 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD27E.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00040448 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD257.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00033792 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD251.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00031744 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD265.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00030720 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD278.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00029696 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD271.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00029696 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD26C.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00027648 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD290.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00027136 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD281.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00026624 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD25A.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00024576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD21F.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00024080 ____C C:\Windows\System32\dllcache\OLD21C.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00024064 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD27B.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00021504 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD222.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00020992 ____C (Digi International Inc.) C:\Windows\System32\dllcache\OLD298.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00014336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD2CC.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD2CF.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00009216 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD237.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD29D.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD284.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00006686 ____C (Eicon Networks) C:\Windows\System32\dllcache\OLD2B6.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD287.tmp
2016-03-21 15:57 - 2007-02-18 06:00 - 00001380 ____C C:\Windows\System32\dllcache\OLD225.tmp
2016-03-21 15:57 - 2007-02-17 00:17 - 01592832 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dhcpsnap.dll
2016-03-21 15:57 - 2007-02-17 00:17 - 00432640 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dhcpssvc.dll
2016-03-21 15:57 - 2007-02-17 00:17 - 00182784 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dot4.sys
2016-03-21 15:57 - 2007-02-17 00:09 - 00260096 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\csamsp.dll
2016-03-21 15:57 - 2007-02-17 00:09 - 00169472 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD24B.tmp
2016-03-21 15:57 - 2007-02-17 00:09 - 00031360 ____C (OMNIKEY AG) C:\Windows\System32\dllcache\cmbp0wdm.sys
2016-03-21 15:57 - 2007-02-17 00:09 - 00021120 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cmbatt.sys
2016-03-21 15:57 - 2007-02-17 00:09 - 00015488 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\compbatt.sys
2016-03-21 15:57 - 2005-03-24 17:19 - 00001849 ____C C:\Windows\System32\dllcache\OLD23B.tmp
2016-03-21 15:57 - 2005-03-24 17:19 - 00001844 ____C C:\Windows\System32\dllcache\OLD23F.tmp
2016-03-21 15:57 - 2005-03-24 17:16 - 00491520 ____C (Eicon Networks) C:\Windows\System32\dllcache\diwansrv.sys
2016-03-21 15:57 - 2005-03-24 17:16 - 00462336 ____C (Eicon Networks) C:\Windows\System32\dllcache\dimaint.sys
2016-03-21 15:57 - 2005-03-24 17:16 - 00404480 ____C (Eicon Networks) C:\Windows\System32\dllcache\ditrace.exe
2016-03-21 15:57 - 2005-03-24 17:16 - 00310784 ____C (Eicon Networks) C:\Windows\System32\dllcache\dicapi.sys
2016-03-21 15:57 - 2005-03-24 17:16 - 00045056 ____C (Eicon Networks) C:\Windows\System32\dllcache\disrvsu.dll
2016-03-21 15:57 - 2005-03-24 17:16 - 00038400 ____C (Eicon Networks) C:\Windows\System32\dllcache\disrvpp.dll
2016-03-21 15:57 - 2005-03-24 17:16 - 00023552 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dot4prt.sys
2016-03-21 15:57 - 2005-03-24 17:16 - 00014848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dot4scan.sys
2016-03-21 15:57 - 2005-03-24 17:16 - 00013824 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dlttape.sys
2016-03-21 15:57 - 2005-03-24 17:16 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ddsmc.sys
2016-03-21 15:57 - 2005-03-24 17:16 - 00012288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dhcpmib.dll
2016-03-21 15:57 - 2005-03-24 17:16 - 00006144 ____C (Eicon Networks) C:\Windows\System32\dllcache\disrvci.dll
2016-03-21 15:57 - 2005-03-24 17:15 - 00096768 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyzport.sys
2016-03-21 15:57 - 2005-03-24 17:15 - 00094720 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyyport.sys
2016-03-21 15:57 - 2005-03-24 17:15 - 00039424 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyycoins.dll
2016-03-21 15:57 - 2005-03-24 17:15 - 00036864 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyzcoins.dll
2016-03-21 15:57 - 2005-03-24 17:15 - 00035328 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyzports.dll
2016-03-21 15:57 - 2005-03-24 17:15 - 00034816 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyyports.dll
2016-03-21 15:57 - 2005-03-24 17:15 - 00027136 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyclad-z.sys
2016-03-21 15:57 - 2005-03-24 17:15 - 00024064 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyclom-y.sys
2016-03-21 15:57 - 2005-03-24 17:15 - 00013824 ____C (CMD Technology, Inc.) C:\Windows\System32\dllcache\cmdide.sys
2016-03-21 15:56 - 2007-02-18 06:00 - 01701888 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD1EF.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 01682432 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD1F2.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00850944 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD1F5.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00773120 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD101.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00621056 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD10C.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00564736 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD189.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00533504 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD1E4.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00388096 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD10F.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00177698 ____C C:\Windows\System32\dllcache\OLD1C9.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00177698 ____C C:\Windows\System32\dllcache\OLD1C6.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00159744 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD118.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00153600 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD150.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00146432 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD186.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00146432 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD180.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00139264 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD1DE.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00131072 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD1D8.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00117760 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD1E7.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00088064 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD183.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00087552 ____C (AVM GmbH) C:\Windows\System32\dllcache\OLD15B.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00082432 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD1E1.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00082172 ____C C:\Windows\System32\dllcache\OLD192.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00082172 ____C C:\Windows\System32\dllcache\OLD18F.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00078848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD1EA.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00075776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD1AD.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00071168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD1DB.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00066728 ____C C:\Windows\System32\dllcache\OLD17B.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00066728 ____C C:\Windows\System32\dllcache\OLD178.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00065536 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD166.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00047104 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD1B0.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00027136 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD112.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00025088 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD14D.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00023552 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD175.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00021504 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD115.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDEE.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00018944 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD1B3.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00012800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD1CF.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD18C.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00010240 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD1CC.tmp
2016-03-21 15:56 - 2007-02-18 06:00 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD169.tmp
2016-03-21 15:56 - 2007-02-18 05:00 - 00018432 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wBdaPlgIn.ax
2016-03-21 15:56 - 2007-02-17 01:47 - 00479232 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD109.tmp
2016-03-21 15:56 - 2007-02-17 00:05 - 00024576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ccdecode.sys
2016-03-21 15:56 - 2007-02-17 00:03 - 01452544 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ati2mtag.sys
2016-03-21 15:56 - 2007-02-17 00:03 - 00342016 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ati2dvag.dll
2016-03-21 15:56 - 2007-02-17 00:03 - 00329728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\binlsvc.dll
2016-03-21 15:56 - 2007-02-17 00:03 - 00326400 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ati2mpad.sys
2016-03-21 15:56 - 2007-02-17 00:03 - 00185088 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ati2drad.dll
2016-03-21 15:56 - 2007-02-17 00:03 - 00111104 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\arp1394.sys
2016-03-21 15:56 - 2007-02-17 00:03 - 00067968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\avc.sys
2016-03-21 15:56 - 2007-02-17 00:03 - 00026112 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bdaplgin.ax
2016-03-21 15:56 - 2007-02-17 00:03 - 00020864 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bdasup.sys
2016-03-21 15:56 - 2007-02-17 00:03 - 00018816 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\battc.sys
2016-03-21 15:56 - 2005-03-24 17:16 - 00023552 ____C (Eicon Networks Corporation) C:\Windows\System32\dllcache\diapi264.dll
2016-03-21 15:56 - 2005-03-24 17:14 - 00480256 ____C (Broadcom Corporation) C:\Windows\System32\dllcache\bcmwl564.sys
2016-03-21 15:56 - 2005-03-24 17:14 - 00147456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\brmfcwia.dll
2016-03-21 15:56 - 2005-03-24 17:14 - 00082944 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brmflpt.dll
2016-03-21 15:56 - 2005-03-24 17:14 - 00068608 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brmfusb.dll
2016-03-21 15:56 - 2005-03-24 17:14 - 00063488 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brmfrsmg.exe
2016-03-21 15:56 - 2005-03-24 17:14 - 00059904 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brserwdm.sys
2016-03-21 15:56 - 2005-03-24 17:14 - 00041984 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brparwdm.sys
2016-03-21 15:56 - 2005-03-24 17:14 - 00037376 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brevif.dll
2016-03-21 15:56 - 2005-03-24 17:14 - 00036352 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brmfbidi.dll
2016-03-21 15:56 - 2005-03-24 17:14 - 00035840 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brbidiif.dll
2016-03-21 15:56 - 2005-03-24 17:14 - 00022528 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bulltlp3.sys
2016-03-21 15:56 - 2005-03-24 17:14 - 00022016 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brfiltlo.sys
2016-03-21 15:56 - 2005-03-24 17:14 - 00019968 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brusbmdm.sys
2016-03-21 15:56 - 2005-03-24 17:14 - 00019456 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brusbscn.sys
2016-03-21 15:56 - 2005-03-24 17:14 - 00019456 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brcoinst.dll
2016-03-21 15:56 - 2005-03-24 17:14 - 00015360 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brserif.dll
2016-03-21 15:56 - 2005-03-24 17:14 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\breecemc.sys
2016-03-21 15:56 - 2005-03-24 17:14 - 00012800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\changer.sys
2016-03-21 15:56 - 2005-03-24 17:14 - 00008192 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brfiltup.sys
2016-03-21 15:56 - 2005-03-24 17:14 - 00007168 ____C (Brother Industries,Ltd.) C:\Windows\System32\dllcache\brscnrsm.dll
2016-03-21 15:56 - 2005-03-24 17:14 - 00007168 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brparimg.sys
2016-03-21 15:56 - 2005-03-24 17:14 - 00006656 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brfilt.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 03036032 ____C (ATI Technologies Inc. ) C:\Windows\System32\dllcache\ati3duag.dll
2016-03-21 15:56 - 2005-03-24 17:12 - 00568416 ____C (ATI Technologies Inc. ) C:\Windows\System32\dllcache\ativvaxx.dll
2016-03-21 15:56 - 2005-03-24 17:12 - 00340480 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ati2cqag.dll
2016-03-21 15:56 - 2005-03-24 17:12 - 00264704 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinevxx.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00192768 ____C (AVM GmbH) C:\Windows\System32\dllcache\b1cbase.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00191488 ____C (Broadcom Corporation) C:\Windows\System32\dllcache\b57amd64.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00188416 ____C (AVM GmbH) C:\Windows\System32\dllcache\avmcoxp.dll
2016-03-21 15:56 - 2005-03-24 17:12 - 00168960 ____C (AVM GmbH) C:\Windows\System32\dllcache\avmenum.dll
2016-03-21 15:56 - 2005-03-24 17:12 - 00104960 ____C (AVM GmbH) C:\Windows\System32\dllcache\avmcowan.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00101888 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinesxx.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00084992 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinraxx.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00080896 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinbtxx.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00073728 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atineuxx.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00040960 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinxbxx.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00036864 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinsnxx.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00036352 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativtmxx.dll
2016-03-21 15:56 - 2005-03-24 17:12 - 00033280 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativtmww.dll
2016-03-21 15:56 - 2005-03-24 17:12 - 00031744 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativmvxx.ax
2016-03-21 15:56 - 2005-03-24 17:12 - 00030720 ____C (AVM GmbH) C:\Windows\System32\dllcache\avmunet.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00023552 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativmvww.ax
2016-03-21 15:56 - 2005-03-24 17:12 - 00022144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\avcstrm.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00020992 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinpdxx.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00020480 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinmdxx.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00018944 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinttxx.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00018432 ____C (AVM GmbH) C:\Windows\System32\dllcache\avmc2064.dll
2016-03-21 15:56 - 2005-03-24 17:12 - 00013824 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\atlmc.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00013824 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativdaxx.ax
2016-03-21 15:56 - 2005-03-24 17:12 - 00009728 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativdaww.ax
2016-03-21 15:56 - 2005-03-24 17:11 - 00120832 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\aic78xx.sys
2016-03-21 15:56 - 2005-03-24 17:11 - 00117248 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\aic78u2.sys
2016-03-21 15:56 - 2005-03-24 17:11 - 00062464 ____C (Adaptec, Inc.) C:\Windows\System32\dllcache\arc.sys
2016-03-21 15:56 - 2005-03-24 17:11 - 00059392 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDFE.tmp
2016-03-21 15:56 - 2005-03-24 17:11 - 00053248 ____C (AMD) C:\Windows\System32\dllcache\amdac97.sys
2016-03-21 15:56 - 2005-03-24 17:11 - 00031744 ____C (Advanced Micro Devices (AMD), Inc.) C:\Windows\System32\dllcache\amd64n5.sys
2016-03-21 15:56 - 2005-03-24 17:11 - 00009216 ____C (Acer Laboratories Inc.) C:\Windows\System32\dllcache\aliide.sys
2016-03-21 15:56 - 2005-03-24 17:11 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\amdide.sys
2016-03-21 15:55 - 2015-03-16 23:35 - 04546048 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD81.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 02898944 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD7B.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 02663424 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD7E.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 02295808 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8A.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 02086400 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD8D.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00292864 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD75.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00292352 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD84.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00187392 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD78.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00179200 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD87.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00107520 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDB8.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00098304 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDAA.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00058880 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBB.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDEB.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDE8.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDE5.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDE2.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDDF.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDDC.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDD9.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDD6.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDD3.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDD0.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDCD.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD90.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00009728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD96.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD93.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD99.tmp
2016-03-21 15:55 - 2007-02-18 06:00 - 00004096 ____C (Agere Systems) C:\Windows\System32\dllcache\OLDC6.tmp
2016-03-21 15:55 - 2007-02-17 06:02 - 01163776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6E.tmp
2016-03-21 15:55 - 2007-02-17 00:03 - 00056320 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\agp440.sys
2016-03-21 15:55 - 2007-02-17 00:02 - 00080384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\1394bus.sys
2016-03-21 15:55 - 2007-02-17 00:02 - 00078080 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\61883.sys
2016-03-21 15:55 - 2007-02-17 00:02 - 00052224 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDA7.tmp
2016-03-21 15:55 - 2006-08-30 19:20 - 00254005 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD72.tmp
2016-03-21 15:55 - 2005-03-24 17:11 - 01127424 ____C (Agere Systems) C:\Windows\System32\dllcache\agrsm64.sys
2016-03-21 15:55 - 2005-03-24 17:11 - 00246784 ____C (Adaptec, Inc.) C:\Windows\System32\dllcache\adpu320.sys
2016-03-21 15:55 - 2005-03-24 17:11 - 00188928 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\aec.sys
2016-03-21 15:55 - 2005-03-24 17:11 - 00182272 ____C (Intel Corporation) C:\Windows\System32\dllcache\ac97intc.sys
2016-03-21 15:55 - 2005-03-24 17:11 - 00160256 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\adpu160m.sys
2016-03-21 15:55 - 2005-03-24 17:11 - 00093696 ____C (VIA Technologies, Inc.) C:\Windows\System32\dllcache\ac97via.sys
2016-03-21 15:55 - 2005-03-24 17:11 - 00059392 ____C (Adaptec, Inc ) C:\Windows\System32\dllcache\adptsf50.sys
2016-03-21 15:55 - 2005-03-24 17:11 - 00018432 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\4mmdat.sys
2016-03-21 15:55 - 2005-03-24 17:11 - 00014336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\adicvls.sys
2016-03-21 15:55 - 2005-03-24 17:11 - 00014336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\adicsc.sys
2016-03-21 15:55 - 2005-03-24 17:11 - 00009728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDBF.tmp
2016-03-21 15:55 - 2005-03-24 17:11 - 00004608 ____C (Agere Systems) C:\Windows\System32\dllcache\agrsco64.dll
2016-03-21 15:54 - 2016-03-21 16:09 - 00000000 ____D C:\WINDOWS\LastGood
2016-03-21 15:54 - 2007-02-18 06:00 - 01675776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4E.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 01058304 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD51.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00454656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD18.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00391168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDC.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00389120 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD48.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00297984 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD1B.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00291328 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLDF.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00230400 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD42.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00217088 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD4B.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00169984 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD12.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00141824 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD45.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00131072 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD27.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00116736 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD1E.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00102912 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD24.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00102400 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD63.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00102400 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD15.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00099328 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD2D.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00082944 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD2A.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00077824 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD21.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00072192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD60.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00067584 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD66.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00067584 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00059904 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD30.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00048128 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD9.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00040448 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3F.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00022016 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD54.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00022016 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD33.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD57.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00017408 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5A.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00015872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD36.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00012800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD5D.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD39.tmp
2016-03-21 15:54 - 2007-02-18 06:00 - 00005632 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD3C.tmp
2016-03-21 15:54 - 2007-02-17 06:02 - 01160704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\OLD6A.tmp
2016-03-21 11:18 - 2016-03-21 11:18 - 00000384 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2016-03-21 11:10 - 2015-12-08 21:39 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-03-21 11:04 - 2016-03-21 11:04 - 00001945 _____ C:\WINDOWS\epplauncher.mif
2016-03-21 11:04 - 2016-03-21 11:04 - 00001740 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials Prerelease.lnk
2016-03-21 11:04 - 2016-03-21 11:04 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-03-21 11:04 - 2016-03-21 11:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-03-21 10:08 - 2016-03-21 10:57 - 00000000 ____D C:\Program Files\SanityCheck
2016-03-21 10:08 - 2016-03-21 10:57 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\SanityCheck
2016-03-21 10:00 - 2016-03-21 10:00 - 00000000 ____D C:\Program Files\stinger
2016-03-21 09:59 - 2016-03-21 10:00 - 00103460 _____ C:\TDSSKiller.3.1.0.9_21.03.2016_09.59.44_log.txt
2016-03-21 09:53 - 2016-03-21 09:55 - 00395648 _____ C:\TDSSKiller.3.1.0.9_21.03.2016_09.53.30_log.txt
2016-03-21 09:50 - 2016-03-21 09:51 - 00104264 _____ C:\TDSSKiller.3.1.0.9_21.03.2016_09.50.24_log.txt
2016-03-02 17:53 - 2016-03-02 17:53 - 00137320 _____ C:\WINDOWS\Minidump\Mini030216-03.dmp
2016-03-02 17:19 - 2016-03-02 17:19 - 00000000 ____D C:\Quarantine
2016-03-02 16:24 - 2016-03-02 16:24 - 00137320 _____ C:\WINDOWS\Minidump\Mini030216-02.dmp
2016-03-02 16:13 - 2016-03-02 16:13 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-03-02 16:02 - 2016-03-02 16:02 - 00137320 _____ C:\WINDOWS\Minidump\Mini030216-01.dmp
2016-03-02 10:48 - 2016-03-02 10:49 - 00106010 _____ C:\TDSSKiller.3.1.0.9_02.03.2016_09.48.38_log.txt
2016-03-01 18:34 - 2016-03-01 18:38 - 18281751 _____ C:\WINDOWS\SysWOW64\U1.exe
2016-03-01 16:35 - 2016-03-01 16:35 - 00021756 _____ C:\Documents and Settings\Administrator.SPARTEK\My Documents\esetvirusscanMar012016.txt
2016-03-01 15:45 - 2016-03-01 15:45 - 00000000 ____D C:\Program Files (x86)\ESET
2016-03-01 14:12 - 2016-03-21 11:00 - 00318152 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
2016-03-01 11:30 - 2016-03-01 11:30 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Sophos
2016-03-01 11:29 - 2016-03-01 11:29 - 00000000 ____D C:\Program Files (x86)\Sophos
2016-03-01 11:29 - 2016-03-01 11:29 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Sophos
2016-03-01 11:13 - 2016-03-01 11:13 - 00000000 __SHD C:\Documents and Settings\Administrator\IETldCache
2016-03-01 11:12 - 2016-03-21 10:00 - 00321096 _____ C:\WINDOWS\ntbtlog.txt
2016-03-01 10:59 - 2016-03-21 13:44 - 00000000 ____D C:\virus
2016-03-01 10:46 - 2016-03-01 11:08 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\HitmanPro
2016-03-01 10:21 - 2016-03-01 10:31 - 00000000 ____D C:\AdwCleaner
2016-03-01 08:28 - 2016-03-01 08:28 - 00000000 ____D C:\Program Files (x86)\GoogelTalk
2016-02-29 22:57 - 2016-03-21 16:34 - 00000218 _____ C:\WINDOWS\Tasks\45645.job
2016-02-29 22:56 - 2007-02-18 06:00 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\p.exe
2016-02-29 15:57 - 2016-02-29 15:57 - 00040382 _____ C:\Documents and Settings\Administrator.SPARTEK\Desktop\Test Page.pdf
2016-02-29 15:57 - 2016-02-29 15:57 - 00000000 ____D C:\Documents and Settings\Administrator.SPARTEK\Application Data\PDF Writer
2016-02-29 15:56 - 2016-03-01 11:11 - 00065536 _____ C:\WINDOWS\system32\config\Bullzip PDF Printer.evt
2016-02-29 15:56 - 2016-02-29 15:56 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Bullzip
2016-02-29 15:56 - 2016-02-29 15:56 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\PDF Writer
2016-02-29 15:56 - 2014-11-19 11:45 - 00228352 _____ (Bullzip) C:\WINDOWS\SysWOW64\bzFlRdr.dll
2016-02-29 15:56 - 2013-09-01 04:59 - 01103872 _____ C:\WINDOWS\SysWOW64\CBLCtlsU.ocx
2016-02-29 15:56 - 2013-07-13 04:15 - 00805376 _____ C:\WINDOWS\SysWOW64\EditCtlsU.ocx
2016-02-29 15:56 - 2013-07-12 14:57 - 00539648 _____ C:\WINDOWS\SysWOW64\LblCtlsU.ocx
2016-02-29 15:56 - 2013-04-05 05:55 - 00476160 _____ C:\WINDOWS\SysWOW64\TabStripCtlU.ocx
2016-02-29 15:56 - 2013-03-28 15:13 - 00645632 _____ C:\WINDOWS\SysWOW64\BtnCtlsU.ocx
2016-02-29 15:56 - 2013-03-03 06:37 - 01061888 _____ C:\WINDOWS\SysWOW64\ExLvwU.ocx
2016-02-29 15:56 - 2008-07-09 11:45 - 00103424 _____ (Bullzip) C:\WINDOWS\SysWOW64\bzDCT.dll
2016-02-29 15:42 - 2016-02-29 15:56 - 00000000 ____D C:\Program Files\Bullzip
2016-02-29 15:19 - 2016-02-29 15:46 - 00000000 ____D C:\Program Files\gs
2016-02-29 15:16 - 2016-02-29 15:56 - 00000000 ____D C:\Program Files\Common Files\Bullzip
2016-02-29 15:14 - 2016-02-29 15:14 - 00000000 ____D C:\Program Files (x86)\gs
2016-02-23 23:12 - 2016-02-23 23:12 - 00000000 __SHD C:\Documents and Settings\Default User\IETldCache
2016-02-23 03:17 - 2016-03-21 16:34 - 00000272 _____ C:\WINDOWS\Tasks\gm.job

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-21 16:33 - 2010-06-30 14:43 - 00000000 ____D C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Temp
2016-03-21 16:18 - 2010-06-30 14:42 - 00000112 _____ C:\WINDOWS\system32\config\netlogon.ftl
2016-03-21 16:09 - 2010-06-30 04:43 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2016-03-21 15:37 - 2010-06-30 11:14 - 00032510 _____ C:\WINDOWS\Tasks\SchedLgU.Txt
2016-03-21 15:35 - 2010-10-16 06:12 - 00001026 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2266730830-467084628-1831518713-500UA.job
2016-03-21 15:19 - 2010-06-30 11:14 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Temp
2016-03-21 14:53 - 2010-06-30 04:50 - 00695952 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-21 14:35 - 2010-10-16 06:12 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2266730830-467084628-1831518713-500Core.job
2016-03-21 11:15 - 2010-06-30 04:43 - 00000000 ____D C:\WINDOWS\security
2016-03-21 11:09 - 2010-06-30 04:49 - 00000000 ____D C:\Documents and Settings\All Users
2016-03-21 11:08 - 2010-07-13 15:16 - 00000000 ____D C:\FLEXlm
2016-03-21 11:08 - 2010-06-30 11:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-21 11:07 - 2010-06-30 14:43 - 00000178 ___SH C:\Documents and Settings\Administrator.SPARTEK\ntuser.ini
2016-03-21 11:04 - 2010-06-30 04:43 - 00000000 ____D C:\WINDOWS\inf
2016-03-21 10:01 - 2010-06-30 12:09 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2016-03-21 09:52 - 2007-02-18 06:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-03-21 07:03 - 2010-07-06 14:24 - 00000276 _____ C:\WINDOWS\Tasks\backuptofileserver.job
2016-03-21 07:03 - 2010-07-06 13:48 - 00000000 ____D C:\SQLBackup
2016-03-09 04:04 - 2013-07-31 10:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-09 04:00 - 2010-07-12 14:58 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-02 17:53 - 2010-07-29 13:57 - 00000000 ____D C:\WINDOWS\Minidump
2016-03-02 17:53 - 2010-06-30 04:43 - 163893248 _____ C:\WINDOWS\MEMORY.DMP
2016-03-02 17:50 - 2011-07-14 14:26 - 00524288 _____ C:\WINDOWS\system32\config\MAPPSLog.evt
2016-03-02 16:01 - 2014-01-28 19:36 - 00380416 _____ C:\Documents and Settings\Administrator.SPARTEK\Desktop\gmer.exe
2016-03-01 16:35 - 2010-06-30 14:43 - 00000000 ___RD C:\Documents and Settings\Administrator.SPARTEK\My Documents
2016-03-01 11:13 - 2010-06-30 12:09 - 00000000 ____D C:\Documents and Settings\Administrator
2016-03-01 11:05 - 2010-06-30 04:49 - 00000000 ____D C:\Documents and Settings
2016-02-29 22:59 - 2010-06-30 04:43 - 00000000 ____D C:\WINDOWS\SysWOW64\ias
2016-02-29 22:55 - 2010-06-30 04:43 - 00000000 ____D C:\WINDOWS\SysWOW64\1025
2016-02-23 23:12 - 2010-06-30 04:49 - 00000000 ___HD C:\Documents and Settings\Default User
2016-02-22 15:42 - 2010-07-12 15:37 - 00002410 _____ C:\Documents and Settings\Administrator.SPARTEK\Start Menu\Programs\Google Chrome.lnk
2016-02-22 15:42 - 2010-07-12 15:37 - 00002404 _____ C:\Documents and Settings\Administrator.SPARTEK\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2015-02-05 22:20 - 2015-02-05 22:20 - 0000000 _____ () C:\Program Files (x86)\GUM6F.tmp
2016-03-01 14:36 - 2016-03-01 14:36 - 0249638 _____ () C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\ars.cache
2016-03-01 14:37 - 2016-03-01 14:37 - 0538295 _____ () C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\census.cache
2016-03-01 14:12 - 2016-03-01 14:12 - 0000036 _____ () C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\housecall.guid.cache

Some files in TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\Temp\keystone.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\nvAppBar.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\nview.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\nView64.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\nViewSetup.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\nvnt4cpl.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\nvShell.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\nvTaskBar.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\nvwdmcpl.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\nvwimg.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\nvwimg64.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSAR.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSCS.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSDA.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSDE.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSEL.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSENG.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSENU.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSES.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSESM.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSFI.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSFR.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSHE.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSHU.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSIT.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSJA.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSKO.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSNL.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSNO.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSPL.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSPT.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSPTB.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSRU.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSSK.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSSL.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSSV.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSTH.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSTR.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSZHC.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSZHT.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\nwiz.exe
C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Temp\hdinst_x64.exe
C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Temp\HitmanPro.exe
C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Temp\JJLWX.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe IS MISSING <==== ATTENTION
C:\WINDOWS\SysWOW64\wininit.exe IS MISSING <==== ATTENTION
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION


ATTENTION: ==> Could not access BCD.

==================== End of FRST.txt ============================

 



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:45 PM

Posted 26 March 2016 - 03:12 PM

Greetings martinswain and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. I apologize for the delay but it is because we don't normally work on Server 2003 computers and so we are less familiar with what is normal on your system than the other systems we deal with.

Before I try to tackle the information you provided I would just like to make sure you are still desirous of help.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#3 martinswain

martinswain
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:45 PM

Posted 29 March 2016 - 10:24 AM

Hi Gary, thanks for your response. Yes I am still interested in your help. You can call me Martin. Sorry for the delay responding, I was away for the Easter holiday.

 

I have an update on the status of my machine. I discovered an extra admin account, which I deleted. There were also a couple scheduled jobs that pertained to the virus activity, and I deleted those as well. The main virus has not downloaded itself since, however, the folder(s) that contains it in the Windows\temp folder still reappears as soon as I delete them, as does a copy of a program called istt.exe, which appears to be 7 zip. There is also a zip file called igg.zip. I can't open it to view the contents, it says it's corrupt. The folders are called mst, gthrsvc, and there is a new once called 7zs66.tmp. All the folders are empty. There are also 2 text files, called dvft.log and dw.log, which I assume are also associated with the virus activity, since the timestamps appear to correspond to download events. 

 

Thanks & Regards,

 

Martin



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:45 PM

Posted 29 March 2016 - 01:16 PM

Hi Martin,

I would like you to run a fresh FRST scan and make sure to check Addition.txt. Copy and paste both reports in your reply.

I will tell you from the outset I am very timid and cautious when dealing with Server Operating Systems. Partly because they are servers but mainly because the output from the tools we use are geared more toward non-server systems. So the position we find ourselves in is trying to determine which errors or warnings are legitimate and which are not. In other words a file FRST automatically looks for on a normal Operating System may not exist on your server version and therefore the program will throw an error to alert us to that fact. It is a little bit like taking a baseball rule book and trying to make that work for a softball game. Similar but not the same.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#5 martinswain

martinswain
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:45 PM

Posted 29 March 2016 - 03:10 PM

Hi Gary,
  Here is the frst.txt file. I have attached the addition.txt file. Don't worry if we can't clean this up, if that happens I'll just have to reimage my server. I'd rather not do that, it's a pretty big job, but if it comes to that then that's what I'll have to do.
 
Thank you,
 
Martin
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Administrator (administrator) on SERVER10 (29-03-2016 14:08:05)
Running from C:\Documents and Settings\Administrator.SPARTEK\My Documents\Downloads
Loaded Profiles: Administrator (Available Profiles: Administrator & Administrator)
Platform: Microsoft Windows Server 2003 R2 Service Pack 2 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
Failed to access process -> smss.exe
Failed to access process -> avgrsa.exe
Failed to access process -> avgcsrva.exe
Failed to access process -> csrss.exe
Failed to access process -> winlogon.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> nvsvc64.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> MsMpEng.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> spoolsv.exe
Failed to access process -> msdtc.exe
Failed to access process -> avgidsagent.exe
Failed to access process -> avgwdsvc.exe
Failed to access process -> svchost.exe
Failed to access process -> lmgrd.exe
Failed to access process -> sqlservr.exe
Failed to access process -> sqlservr.exe
Failed to access process -> svchost.exe
Failed to access process -> mssearch.exe
Failed to access process -> OcsService.exe
Failed to access process -> metrowks.exe
Failed to access process -> sqlagent.exe
Failed to access process -> wmiprvse.exe
Failed to access process -> wmiprvse.exe
Failed to access process -> sqlagent.EXE
Failed to access process -> svchost.exe
Failed to access process -> alg.exe
Failed to access process -> explorer.exe
Failed to access process -> rundll32.exe
Failed to access process -> svchost.exe
Failed to access process -> NetTime.exe
Failed to access process -> msseces.exe
Failed to access process -> ctfmon.exe
Failed to access process -> ctfmon.exe
Failed to access process -> avgui.exe
Failed to access process -> SvrMgr.exe
Failed to access process -> sqlmangr.exe
Failed to access process -> mmc.exe
Failed to access process -> spxSvr.exe
Failed to access process -> spxComms.exe
Failed to access process -> spxComms.exe
Failed to access process -> chrome.exe
Failed to access process -> chrome.exe
Failed to access process -> chrome.exe
Failed to access process -> chrome.exe
Failed to access process -> FRST64 (1).exe
Failed to access process -> chrome.exe
Failed to access process -> chrome.exe
Failed to access process -> notepad.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [nettime] => c:\program files (x86)\nettime\nettime.exe [3217501 2000-11-12] (Subjective Software)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1334920 2015-04-02] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4431848 2015-12-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Winlogon: [Userinit] userinit [X]
Winlogon\Notify\crypt32chain: C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
Winlogon\Notify\ScCertProp: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\Schedule: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\sclgntfy: C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation)
Winlogon\Notify\SensLogn: C:\WINDOWS\system32\WlNotify.dll (Microsoft Corporation)
Winlogon\Notify\termsrv: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\wlballoon: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\crypt32chain: C:\WINDOWS\SysWOW64\crypt32.dll [2015-06-26] (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINDOWS\SysWOW64\cryptnet.dll [2007-02-18] (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINDOWS\SysWOW64\cscdll.dll [2007-02-18] (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINDOWS\SysWOW64\dimsntfy.dll [2007-02-18] (Microsoft Corporation)
Winlogon\Notify\EFS: C:\WINDOWS\SysWOW64\sclgntfy.dll [2007-02-18] (Microsoft Corporation)
Winlogon\Notify\ScCertProp-x32: wlnotify.dll [X]
Winlogon\Notify\Schedule-x32: wlnotify.dll [X]
Winlogon\Notify\sclgntfy: C:\WINDOWS\SysWOW64\sclgntfy.dll [2007-02-18] (Microsoft Corporation)
Winlogon\Notify\SensLogn-x32: WlNotify.dll [X]
Winlogon\Notify\wlballoon-x32: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [ShowSuperHidden] 1
HKLM\...\Command Processor:  <======= ATTENTION
HKLM-x32\...\Command Processor: C:\windows\Ouie.exe <======= ATTENTION
HKU\S-1-5-19\...\RunOnce: [tscuninstall] => C:\Windows\system32\tscupgrd.exe [62464 2007-02-18] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [tscuninstall] => C:\Windows\system32\tscupgrd.exe [62464 2007-02-18] (Microsoft Corporation)
HKU\S-1-5-21-2266730830-467084628-1831518713-500\...\Run: [ctfmon.exe] => C:\WINDOWS\system32\ctfmon.exe [20992 2007-02-18] (Microsoft Corporation)
HKU\S-1-5-21-2266730830-467084628-1831518713-500\...\Run: [AVG-Secure-Search-Update_0216pit] => C:\Documents and Settings\All Users\Application Data\Avg_Update_0216pit\AVG-Secure-Search-Update_0216pit.exe [2859592 2016-02-16] ()
HKU\S-1-5-21-2266730830-467084628-1831518713-500\...\MountPoints2: {dad3c7fa-e3ae-11df-a955-0010b576043c} - I:\LaunchU3.exe -a
HKU\S-1-5-18\...\RunOnce: [tscuninstall] => C:\Windows\system32\tscupgrd.exe [62464 2007-02-18] (Microsoft Corporation)
IFEO\Your Image File Name Here without a path: [Debugger] ntsd -d
Lsa: [Notification Packages] RASSFM KDCSVC WDIGEST scecli
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
SSODL-x32: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\syswow64\SHELL32.dll (Microsoft Corporation)
SSODL-x32: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\syswow64\SHELL32.dll (Microsoft Corporation)
SSODL-x32: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\SysWOW64\stobject.dll (Microsoft Corporation)
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [10512384 2015-02-18] (Microsoft Corporation)
ShellExecuteHooks-x32: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\SysWOW64\shell32.dll [8363008 2015-02-18] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Centaur Service Manager.lnk [2010-07-12]
ShortcutTarget: Centaur Service Manager.lnk -> C:\Program Files (x86)\CDVI Group\Centaur\Centaur Server\SvrMgr.exe (CDVI Group)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk [2010-07-12]
ShortcutTarget: Service Manager.lnk -> C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /sync /restart
GroupPolicyScripts: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 03 C:\WINDOWS\SysWOW64\mswsock.dll [233472 2011-03-03] (Microsoft Corporation)ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 03 C:\Windows\System32\mswsock.dll [492544 2011-03-03] (Microsoft Corporation)ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\..\Interfaces\{82BD85A5-18AC-4272-85A4-D76E6299825D}: [NameServer] 10.0.0.31
Tcpip\..\Interfaces\{BAD3DD07-AE5A-40FC-A9E9-509712A9529A}: [NameServer] 10.0.0.97
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2266730830-467084628-1831518713-500\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2266730830-467084628-1831518713-500\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKU\S-1-5-21-2266730830-467084628-1831518713-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2266730830-467084628-1831518713-500 -> &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll [2007-02-18] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2266730830-467084628-1831518713-500 -> &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll [2015-02-18] (Microsoft Corporation)
DPF: HKLM-x32 {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1277936283412
Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll [2015-06-16] (Microsoft Corporation)
Filter-x32: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\syswow64\urlmon.dll [2015-06-16] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2015-06-16] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\syswow64\urlmon.dll [2015-06-16] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2015-06-16] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\syswow64\urlmon.dll [2015-06-16] (Microsoft Corporation)
Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2015-06-16] (Microsoft Corporation)
Filter-x32: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\syswow64\urlmon.dll [2015-06-16] (Microsoft Corporation)
Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll [2015-02-18] (Microsoft Corporation)
Filter-x32: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\syswow64\SHELL32.dll [2015-02-18] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator.SPARTEK\Application Data\Mozilla\Firefox\Profiles\2vdc7u47.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://start.mozilla.org/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2266730830-467084628-1831518713-500: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-2266730830-467084628-1831518713-500: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-12-18] (Adobe Systems Inc.)
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Administrator.SPARTEK\Application Data\Mozilla\Firefox\Profiles\2vdc7u47.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-02-17] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-03-12] [not signed]
 
Chrome: 
=======
CHR Plugin: (Native Client) - C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Chrome\Application\48.0.2564.116\gcswf32.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-19]
CHR Extension: (Store) - C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-29]
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-19]
StartMenuInternet: chrome.exe - C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AeLookupSvc; C:\WINDOWS\SysWOW64\aelupsvc.dll [26624 2007-02-18] (Microsoft Corporation)
S4 Alerter; C:\Windows\system32\alrsvc.dll [29696 2007-02-18] (Microsoft Corporation)
S4 AudioSrv; C:\WINDOWS\SysWOW64\audiosrv.dll [41472 2007-02-18] (Microsoft Corporation)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4948456 2015-10-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
S2 Browser; C:\WINDOWS\SysWOW64\browser.dll [78336 2012-09-12] (Microsoft Corporation)
S4 ClipSrv; C:\Windows\system32\clipsrv.exe [49664 2007-02-18] (Microsoft Corporation)
S4 ClipSrv; C:\WINDOWS\SysWOW64\clipsrv.exe [32256 2007-02-18] (Microsoft Corporation)
S3 Dfs; C:\Windows\system32\Dfssvc.exe [321024 2007-02-18] (Microsoft Corporation)
S3 Dfs; C:\WINDOWS\SysWOW64\Dfssvc.exe [164864 2007-02-18] (Microsoft Corporation)
S3 dmadmin; C:\Windows\System32\dmadmin.exe [399872 2007-02-18] (Microsoft Corporation)
R2 dmserver; C:\Windows\System32\dmserver.dll [37376 2007-02-18] (Microsoft Corporation)
R2 Dnscache; C:\WINDOWS\SysWOW64\dnsrslvr.dll [45568 2011-03-03] (Microsoft Corporation)
R2 ERSvc; C:\Windows\System32\ersvc.dll [31744 2007-02-18] (Microsoft Corporation)
R2 Eventlog; C:\Windows\system32\services.exe [227840 2009-03-19] (Microsoft Corporation)
R2 FLEXlm Service 1; C:\FLEXlm\lmgrd.exe [609280 2003-01-20] (Macrovision Corporation) [File not signed]
R2 helpsvc; C:\Windows\PCHealth\HelpCtr\Binaries\pchsvc.dll [77312 2007-02-18] (Microsoft Corporation)
S3 HTTPFilter; C:\Windows\System32\w3ssl.dll [21504 2007-02-18] (Microsoft Corporation)
S3 HTTPFilter; C:\WINDOWS\SysWOW64\w3ssl.dll [15360 2007-02-18] (Microsoft Corporation)
S3 IASJet; C:\Windows\SysWOW64\iasrecst.dll [162816 2007-02-18] (Microsoft Corporation)
S4 ImapiService; C:\WINDOWS\system32\imapi.exe [265728 2007-02-18] (Microsoft Corporation)
S4 IsmServ; C:\Windows\System32\ismserv.exe [60416 2007-02-18] (Microsoft Corporation)
S4 IsmServ; C:\WINDOWS\SysWOW64\ismserv.exe [40448 2007-02-18] (Microsoft Corporation)
S4 kdc; C:\Windows\System32\lsass.exe [14336 2007-02-18] (Microsoft Corporation)
S4 LicenseService; C:\Windows\System32\llssrv.exe [191488 2007-02-18] (Microsoft Corporation)
S4 LicenseService; C:\WINDOWS\SysWOW64\llssrv.exe [94720 2007-02-18] (Microsoft Corporation)
R2 LmHosts; C:\WINDOWS\SysWOW64\lmhsvc.dll [19968 2007-02-18] (Microsoft Corporation)
S4 MAPPSService; c:\MAPPSService\bin\Debug\MAPPSService.exe [54784 2012-02-17] (Spartek Systems) [File not signed]
S4 Messenger; C:\Windows\System32\msgsvc.dll [57344 2007-02-18] (Microsoft Corporation)
S4 mnmsrvc; C:\WINDOWS\SysWOW64\mnmsrvc.exe [32768 2007-02-18] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23792 2015-04-02] (Microsoft Corporation)
R2 MSSEARCH; C:\Program Files (x86)\Common Files\System\MSSearch\Bin\mssearch.exe [69632 2002-12-04] (Microsoft Corporation) [File not signed]
R2 MSSQL$SERVER10DB; C:\Program Files (x86)\Microsoft SQL Server\MSSQL$SERVER10DB\Binn\sqlservr.exe [7520337 2002-12-17] (Microsoft Corporation) [File not signed]
R2 MSSQLSERVER; C:\Program Files (x86)\Microsoft SQL ServerMSSQL\Binn\sqlservr.exe [7520337 2002-12-17] (Microsoft Corporation) [File not signed]
S3 MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation) [File not signed]
S4 NetDDE; C:\Windows\system32\netdde.exe [160768 2007-02-18] (Microsoft Corporation)
S4 NetDDE; C:\WINDOWS\SysWOW64\netdde.exe [110080 2007-02-18] (Microsoft Corporation)
S4 NetDDEdsdm; C:\Windows\system32\netdde.exe [160768 2007-02-18] (Microsoft Corporation)
S4 NetDDEdsdm; C:\WINDOWS\SysWOW64\netdde.exe [110080 2007-02-18] (Microsoft Corporation)
R3 Netman; C:\WINDOWS\SysWOW64\netman.dll [263680 2007-02-18] (Microsoft Corporation)
R3 Nla; C:\Windows\System32\mswsock.dll [492544 2011-03-03] (Microsoft Corporation)
R3 Nla; C:\WINDOWS\SysWOW64\mswsock.dll [233472 2011-03-03] (Microsoft Corporation)
S3 NtFrs; C:\Windows\system32\ntfrs.exe [1158144 2007-02-18] (Microsoft Corporation)
S3 NtFrs; C:\WINDOWS\SysWOW64\ntfrs.exe [792064 2007-02-18] (Microsoft Corporation)
R3 NtLmSsp; C:\Windows\system32\lsass.exe [14336 2007-02-18] (Microsoft Corporation)
S3 NtmsSvc; C:\Windows\system32\ntmssvc.dll [794112 2007-02-18] (Microsoft Corporation)
R2 nvsvc; C:\Windows\system32\nvsvc64.exe [153600 2007-12-05] (NVIDIA Corporation)
R2 OCS Inventory Service; C:\Program Files (x86)\OCS Inventory Agent\OcsService.exe [35840 2011-10-18] (OCS Inventory NG) [File not signed]
R2 PlugPlay; C:\Windows\system32\services.exe [227840 2009-03-19] (Microsoft Corporation)
R2 PolicyAgent; C:\Windows\system32\lsass.exe [14336 2007-02-18] (Microsoft Corporation)
S3 RasAuto; C:\WINDOWS\SysWOW64\rasauto.dll [91648 2007-02-18] (Microsoft Corporation)
R3 RasMan; C:\WINDOWS\SysWOW64\rasmans.dll [181760 2007-02-18] (Microsoft Corporation)
S3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [212480 2007-02-18] (Microsoft Corporation)
R2 RemoteRegistry; C:\WINDOWS\SysWOW64\regsvc.dll [69120 2007-02-18] (Microsoft Corporation)
S3 RSoPProv; C:\Windows\system32\RSoPProv.exe [103424 2007-02-18] (Microsoft Corporation)
S3 RSoPProv; C:\WINDOWS\SysWOW64\RSoPProv.exe [67072 2007-02-18] (Microsoft Corporation)
S3 sacsvr; C:\Windows\system32\sacsvr.dll [16896 2007-02-18] (Microsoft Corporation)
S3 SCardSvr; C:\Windows\System32\SCardSvr.exe [166400 2007-02-18] (Microsoft Corporation)
S3 SCardSvr; C:\WINDOWS\SysWOW64\SCardSvr.exe [90112 2007-02-18] (Microsoft Corporation)
R2 Schedule; C:\WINDOWS\SysWOW64\schedsvc.dll [202240 2007-02-18] (Microsoft Corporation)
R2 seclogon; C:\WINDOWS\SysWOW64\seclogon.dll [18432 2007-02-18] (Microsoft Corporation)
R2 SQLAgent$SERVER10DB; C:\Program Files (x86)\Microsoft SQL Server\MSSQL$SERVER10DB\Binn\sqlagent.exe [311872 2002-12-17] (Microsoft Corporation) [File not signed]
R2 SQLSERVERAGENT; C:\Program Files (x86)\Microsoft SQL ServerMSSQL\Binn\sqlagent.EXE [311872 2002-12-17] (Microsoft Corporation) [File not signed]
S4 stisvc; C:\WINDOWS\SysWOW64\wiaservc.dll [348160 2007-02-18] (Microsoft Corporation)
S2 SysmonLog; C:\Windows\system32\smlogsvc.exe [133120 2007-02-18] (Microsoft Corporation)
S2 SysmonLog; C:\WINDOWS\SysWOW64\smlogsvc.exe [96256 2007-02-18] (Microsoft Corporation)
S4 TlntSvr; C:\WINDOWS\system32\tlntsvr.exe [113152 2007-02-18] (Microsoft Corporation)
S4 TrkSvr; C:\Windows\system32\trksvr.dll [86528 2007-02-18] (Microsoft Corporation)
S4 TrkSvr; C:\WINDOWS\SysWOW64\trksvr.dll [50688 2007-02-18] (Microsoft Corporation)
R2 TrkWks; C:\WINDOWS\SysWOW64\trkwks.dll [86528 2007-02-18] (Microsoft Corporation)
S4 Tssdis; C:\Windows\System32\tssdis.exe [99840 2007-02-18] (Microsoft Corporation)
S3 UMWdf; C:\WINDOWS\system32\wdfmgr.exe [62976 2007-02-18] (Microsoft Corporation)
S3 UMWdf; C:\WINDOWS\SysWOW64\wdfmgr.exe [39424 2007-02-18] (Microsoft Corporation)
S3 UPS; C:\Windows\System32\ups.exe [34816 2007-02-18] (Microsoft Corporation)
S3 UPS; C:\WINDOWS\SysWOW64\ups.exe [16896 2007-02-18] (Microsoft Corporation)
R2 W32Time; C:\WINDOWS\SysWOW64\w32time.dll [227328 2007-02-18] (Microsoft Corporation)
S3 WmdmPmSN; C:\WINDOWS\SysWOW64\mspmsnsv.dll [25088 2007-02-18] (Microsoft Corporation)
S3 Wmi; C:\Windows\System32\advapi32.dll [1066496 2015-06-27] (Microsoft Corporation)
S3 Wmi; C:\WINDOWS\SysWOW64\advapi32.dll [620032 2015-06-27] (Microsoft Corporation)
R2 wuauserv; C:\WINDOWS\system32\wuauserv.dll [12288 2007-02-18] (Microsoft Corporation)
R2 WZCSVC; C:\Windows\System32\wzcsvc.dll [659968 2007-02-18] (Microsoft Corporation)
R2 WZCSVC; C:\WINDOWS\SysWOW64\wzcsvc.dll [489472 2007-02-18] (Microsoft Corporation)
S3 xmlprov; C:\Windows\System32\xmlprov.dll [326144 2007-02-18] (Microsoft Corporation)
S3 xmlprov; C:\WINDOWS\SysWOW64\xmlprov.dll [131584 2007-02-18] (Microsoft Corporation)
S4 Windows Test 5.0; C:\Program Files\dwzjiw\svchost.exe [X]
S3 WinHttpAutoProxySvc; winhttp.dll [X]
S4 Wsemig makcsysy; C:\Program Files (x86)\Microsoft Nwygpp\Ujqubpd.exe [X]
S4 Wsmwum aqucwsqw; C:\Program Files (x86)\Microsoft Gaeccg\Yiysqmy.exe [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 Abiosdsk; no ImagePath
S4 ACPIEC; C:\Windows\System32\Drivers\ACPIEC.sys [18432 2007-02-18] (Microsoft Corporation)
S4 adpu160m; no ImagePath
S4 adpu320; no ImagePath
S4 aic78u2; no ImagePath
S4 aic78xx; no ImagePath
R2 aksdf; C:\Windows\System32\DRIVERS\aksdf.sys [65024 2006-12-13] (Aladdin Knowledge Systems Ltd.) [File not signed]
S4 AliIde; no ImagePath
S4 AmdIde; no ImagePath
S4 arc; no ImagePath
S4 Atdisk; no ImagePath
S3 Atmarpc; C:\Windows\System32\DRIVERS\atmarpc.sys [106496 2007-02-18] (Microsoft Corporation)
R3 audstub; C:\Windows\System32\DRIVERS\audstub.sys [5632 2005-03-24] (Microsoft Corporation)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [158160 2015-05-21] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [209720 2014-11-03] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360400 2015-05-21] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [204704 2015-07-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R2 CdaC15BA; C:\Windows\System32\DRIVERS\CdaC15BA.sys [13312 2007-02-18] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
R2 CdaD10BA; C:\Windows\System32\DRIVERS\CdaD10BA.sys [13312 2007-02-18] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S1 Changer; no ImagePath
S4 ClusDisk; C:\Windows\System32\DRIVERS\ClusDisk.sys [112640 2007-02-18] (Microsoft Corporation)
S4 CmdIde; no ImagePath
S4 cpqcissm; no ImagePath
R0 DfsDriver; C:\Windows\System32\drivers\Dfs.sys [52736 2007-02-18] (Microsoft Corporation)
S4 dmboot; C:\Windows\System32\drivers\dmboot.sys [415232 2007-02-18] (Microsoft Corporation)
R0 dmio; C:\Windows\System32\drivers\dmio.sys [244224 2007-02-18] (Microsoft Corporation)
R0 dmload; C:\Windows\System32\drivers\dmload.sys [9216 2007-02-18] (Microsoft Corporation)
S4 dpti2o; no ImagePath
S4 elxstor; no ImagePath
R1 Fips; C:\Windows\System32\Drivers\Fips.sys [50176 2007-02-18] (Microsoft Corporation)
R0 Ftdisk; C:\Windows\System32\DRIVERS\ftdisk.sys [240128 2007-02-18] (Microsoft Corporation)
R3 Gpc; C:\Windows\System32\DRIVERS\msgpc.sys [71168 2007-02-18] (Microsoft Corporation)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [239616 2005-07-13] (Windows ® Server 2003 DDK provider)
S4 hpcisss; no ImagePath
S1 i2omgmt; no ImagePath
S4 iirsp; no ImagePath
R1 imapi; C:\Windows\System32\DRIVERS\imapi.sys [72704 2007-02-18] (Microsoft Corporation)
S4 IntelIde; no ImagePath
S3 Ip6Fw; C:\Windows\System32\DRIVERS\Ip6Fw.sys [57856 2007-02-18] (Microsoft Corporation)
R1 IPSec; C:\Windows\System32\DRIVERS\ipsec.sys [156672 2007-02-18] (Microsoft Corporation)
U3 LicenseInfo; no ImagePath
S4 lp6nds35; no ImagePath
R1 mnmdd; C:\Windows\System32\Drivers\mnmdd.sys [8192 2007-02-18] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S4 mraid35x; no ImagePath
S4 nfrd960; no ImagePath
R3 nv; C:\Windows\System32\DRIVERS\nv4_mini.sys [9525888 2007-12-05] (NVIDIA Corporation)
S3 NVENET; C:\Windows\System32\DRIVERS\NVENET.sys [185344 2005-03-24] (NVIDIA Corporation)
S3 PDCOMP; no ImagePath
S3 PDFRAME; no ImagePath
S3 PDRELI; no ImagePath
S3 PDRFRAME; no ImagePath
R3 Ptilink; C:\Windows\System32\DRIVERS\ptilink.sys [31232 2007-02-18] (Parallel Technologies, Inc.)
S4 ql2300; no ImagePath
R3 Raspti; C:\Windows\System32\DRIVERS\raspti.sys [31232 2007-02-18] (Microsoft Corporation)
R1 redbook; C:\Windows\System32\DRIVERS\redbook.sys [64000 2005-03-24] (Microsoft Corporation)
R3 rtl8139; C:\Windows\System32\DRIVERS\RTL39A64.SYS [59904 2005-03-24] (Realtek Semiconductor Corporation)
U5 sacdrv; C:\Windows\System32\Drivers\sacdrv.sys [130560 2007-02-18] (Microsoft Corporation)
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [171008 2007-02-18] (Microsoft Corporation)
S4 Simbad; no ImagePath
S4 symc8xx; no ImagePath
S4 symmpi; no ImagePath
S4 sym_hi; no ImagePath
S4 sym_u3; no ImagePath
S4 TosIde; no ImagePath
S4 ultra; no ImagePath
R3 Update; C:\Windows\System32\DRIVERS\update.sys [81920 2007-02-18] (Microsoft Corporation)
S4 ViaIde; no ImagePath
S3 WDICA; no ImagePath
S3 WLBS; C:\Windows\System32\DRIVERS\wlbs.sys [280576 2007-02-18] (Microsoft Corporation)
S2 DS1410D; SYSTEM32\drivers\DS1410D.SYS [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
U1 WS2IFSL; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
NETSVC: Sacsvr -> C:\Windows\system32\sacsvr.dll (Microsoft Corporation)
NETSVC: TrkSvr -> C:\Windows\system32\trksvr.dll (Microsoft Corporation)
NETSVCx32: Browser -> C:\Windows\SysWOW64\browser.dll (Microsoft Corporation)
NETSVCx32: CryptSvc -> C:\Windows\SysWOW64\cryptsvc.dll (Microsoft Corporation)
NETSVCx32: DMServer -> C:\Windows\SysWOW64\dmserver.dll ==> No File
NETSVCx32: EventSystem -> C:\WINDOWS\SysWOW64\es.dll (Microsoft Corporation)
NETSVCx32: HidServ -> C:\Windows\SysWOW64\hidserv.dll ==> No File
NETSVCx32: Iprip -> no filepath.
NETSVCx32: LanmanWorkstation -> C:\Windows\SysWOW64\wkssvc.dll ==> No File
NETSVCx32: Messenger -> C:\Windows\SysWOW64\msgsvc.dll ==> No File
NETSVCx32: Netman -> C:\Windows\SysWOW64\netman.dll (Microsoft Corporation)
NETSVCx32: Sacsvr -> C:\Windows\SysWOW64\sacsvr.dll ==> No File
NETSVCx32: Seclogon -> C:\Windows\SysWOW64\seclogon.dll (Microsoft Corporation)
NETSVCx32: TrkWks -> C:\Windows\SysWOW64\trkwks.dll (Microsoft Corporation)
NETSVCx32: TrkSvr -> C:\Windows\SysWOW64\trksvr.dll (Microsoft Corporation)
NETSVCx32: WZCSVC -> C:\Windows\SysWOW64\wzcsvc.dll (Microsoft Corporation)
NETSVCx32: xmlprov -> C:\Windows\SysWOW64\xmlprov.dll (Microsoft Corporation)
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-23 14:59 - 2016-03-24 09:03 - 00000624 _____ C:\WINDOWS\Tasks\AVG_SYS_TASK_0216pit.job
2016-03-23 14:59 - 2016-03-24 09:00 - 00000508 _____ C:\WINDOWS\Tasks\AVG_SYS_TASK_0216pit_DELETE.job
2016-03-23 14:58 - 2016-03-23 14:59 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Avg_Update_0216pit
2016-03-23 14:56 - 2016-03-23 14:56 - 00000000 ____D C:\Documents and Settings\Administrator.SPARTEK\Application Data\AVG2013
2016-03-23 14:55 - 2016-03-23 14:55 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2016-03-23 14:54 - 2016-03-23 14:55 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG2013
2016-03-23 14:54 - 2016-03-23 14:54 - 00000000 ___HD C:\$AVG
2016-03-23 14:53 - 2016-03-23 14:53 - 00000000 ____D C:\Program Files (x86)\AVG
2016-03-22 14:44 - 2016-03-22 14:35 - 222891896 _____ (AVG Technologies) C:\Documents and Settings\Administrator.SPARTEK\Desktop\avg_msw_x64_all_ltst_3553a11388.exe
2016-03-22 14:08 - 2016-03-29 12:52 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2016-03-22 02:02 - 2012-06-02 15:18 - 00291568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mucltui.dll
2016-03-22 02:02 - 2012-06-02 15:18 - 00214256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\muweb.dll
2016-03-22 02:02 - 2012-06-02 15:18 - 00128240 _____ (Microsoft Corporation) C:\WINDOWS\system32\muweb.dll
2016-03-22 02:02 - 2012-06-02 15:18 - 00017136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mucltui.dll.mui
2016-03-21 16:33 - 2016-03-29 14:08 - 00000000 ____D C:\FRST
2016-03-21 16:09 - 2005-03-24 17:35 - 00232448 ____C (Eicon Networks) C:\Windows\System32\dllcache\xlog.exe
2016-03-21 16:09 - 2005-03-24 17:35 - 00214272 ____C (Microsoft) C:\Windows\System32\dllcache\yk51x64.sys
2016-03-21 16:08 - 2007-02-17 01:05 - 00024192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wstcodec.sys
2016-03-21 16:08 - 2007-02-17 01:04 - 00532480 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wpdmtpdr.dll
2016-03-21 16:08 - 2007-02-17 01:04 - 00202752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wpdmtp.dll
2016-03-21 16:08 - 2005-03-24 17:35 - 00097280 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wpdmtpus.dll
2016-03-21 16:08 - 2005-03-24 17:35 - 00093696 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wpdconns.dll
2016-03-21 16:08 - 2005-03-24 17:35 - 00055808 ____C (S2io Inc.) C:\Windows\System32\dllcache\xenamd64.sys
2016-03-21 16:08 - 2005-03-24 17:35 - 00029696 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wpdusb.sys
2016-03-21 16:08 - 2005-03-24 17:35 - 00015360 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wpdtrace.dll
2016-03-21 16:07 - 2007-02-18 05:00 - 00054272 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wvfwwdm32.dll
2016-03-21 16:07 - 2007-02-18 05:00 - 00029184 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wvidcap.ax
2016-03-21 16:07 - 2007-02-17 01:02 - 00187904 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wdmaud.sys
2016-03-21 16:07 - 2007-02-17 01:02 - 00119552 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wceusbsh.sys
2016-03-21 16:07 - 2007-02-17 01:01 - 00081920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\vfwwdm32.dll
2016-03-21 16:07 - 2007-02-17 01:01 - 00044032 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\vidcap.ax
2016-03-21 16:07 - 2005-03-24 17:35 - 00015872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmiacpi.sys
2016-03-21 16:07 - 2005-03-24 17:34 - 00128000 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wiafbdrv.dll
2016-03-21 16:07 - 2005-03-24 17:34 - 00114816 ____C (VIA Networking Technologies, Inc. ) C:\Windows\System32\dllcache\wetn5b64.sys
2016-03-21 16:07 - 2005-03-24 17:34 - 00036352 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wdmaud.drv
2016-03-21 16:07 - 2005-03-24 17:34 - 00017920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wd.sys
2016-03-21 16:07 - 2005-03-24 17:34 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\viaide.sys
2016-03-21 16:06 - 2007-02-17 01:00 - 00216320 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usbvideo.sys
2016-03-21 16:06 - 2007-02-17 01:00 - 00102912 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usbaudio.sys
2016-03-21 16:06 - 2007-02-17 01:00 - 00061440 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\uliagpkx.sys
2016-03-21 16:06 - 2007-02-17 01:00 - 00058880 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\uagp35.sys
2016-03-21 16:06 - 2007-02-17 01:00 - 00042496 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usbccid.sys
2016-03-21 16:06 - 2007-02-17 01:00 - 00029696 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usbprint.sys
2016-03-21 16:06 - 2007-02-17 00:59 - 00147456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\sysaudio.sys
2016-03-21 16:06 - 2005-03-24 17:34 - 00318976 ____C (Trident Microsystems Inc.) C:\Windows\System32\dllcache\trid3d.dll
2016-03-21 16:06 - 2005-03-24 17:34 - 00254464 ____C (Trident Microsystems Inc.) C:\Windows\System32\dllcache\trid3dm.sys
2016-03-21 16:06 - 2005-03-24 17:34 - 00084992 ____C (LSI Logic) C:\Windows\System32\dllcache\symmpi.sys
2016-03-21 16:06 - 2005-03-24 17:34 - 00042496 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usbser.sys
2016-03-21 16:06 - 2005-03-24 17:34 - 00041984 ____C (LSI Logic) C:\Windows\System32\dllcache\symc8xx.sys
2016-03-21 16:06 - 2005-03-24 17:34 - 00038912 ____C (Promise Technology, Inc.) C:\Windows\System32\dllcache\ultra.sys
2016-03-21 16:06 - 2005-03-24 17:34 - 00034432 ____C (ULi Electronics Inc.) C:\Windows\System32\dllcache\uli5261.sys
2016-03-21 16:06 - 2005-03-24 17:34 - 00012288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\tandqic.sys
2016-03-21 16:06 - 2005-03-24 17:34 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\toside.sys
2016-03-21 16:06 - 2005-03-24 17:25 - 00086528 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\swmidi.sys
2016-03-21 16:06 - 2005-03-24 17:25 - 00039936 ____C (LSI Logic) C:\Windows\System32\dllcache\sym_u3.sys
2016-03-21 16:06 - 2005-03-24 17:25 - 00037376 ____C (LSI Logic) C:\Windows\System32\dllcache\sym_hi.sys
2016-03-21 16:06 - 2005-03-24 17:25 - 00028160 ____C (SCM Microsystems, Inc.) C:\Windows\System32\dllcache\stcusb.sys
2016-03-21 16:06 - 2005-03-24 17:25 - 00024576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\streamip.sys
2016-03-21 16:05 - 2007-02-17 00:55 - 00012800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\sonyait.sys
2016-03-21 16:05 - 2007-02-17 00:55 - 00010240 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\splitter.sys
2016-03-21 16:05 - 2007-02-17 00:54 - 00019968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\scsiscan.sys
2016-03-21 16:05 - 2005-03-24 17:24 - 00043008 ____C (SiS Corporation) C:\Windows\System32\dllcache\sisnic.sys
2016-03-21 16:05 - 2005-03-24 17:24 - 00032256 ____C (SCM Microsystems) C:\Windows\System32\dllcache\scr111.sys
2016-03-21 16:05 - 2005-03-24 17:24 - 00031232 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\scmstcs.sys
2016-03-21 16:05 - 2005-03-24 17:24 - 00030720 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\sermouse.sys
2016-03-21 16:05 - 2005-03-24 17:24 - 00019968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\slip.sys
2016-03-21 16:05 - 2005-03-24 17:24 - 00019968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\scsiprnt.sys
2016-03-21 16:05 - 2005-03-24 17:24 - 00017920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\sonymc.sys
2016-03-21 16:05 - 2005-03-24 17:24 - 00013824 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\spctramc.sys
2016-03-21 16:05 - 2005-03-24 17:24 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\snyaitmc.sys
2016-03-21 16:05 - 2005-03-24 17:24 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\seaddsmc.sys
2016-03-21 16:05 - 2005-03-24 17:24 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\serscan.sys
2016-03-21 16:04 - 2007-02-18 05:00 - 00198656 ____C C:\Windows\System32\dllcache\wPsisDecd.dll
2016-03-21 16:04 - 2007-02-18 05:00 - 00135680 ____C C:\Windows\System32\dllcache\wPsisRndr.ax
2016-03-21 16:04 - 2007-02-17 00:53 - 00073728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\sbp2port.sys
2016-03-21 16:04 - 2007-02-17 00:53 - 00040576 ____C (OMNIKEY AG) C:\Windows\System32\dllcache\sccmusbm.sys
2016-03-21 16:04 - 2007-02-17 00:51 - 00051200 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\rndismpx.sys
2016-03-21 16:04 - 2007-02-17 00:51 - 00032256 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ramdisk.sys
2016-03-21 16:04 - 2007-02-17 00:50 - 00316928 ____C C:\Windows\System32\dllcache\psisdecd.dll
2016-03-21 16:04 - 2007-02-17 00:50 - 00271872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ptpusd.dll
2016-03-21 16:04 - 2007-02-17 00:50 - 00025344 ____C (SCM Microsystems, Inc.) C:\Windows\System32\dllcache\pscr.sys
2016-03-21 16:04 - 2007-02-17 00:50 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\qic157.sys
2016-03-21 16:04 - 2007-02-17 00:44 - 00246272 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\portcls.sys
2016-03-21 16:04 - 2007-02-17 00:44 - 00016384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\pnpmem.sys
2016-03-21 16:04 - 2007-02-17 00:44 - 00015872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\powerfil.sys
2016-03-21 16:04 - 2005-03-24 17:24 - 00796160 ____C (QLogic Corporation) C:\Windows\System32\dllcache\ql2300.sys
2016-03-21 16:04 - 2005-03-24 17:24 - 00044032 ____C (OMNIKEY AG) C:\Windows\System32\dllcache\sccmn50m.sys
2016-03-21 16:04 - 2005-03-24 17:24 - 00037888 ____C (Realtek Semiconductor Corporation ) C:\Windows\System32\dllcache\rtl69a64.sys
2016-03-21 16:04 - 2005-03-24 17:24 - 00014848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\qlstrmc.sys
2016-03-21 16:04 - 2005-03-24 17:24 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\qntmmc.sys
2016-03-21 16:04 - 2005-03-24 17:24 - 00010240 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\rsmgrstr.dll
2016-03-21 16:04 - 2005-03-24 17:23 - 00057344 ____C C:\Windows\System32\dllcache\psisrndr.ax
2016-03-21 16:04 - 2005-03-24 17:22 - 00013824 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\pnrmc.sys
2016-03-21 16:03 - 2007-02-17 00:44 - 00161024 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\phildec.sys
2016-03-21 16:03 - 2007-02-17 00:42 - 00093440 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ohci1394.sys
2016-03-21 16:03 - 2007-02-17 00:41 - 00124416 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\nv_agp.sys
2016-03-21 16:03 - 2005-03-24 17:22 - 00016384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\plasmc.sys
2016-03-21 16:03 - 2005-03-24 17:21 - 00092160 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\nic1394.sys
2016-03-21 16:03 - 2005-03-24 17:21 - 00053248 ____C (IBM Corporation) C:\Windows\System32\dllcache\nfrd960.sys
2016-03-21 16:03 - 2005-03-24 17:21 - 00022528 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ne2000.sys
2016-03-21 16:03 - 2005-03-24 17:21 - 00017408 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ndisip.sys
2016-03-21 16:03 - 2005-03-24 17:21 - 00014336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\nsmmc.sys
2016-03-21 16:02 - 2007-02-18 05:00 - 00057856 ____C C:\Windows\System32\dllcache\wMSDvbNP.ax
2016-03-21 16:02 - 2007-02-17 00:39 - 00103680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\nabtsfec.sys
2016-03-21 16:02 - 2007-02-17 00:39 - 00062976 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mstape.sys
2016-03-21 16:02 - 2007-02-17 00:39 - 00012288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mskssrv.sys
2016-03-21 16:02 - 2007-02-17 00:39 - 00008064 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mstee.sys
2016-03-21 16:02 - 2007-02-17 00:39 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mspclock.sys
2016-03-21 16:02 - 2007-02-17 00:39 - 00006912 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mspqm.sys
2016-03-21 16:02 - 2007-02-17 00:38 - 00094720 ____C C:\Windows\System32\dllcache\msdvbnp.ax
2016-03-21 16:02 - 2007-02-17 00:38 - 00071680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msdv.sys
2016-03-21 16:02 - 2005-03-24 17:21 - 00036352 ____C (LSI Logic Corporation) C:\Windows\System32\dllcache\mraid35x.sys
2016-03-21 16:02 - 2005-03-24 17:21 - 00028672 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\modemcsa.sys
2016-03-21 16:02 - 2005-03-24 17:21 - 00023040 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mpe.sys
2016-03-21 16:02 - 2005-03-24 17:21 - 00005120 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msmpu401.sys
2016-03-21 16:01 - 2007-02-18 05:00 - 00130048 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wksproxy.ax
2016-03-21 16:01 - 2007-02-18 05:00 - 00090624 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkswdmcap.ax
2016-03-21 16:01 - 2007-02-18 05:00 - 00061952 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkstvtune.ax
2016-03-21 16:01 - 2007-02-18 05:00 - 00043008 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wksxbar.ax
2016-03-21 16:01 - 2007-02-17 00:36 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ltotape.sys
2016-03-21 16:01 - 2007-02-17 00:35 - 00250880 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ksproxy.ax
2016-03-21 16:01 - 2007-02-17 00:35 - 00138752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kswdmcap.ax
2016-03-21 16:01 - 2007-02-17 00:35 - 00088064 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kstvtune.ax
2016-03-21 16:01 - 2007-02-17 00:35 - 00026112 ____C (Litronic Industries) C:\Windows\System32\dllcache\lit220p.sys
2016-03-21 16:01 - 2007-02-17 00:34 - 00012288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdjpn.dll
2016-03-21 16:01 - 2007-02-17 00:34 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdkor.dll
2016-03-21 16:01 - 2005-03-24 17:21 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\miniqic.sys
2016-03-21 16:01 - 2005-03-24 17:20 - 00569344 ____C (Agere Systems) C:\Windows\System32\dllcache\ltmdm64.sys
2016-03-21 16:01 - 2005-03-24 17:20 - 00204288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kmixer.sys
2016-03-21 16:01 - 2005-03-24 17:20 - 00074752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ksxbar.ax
2016-03-21 16:01 - 2005-03-24 17:20 - 00015872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\libxprmc.sys
2016-03-21 16:01 - 2005-03-24 17:20 - 00012800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mammoth.sys
2016-03-21 16:01 - 2005-03-24 17:20 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\m4mc.sys
2016-03-21 16:01 - 2005-03-24 17:20 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\loop.sys
2016-03-21 16:00 - 2005-03-24 17:20 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\jvcmc.sys
2016-03-21 16:00 - 2005-03-24 17:20 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbd106.dll
2016-03-21 16:00 - 2005-03-24 17:20 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbd101c.dll
2016-03-21 16:00 - 2005-03-24 17:20 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbd103.dll
2016-03-21 16:00 - 2005-03-24 17:20 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbd101b.dll
2016-03-21 16:00 - 2005-03-24 17:19 - 00070784 ____C (Intel Corporation) C:\Windows\System32\dllcache\ixg5132e.sys
2016-03-21 16:00 - 2005-03-24 17:19 - 00023552 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ipsink.ax
2016-03-21 16:00 - 2005-03-24 17:19 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\jetpack.exe
2016-03-21 16:00 - 2005-03-24 17:19 - 00009216 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\intelide.sys
2016-03-21 15:59 - 2007-02-18 05:00 - 00096256 ____C C:\Windows\System32\dllcache\ieencode.dll
2016-03-21 15:59 - 2007-02-18 05:00 - 00082432 ____C C:\Windows\System32\dllcache\wieencode.dll
2016-03-21 15:59 - 2007-02-17 00:28 - 00385024 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hpojwia.dll
2016-03-21 15:59 - 2007-02-17 00:28 - 00035840 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hidbatt.sys
2016-03-21 15:59 - 2005-03-24 17:19 - 00048128 ____C (Intel Corp./ICP vortex GmbH) C:\Windows\System32\dllcache\iirsp.sys
2016-03-21 15:59 - 2005-03-24 17:18 - 01080832 ____C (Conexant Systems, Inc.) C:\Windows\System32\dllcache\hsf_dp4.sys
2016-03-21 15:59 - 2005-03-24 17:18 - 00804352 ____C (Conexant Systems, Inc.) C:\Windows\System32\dllcache\hsfcnxt4.sys
2016-03-21 15:59 - 2005-03-24 17:18 - 00241664 ____C (Windows ® Server 2003 DDK provider) C:\Windows\System32\dllcache\hdaudio.sys
2016-03-21 15:59 - 2005-03-24 17:18 - 00236032 ____C (Conexant Systems, Inc.) C:\Windows\System32\dllcache\hsfbs4.sys
2016-03-21 15:59 - 2005-03-24 17:18 - 00080896 ____C (Windows ® Server 2003 DDK provider) C:\Windows\System32\dllcache\hdashcut.exe
2016-03-21 15:59 - 2005-03-24 17:18 - 00044544 ____C (Gemplus) C:\Windows\System32\dllcache\grserial.sys
2016-03-21 15:59 - 2005-03-24 17:18 - 00037402 ____C (Conexant Systems, Inc.) C:\Windows\System32\dllcache\hsfc4.dll
2016-03-21 15:59 - 2005-03-24 17:18 - 00031232 ____C (Hewlett-Packard Company) C:\Windows\System32\dllcache\hpcisss.sys
2016-03-21 15:59 - 2005-03-24 17:18 - 00030720 ____C (Gemplus) C:\Windows\System32\dllcache\gpr400.sys
2016-03-21 15:59 - 2005-03-24 17:18 - 00028672 ____C (Windows ® Server 2003 DDK provider) C:\Windows\System32\dllcache\hdaprop.dll
2016-03-21 15:59 - 2005-03-24 17:18 - 00019968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hpmc.sys
2016-03-21 15:59 - 2005-03-24 17:18 - 00012288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hidgame.sys
2016-03-21 15:59 - 2005-03-24 17:18 - 00009728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hpt4qic.sys
2016-03-21 15:59 - 2005-03-24 17:18 - 00006144 ____C (Windows ® Server 2003 DDK provider) C:\Windows\System32\dllcache\hdaudres.dll
2016-03-21 15:58 - 2007-02-17 00:22 - 00061952 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\gagp30kx.sys
2016-03-21 15:58 - 2005-03-24 17:18 - 00063872 ____C (VIA Networking Technologies, Inc. ) C:\Windows\System32\dllcache\get5a64.sys
2016-03-21 15:58 - 2005-03-24 17:17 - 00652288 ____C (AVM Berlin) C:\Windows\System32\dllcache\fpcibase.sys
2016-03-21 15:58 - 2005-03-24 17:17 - 00643072 ____C (AVM Berlin) C:\Windows\System32\dllcache\fpcmbase.sys
2016-03-21 15:58 - 2005-03-24 17:17 - 00391680 ____C (Emulex Corporation) C:\Windows\System32\dllcache\elxstor.sys
2016-03-21 15:58 - 2005-03-24 17:17 - 00232960 ____C (Intel Corporation) C:\Windows\System32\dllcache\e1g5132e.sys
2016-03-21 15:58 - 2005-03-24 17:17 - 00191744 ____C (Intel Corporation) C:\Windows\System32\dllcache\efe5b32e.sys
2016-03-21 15:58 - 2005-03-24 17:17 - 00103936 ____C (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esucm.dll
2016-03-21 15:58 - 2005-03-24 17:17 - 00081408 ____C (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esunib.dll
2016-03-21 15:58 - 2005-03-24 17:17 - 00081408 ____C (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esuni.dll
2016-03-21 15:58 - 2005-03-24 17:17 - 00076800 ____C (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esuimg.dll
2016-03-21 15:58 - 2005-03-24 17:17 - 00062848 ____C (VIA Technologies, Inc. ) C:\Windows\System32\dllcache\fet5a64.sys
2016-03-21 15:58 - 2005-03-24 17:17 - 00017408 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\examc.sys
2016-03-21 15:58 - 2005-03-24 17:17 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\elmsmc.sys
2016-03-21 15:58 - 2005-03-24 17:17 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\exabyte2.sys
2016-03-21 15:58 - 2005-03-24 17:17 - 00011264 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\enum1394.sys
2016-03-21 15:58 - 2005-03-24 17:16 - 00035328 ____C (Adaptec, Inc.) C:\Windows\System32\dllcache\dpti2o.sys
2016-03-21 15:58 - 2005-03-24 17:16 - 00032768 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dot4usb.sys
2016-03-21 15:57 - 2007-02-17 00:17 - 01592832 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dhcpsnap.dll
2016-03-21 15:57 - 2007-02-17 00:17 - 00432640 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dhcpssvc.dll
2016-03-21 15:57 - 2007-02-17 00:17 - 00182784 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dot4.sys
2016-03-21 15:57 - 2007-02-17 00:09 - 00260096 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\csamsp.dll
2016-03-21 15:57 - 2007-02-17 00:09 - 00031360 ____C (OMNIKEY AG) C:\Windows\System32\dllcache\cmbp0wdm.sys
2016-03-21 15:57 - 2007-02-17 00:09 - 00021120 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cmbatt.sys
2016-03-21 15:57 - 2007-02-17 00:09 - 00015488 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\compbatt.sys
2016-03-21 15:57 - 2005-03-24 17:16 - 00491520 ____C (Eicon Networks) C:\Windows\System32\dllcache\diwansrv.sys
2016-03-21 15:57 - 2005-03-24 17:16 - 00462336 ____C (Eicon Networks) C:\Windows\System32\dllcache\dimaint.sys
2016-03-21 15:57 - 2005-03-24 17:16 - 00404480 ____C (Eicon Networks) C:\Windows\System32\dllcache\ditrace.exe
2016-03-21 15:57 - 2005-03-24 17:16 - 00310784 ____C (Eicon Networks) C:\Windows\System32\dllcache\dicapi.sys
2016-03-21 15:57 - 2005-03-24 17:16 - 00045056 ____C (Eicon Networks) C:\Windows\System32\dllcache\disrvsu.dll
2016-03-21 15:57 - 2005-03-24 17:16 - 00038400 ____C (Eicon Networks) C:\Windows\System32\dllcache\disrvpp.dll
2016-03-21 15:57 - 2005-03-24 17:16 - 00023552 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dot4prt.sys
2016-03-21 15:57 - 2005-03-24 17:16 - 00014848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dot4scan.sys
2016-03-21 15:57 - 2005-03-24 17:16 - 00013824 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dlttape.sys
2016-03-21 15:57 - 2005-03-24 17:16 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ddsmc.sys
2016-03-21 15:57 - 2005-03-24 17:16 - 00012288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dhcpmib.dll
2016-03-21 15:57 - 2005-03-24 17:16 - 00006144 ____C (Eicon Networks) C:\Windows\System32\dllcache\disrvci.dll
2016-03-21 15:57 - 2005-03-24 17:15 - 00096768 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyzport.sys
2016-03-21 15:57 - 2005-03-24 17:15 - 00094720 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyyport.sys
2016-03-21 15:57 - 2005-03-24 17:15 - 00039424 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyycoins.dll
2016-03-21 15:57 - 2005-03-24 17:15 - 00036864 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyzcoins.dll
2016-03-21 15:57 - 2005-03-24 17:15 - 00035328 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyzports.dll
2016-03-21 15:57 - 2005-03-24 17:15 - 00034816 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyyports.dll
2016-03-21 15:57 - 2005-03-24 17:15 - 00027136 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyclad-z.sys
2016-03-21 15:57 - 2005-03-24 17:15 - 00024064 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyclom-y.sys
2016-03-21 15:57 - 2005-03-24 17:15 - 00013824 ____C (CMD Technology, Inc.) C:\Windows\System32\dllcache\cmdide.sys
2016-03-21 15:56 - 2007-02-18 05:00 - 00018432 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wBdaPlgIn.ax
2016-03-21 15:56 - 2007-02-17 00:05 - 00024576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ccdecode.sys
2016-03-21 15:56 - 2007-02-17 00:03 - 01452544 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ati2mtag.sys
2016-03-21 15:56 - 2007-02-17 00:03 - 00342016 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ati2dvag.dll
2016-03-21 15:56 - 2007-02-17 00:03 - 00329728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\binlsvc.dll
2016-03-21 15:56 - 2007-02-17 00:03 - 00326400 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ati2mpad.sys
2016-03-21 15:56 - 2007-02-17 00:03 - 00185088 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ati2drad.dll
2016-03-21 15:56 - 2007-02-17 00:03 - 00111104 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\arp1394.sys
2016-03-21 15:56 - 2007-02-17 00:03 - 00067968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\avc.sys
2016-03-21 15:56 - 2007-02-17 00:03 - 00026112 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bdaplgin.ax
2016-03-21 15:56 - 2007-02-17 00:03 - 00020864 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bdasup.sys
2016-03-21 15:56 - 2007-02-17 00:03 - 00018816 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\battc.sys
2016-03-21 15:56 - 2005-03-24 17:16 - 00023552 ____C (Eicon Networks Corporation) C:\Windows\System32\dllcache\diapi264.dll
2016-03-21 15:56 - 2005-03-24 17:14 - 00480256 ____C (Broadcom Corporation) C:\Windows\System32\dllcache\bcmwl564.sys
2016-03-21 15:56 - 2005-03-24 17:14 - 00147456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\brmfcwia.dll
2016-03-21 15:56 - 2005-03-24 17:14 - 00082944 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brmflpt.dll
2016-03-21 15:56 - 2005-03-24 17:14 - 00068608 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brmfusb.dll
2016-03-21 15:56 - 2005-03-24 17:14 - 00063488 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brmfrsmg.exe
2016-03-21 15:56 - 2005-03-24 17:14 - 00059904 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brserwdm.sys
2016-03-21 15:56 - 2005-03-24 17:14 - 00041984 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brparwdm.sys
2016-03-21 15:56 - 2005-03-24 17:14 - 00037376 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brevif.dll
2016-03-21 15:56 - 2005-03-24 17:14 - 00036352 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brmfbidi.dll
2016-03-21 15:56 - 2005-03-24 17:14 - 00035840 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brbidiif.dll
2016-03-21 15:56 - 2005-03-24 17:14 - 00022528 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bulltlp3.sys
2016-03-21 15:56 - 2005-03-24 17:14 - 00022016 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brfiltlo.sys
2016-03-21 15:56 - 2005-03-24 17:14 - 00019968 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brusbmdm.sys
2016-03-21 15:56 - 2005-03-24 17:14 - 00019456 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brusbscn.sys
2016-03-21 15:56 - 2005-03-24 17:14 - 00019456 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brcoinst.dll
2016-03-21 15:56 - 2005-03-24 17:14 - 00015360 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brserif.dll
2016-03-21 15:56 - 2005-03-24 17:14 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\breecemc.sys
2016-03-21 15:56 - 2005-03-24 17:14 - 00012800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\changer.sys
2016-03-21 15:56 - 2005-03-24 17:14 - 00008192 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brfiltup.sys
2016-03-21 15:56 - 2005-03-24 17:14 - 00007168 ____C (Brother Industries,Ltd.) C:\Windows\System32\dllcache\brscnrsm.dll
2016-03-21 15:56 - 2005-03-24 17:14 - 00007168 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brparimg.sys
2016-03-21 15:56 - 2005-03-24 17:14 - 00006656 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brfilt.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 03036032 ____C (ATI Technologies Inc. ) C:\Windows\System32\dllcache\ati3duag.dll
2016-03-21 15:56 - 2005-03-24 17:12 - 00568416 ____C (ATI Technologies Inc. ) C:\Windows\System32\dllcache\ativvaxx.dll
2016-03-21 15:56 - 2005-03-24 17:12 - 00340480 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ati2cqag.dll
2016-03-21 15:56 - 2005-03-24 17:12 - 00264704 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinevxx.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00192768 ____C (AVM GmbH) C:\Windows\System32\dllcache\b1cbase.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00191488 ____C (Broadcom Corporation) C:\Windows\System32\dllcache\b57amd64.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00188416 ____C (AVM GmbH) C:\Windows\System32\dllcache\avmcoxp.dll
2016-03-21 15:56 - 2005-03-24 17:12 - 00168960 ____C (AVM GmbH) C:\Windows\System32\dllcache\avmenum.dll
2016-03-21 15:56 - 2005-03-24 17:12 - 00104960 ____C (AVM GmbH) C:\Windows\System32\dllcache\avmcowan.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00101888 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinesxx.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00084992 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinraxx.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00080896 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinbtxx.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00073728 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atineuxx.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00040960 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinxbxx.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00036864 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinsnxx.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00036352 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativtmxx.dll
2016-03-21 15:56 - 2005-03-24 17:12 - 00033280 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativtmww.dll
2016-03-21 15:56 - 2005-03-24 17:12 - 00031744 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativmvxx.ax
2016-03-21 15:56 - 2005-03-24 17:12 - 00030720 ____C (AVM GmbH) C:\Windows\System32\dllcache\avmunet.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00023552 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativmvww.ax
2016-03-21 15:56 - 2005-03-24 17:12 - 00022144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\avcstrm.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00020992 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinpdxx.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00020480 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinmdxx.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00018944 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinttxx.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00018432 ____C (AVM GmbH) C:\Windows\System32\dllcache\avmc2064.dll
2016-03-21 15:56 - 2005-03-24 17:12 - 00013824 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\atlmc.sys
2016-03-21 15:56 - 2005-03-24 17:12 - 00013824 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativdaxx.ax
2016-03-21 15:56 - 2005-03-24 17:12 - 00009728 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativdaww.ax
2016-03-21 15:56 - 2005-03-24 17:11 - 00120832 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\aic78xx.sys
2016-03-21 15:56 - 2005-03-24 17:11 - 00117248 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\aic78u2.sys
2016-03-21 15:56 - 2005-03-24 17:11 - 00062464 ____C (Adaptec, Inc.) C:\Windows\System32\dllcache\arc.sys
2016-03-21 15:56 - 2005-03-24 17:11 - 00053248 ____C (AMD) C:\Windows\System32\dllcache\amdac97.sys
2016-03-21 15:56 - 2005-03-24 17:11 - 00031744 ____C (Advanced Micro Devices (AMD), Inc.) C:\Windows\System32\dllcache\amd64n5.sys
2016-03-21 15:56 - 2005-03-24 17:11 - 00009216 ____C (Acer Laboratories Inc.) C:\Windows\System32\dllcache\aliide.sys
2016-03-21 15:56 - 2005-03-24 17:11 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\amdide.sys
2016-03-21 15:55 - 2007-02-17 00:03 - 00056320 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\agp440.sys
2016-03-21 15:55 - 2007-02-17 00:02 - 00080384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\1394bus.sys
2016-03-21 15:55 - 2007-02-17 00:02 - 00078080 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\61883.sys
2016-03-21 15:55 - 2005-03-24 17:11 - 01127424 ____C (Agere Systems) C:\Windows\System32\dllcache\agrsm64.sys
2016-03-21 15:55 - 2005-03-24 17:11 - 00246784 ____C (Adaptec, Inc.) C:\Windows\System32\dllcache\adpu320.sys
2016-03-21 15:55 - 2005-03-24 17:11 - 00188928 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\aec.sys
2016-03-21 15:55 - 2005-03-24 17:11 - 00182272 ____C (Intel Corporation) C:\Windows\System32\dllcache\ac97intc.sys
2016-03-21 15:55 - 2005-03-24 17:11 - 00160256 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\adpu160m.sys
2016-03-21 15:55 - 2005-03-24 17:11 - 00093696 ____C (VIA Technologies, Inc.) C:\Windows\System32\dllcache\ac97via.sys
2016-03-21 15:55 - 2005-03-24 17:11 - 00059392 ____C (Adaptec, Inc ) C:\Windows\System32\dllcache\adptsf50.sys
2016-03-21 15:55 - 2005-03-24 17:11 - 00018432 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\4mmdat.sys
2016-03-21 15:55 - 2005-03-24 17:11 - 00014336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\adicvls.sys
2016-03-21 15:55 - 2005-03-24 17:11 - 00014336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\adicsc.sys
2016-03-21 15:55 - 2005-03-24 17:11 - 00004608 ____C (Agere Systems) C:\Windows\System32\dllcache\agrsco64.dll
2016-03-21 11:18 - 2016-03-27 01:39 - 00000384 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2016-03-21 11:10 - 2015-12-08 21:39 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-03-21 11:04 - 2016-03-21 11:04 - 00001945 _____ C:\WINDOWS\epplauncher.mif
2016-03-21 11:04 - 2016-03-21 11:04 - 00001740 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials Prerelease.lnk
2016-03-21 11:04 - 2016-03-21 11:04 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-03-21 11:04 - 2016-03-21 11:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-03-21 10:08 - 2016-03-21 10:57 - 00000000 ____D C:\Program Files\SanityCheck
2016-03-21 10:08 - 2016-03-21 10:57 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\SanityCheck
2016-03-21 10:00 - 2016-03-21 10:00 - 00000000 ____D C:\Program Files\stinger
2016-03-21 09:59 - 2016-03-21 10:00 - 00103460 _____ C:\TDSSKiller.3.1.0.9_21.03.2016_09.59.44_log.txt
2016-03-21 09:53 - 2016-03-21 09:55 - 00395648 _____ C:\TDSSKiller.3.1.0.9_21.03.2016_09.53.30_log.txt
2016-03-21 09:50 - 2016-03-21 09:51 - 00104264 _____ C:\TDSSKiller.3.1.0.9_21.03.2016_09.50.24_log.txt
2016-03-02 17:53 - 2016-03-02 17:53 - 00137320 _____ C:\WINDOWS\Minidump\Mini030216-03.dmp
2016-03-02 17:19 - 2016-03-02 17:19 - 00000000 ____D C:\Quarantine
2016-03-02 16:24 - 2016-03-02 16:24 - 00137320 _____ C:\WINDOWS\Minidump\Mini030216-02.dmp
2016-03-02 16:13 - 2016-03-02 16:13 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-03-02 16:02 - 2016-03-02 16:02 - 00137320 _____ C:\WINDOWS\Minidump\Mini030216-01.dmp
2016-03-02 10:48 - 2016-03-02 10:49 - 00106010 _____ C:\TDSSKiller.3.1.0.9_02.03.2016_09.48.38_log.txt
2016-03-01 16:35 - 2016-03-01 16:35 - 00021756 _____ C:\Documents and Settings\Administrator.SPARTEK\My Documents\esetvirusscanMar012016.txt
2016-03-01 15:45 - 2016-03-01 15:45 - 00000000 ____D C:\Program Files (x86)\ESET
2016-03-01 14:12 - 2016-03-21 11:00 - 00318152 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
2016-03-01 11:30 - 2016-03-01 11:30 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Sophos
2016-03-01 11:29 - 2016-03-01 11:29 - 00000000 ____D C:\Program Files (x86)\Sophos
2016-03-01 11:29 - 2016-03-01 11:29 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Sophos
2016-03-01 11:13 - 2016-03-01 11:13 - 00000000 __SHD C:\Documents and Settings\Administrator\IETldCache
2016-03-01 11:12 - 2016-03-21 10:00 - 00321096 _____ C:\WINDOWS\ntbtlog.txt
2016-03-01 10:59 - 2016-03-21 13:44 - 00000000 ____D C:\virus
2016-03-01 10:46 - 2016-03-01 11:08 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\HitmanPro
2016-03-01 10:21 - 2016-03-01 10:31 - 00000000 ____D C:\AdwCleaner
2016-03-01 08:28 - 2016-03-01 08:28 - 00000000 ____D C:\Program Files (x86)\GoogelTalk
2016-02-29 22:56 - 2007-02-18 06:00 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\p.exe
2016-02-29 15:57 - 2016-02-29 15:57 - 00040382 _____ C:\Documents and Settings\Administrator.SPARTEK\Desktop\Test Page.pdf
2016-02-29 15:57 - 2016-02-29 15:57 - 00000000 ____D C:\Documents and Settings\Administrator.SPARTEK\Application Data\PDF Writer
2016-02-29 15:56 - 2016-03-01 11:11 - 00065536 _____ C:\WINDOWS\system32\config\Bullzip PDF Printer.evt
2016-02-29 15:56 - 2016-02-29 15:56 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Bullzip
2016-02-29 15:56 - 2016-02-29 15:56 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\PDF Writer
2016-02-29 15:56 - 2014-11-19 11:45 - 00228352 _____ (Bullzip) C:\WINDOWS\SysWOW64\bzFlRdr.dll
2016-02-29 15:56 - 2013-09-01 04:59 - 01103872 _____ C:\WINDOWS\SysWOW64\CBLCtlsU.ocx
2016-02-29 15:56 - 2013-07-13 04:15 - 00805376 _____ C:\WINDOWS\SysWOW64\EditCtlsU.ocx
2016-02-29 15:56 - 2013-07-12 14:57 - 00539648 _____ C:\WINDOWS\SysWOW64\LblCtlsU.ocx
2016-02-29 15:56 - 2013-04-05 05:55 - 00476160 _____ C:\WINDOWS\SysWOW64\TabStripCtlU.ocx
2016-02-29 15:56 - 2013-03-28 15:13 - 00645632 _____ C:\WINDOWS\SysWOW64\BtnCtlsU.ocx
2016-02-29 15:56 - 2013-03-03 06:37 - 01061888 _____ C:\WINDOWS\SysWOW64\ExLvwU.ocx
2016-02-29 15:56 - 2008-07-09 11:45 - 00103424 _____ (Bullzip) C:\WINDOWS\SysWOW64\bzDCT.dll
2016-02-29 15:42 - 2016-02-29 15:56 - 00000000 ____D C:\Program Files\Bullzip
2016-02-29 15:19 - 2016-02-29 15:46 - 00000000 ____D C:\Program Files\gs
2016-02-29 15:16 - 2016-02-29 15:56 - 00000000 ____D C:\Program Files\Common Files\Bullzip
2016-02-29 15:14 - 2016-02-29 15:14 - 00000000 ____D C:\Program Files (x86)\gs
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-29 14:08 - 2010-06-30 14:43 - 00000000 ____D C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Temp
2016-03-29 14:06 - 2010-06-30 14:42 - 00000112 _____ C:\WINDOWS\system32\config\netlogon.ftl
2016-03-29 13:27 - 2010-06-30 11:14 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Temp
2016-03-29 07:02 - 2010-07-06 14:24 - 00000276 _____ C:\WINDOWS\Tasks\backuptofileserver.job
2016-03-29 07:02 - 2010-07-06 13:48 - 00000000 ____D C:\SQLBackup
2016-03-29 03:52 - 2010-06-30 04:43 - 00000000 ____D C:\WINDOWS\security
2016-03-24 09:02 - 2010-06-30 04:50 - 00695952 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-24 03:18 - 2010-06-30 04:49 - 00000000 ____D C:\Documents and Settings\All Users
2016-03-24 03:17 - 2010-07-13 15:16 - 00000000 ____D C:\FLEXlm
2016-03-24 03:17 - 2010-06-30 11:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-24 03:17 - 2007-02-18 06:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-03-24 03:15 - 2010-06-30 14:43 - 00000178 ___SH C:\Documents and Settings\Administrator.SPARTEK\ntuser.ini
2016-03-24 03:15 - 2010-06-30 11:14 - 00032378 _____ C:\WINDOWS\Tasks\SchedLgU.Txt
2016-03-23 14:55 - 2010-06-30 04:43 - 00000000 ____D C:\WINDOWS\inf
2016-03-22 13:59 - 2010-06-30 04:43 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2016-03-21 10:01 - 2010-06-30 12:09 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2016-03-09 04:04 - 2013-07-31 10:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-09 04:00 - 2010-07-12 14:58 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-02 17:53 - 2010-07-29 13:57 - 00000000 ____D C:\WINDOWS\Minidump
2016-03-02 17:53 - 2010-06-30 04:43 - 163893248 _____ C:\WINDOWS\MEMORY.DMP
2016-03-02 17:50 - 2011-07-14 14:26 - 00524288 _____ C:\WINDOWS\system32\config\MAPPSLog.evt
2016-03-02 16:01 - 2014-01-28 19:36 - 00380416 _____ C:\Documents and Settings\Administrator.SPARTEK\Desktop\gmer.exe
2016-03-01 16:35 - 2010-06-30 14:43 - 00000000 ___RD C:\Documents and Settings\Administrator.SPARTEK\My Documents
2016-03-01 11:13 - 2010-06-30 12:09 - 00000000 ____D C:\Documents and Settings\Administrator
2016-03-01 11:05 - 2010-06-30 04:49 - 00000000 ____D C:\Documents and Settings
2016-02-29 22:59 - 2010-06-30 04:43 - 00000000 ____D C:\WINDOWS\SysWOW64\ias
2016-02-29 22:55 - 2010-06-30 04:43 - 00000000 ____D C:\WINDOWS\SysWOW64\1025
 
==================== Files in the root of some directories =======
 
2015-02-05 22:20 - 2015-02-05 22:20 - 0000000 _____ () C:\Program Files (x86)\GUM6F.tmp
2016-03-01 14:36 - 2016-03-01 14:36 - 0249638 _____ () C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\ars.cache
2016-03-01 14:37 - 2016-03-01 14:37 - 0538295 _____ () C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\census.cache
2016-03-01 14:12 - 2016-03-01 14:12 - 0000036 _____ () C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\housecall.guid.cache
 
Some files in TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\Temp\keystone.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\nvAppBar.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\nview.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\nView64.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\nViewSetup.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\nvnt4cpl.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\nvShell.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\nvTaskBar.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\nvwdmcpl.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\nvwimg.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\nvwimg64.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSAR.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSCS.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSDA.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSDE.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSEL.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSENG.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSENU.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSES.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSESM.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSFI.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSFR.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSHE.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSHU.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSIT.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSJA.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSKO.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSNL.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSNO.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSPL.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSPT.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSPTB.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSRU.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSSK.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSSL.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSSV.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSTH.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSTR.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSZHC.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\NVWRSZHT.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\nwiz.exe
C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Temp\avg-a0757d76-94d5-4b04-bb20-f171cb655c72.exe
C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Temp\hdinst_x64.exe
C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Temp\HitmanPro.exe
C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Temp\JJLWX.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe IS MISSING <==== ATTENTION
C:\WINDOWS\SysWOW64\wininit.exe IS MISSING <==== ATTENTION
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION
 
 
ATTENTION: ==> Could not access BCD. 
 
==================== End of FRST.txt ============================Attached File  Addition.txt   24.38KB   2 downloads

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Administrator (2016-03-29 14:08:22)
Running from C:\Documents and Settings\Administrator.SPARTEK\My Documents\Downloads
Microsoft Windows Server 2003 R2 Service Pack 2 (X64) (2010-06-30 17:14:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2974353065-3799659716-2841874006-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-2974353065-3799659716-2841874006-1004 - Limited - Enabled)
Guest (S-1-5-21-2974353065-3799659716-2841874006-501 - Limited - Enabled)
SQLDebugger (S-1-5-21-2974353065-3799659716-2841874006-1003 - Limited - Enabled)
SUPPORT_388945a0 (S-1-5-21-2974353065-3799659716-2841874006-1001 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader 9.5.3 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.3 - Adobe Systems Incorporated)
AVG (HKLM\...\AVG) (Version: 3544 - AVG Technologies)
AVG 2013 (Version: 13.0.3553 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.4447 - AVG Technologies) Hidden
Bullzip PDF Printer 10.23.0.2529 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.23.0.2529 - Bullzip)
CDVI Group (Centaur Access Control System - Version 5.1.0.27) (HKLM-x32\...\{EBEA39A2-7F96-4D4B-88A0-273036C5C40F}) (Version: 5.1.0.27 - CDVI Group)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FLEXlm for Metrowerks Tools V1.4.0001 (HKLM-x32\...\{BD0ACA67-47E4-4534-B6BF-290705C2D98E}) (Version: 1.4.0001 - )
Google Chrome (HKU\S-1-5-21-2266730830-467084628-1831518713-500\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Hardlock Device Drivers (HKLM-x32\...\Hardlock Device Drivers) (Version: - )
Mabry BarCod (HKLM-x32\...\Mabry BarCod) (Version: 1.80.001 - Mabry Software, Inc.)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
Malwarebytes Anti-Malware version 1.62.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.62.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Security Essentials Prerelease (HKLM\...\Microsoft Security Client) (Version: 4.8.203.0 - Microsoft Corporation)
Microsoft Speech SDK 5.1 (HKLM-x32\...\{A403D88E-ED7D-48E3-91FD-B8C8A720EDA1}) (Version: 5.1.4324.0 - Microsoft)
Microsoft SQL Server 2000 (SERVER10DB) (HKLM-x32\...\Microsoft SQL Server 2000 (SERVER10DB)) (Version: 8.00.760 - Microsoft)
Microsoft SQL Server Desktop Engine (HKLM-x32\...\{E09B48B5-E141-427A-AB0C-D3605127224A}) (Version: 8.00.761 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 32.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 en-US)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 6 Service Pack 2 (KB2957482) (HKLM\...\{A4F464A5-9DAC-44B6-A78C-E25C5BB97B25}) (Version: 6.20.2017.0 - Microsoft Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5721 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.61.39 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\NVIDIA nView Desktop Manager) (Version: 6.14.10.13518 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B83FC356-B7C0-441F-8A4D-D71E088E7974}) (Version: 9.09.0428 - NVIDIA Corporation)
OCS Inventory NG Agent 2.0.2.0 (HKLM-x32\...\OCS Inventory NG Agent) (Version: 2.0.2.0 - OCS Inventory NG Team)
SanityCheck 3.50 (HKLM\...\SanityCheck_is1) (Version: - Resplendence Software Projects Sp.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.5 - Sophos Limited)
Update for Windows Internet Explorer 8 (KB3074886) (HKLM\...\KB3074886-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB982632) (HKLM\...\KB982632-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Server 2003 (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows Server 2003 (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows Server 2003 (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows Server 2003 (KB2661254) (HKLM\...\KB2661254) (Version: 1 - Microsoft Corporation)
Update for Windows Server 2003 (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows Server 2003 (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows Server 2003 (KB2748349) (HKLM\...\KB2748349) (Version: 1 - Microsoft Corporation)
Update for Windows Server 2003 (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows Server 2003 (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows Server 2003 (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows Server 2003 (KB2981580) (HKLM\...\KB2981580) (Version: 1 - Microsoft Corporation)
Update for Windows Server 2003 (KB2993651) (HKLM\...\KB2993651) (Version: 1 - Microsoft Corporation)
Update for Windows Server 2003 (KB3065979) (HKLM\...\KB3065979) (Version: 1 - Microsoft Corporation)
Update for Windows Server 2003 (KB927891) (HKLM\...\KB927891) (Version: 5 - Microsoft Corporation)
Update for Windows Server 2003 (KB948496) (HKLM\...\KB948496) (Version: 1 - Microsoft Corporation)
Update for Windows Server 2003 (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows Server 2003 (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows Server 2003 (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows Server 2003 (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows Server 2003 (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows Server 2003 (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows Server 2003 (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Update for Windows Server 2003 (KB973825) (HKLM\...\KB973825) (Version: 1 - Microsoft Corporation)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140744 - Microsoft Corporation)
Windows Support Tools (HKLM-x32\...\{F07F0BCD-5C6D-4499-9F05-6ED747078A72}) (Version: 5.2.3790.1830 - Microsoft Corporation)
XnsActiveXCtl (HKLM-x32\...\{34AE3433-4DF5-491D-84EA-54B4277DD295}) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2266730830-467084628-1831518713-500_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2266730830-467084628-1831518713-500_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Update\1.3.25 (the data entry has 27 more characters).
CustomCLSID: HKU\S-1-5-21-2266730830-467084628-1831518713-500_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2266730830-467084628-1831518713-500_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2266730830-467084628-1831518713-500_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Update\1.3.23 (the data entry has 27 more characters).
CustomCLSID: HKU\S-1-5-21-2266730830-467084628-1831518713-500_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2266730830-467084628-1831518713-500_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Chrome\Application\48.0.2564.116\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2266730830-467084628-1831518713-500_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2266730830-467084628-1831518713-500_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Update\1.3.24 (the data entry has 28 more characters).
CustomCLSID: HKU\S-1-5-21-2266730830-467084628-1831518713-500_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Update\1.3.26 (the data entry has 27 more characters).
CustomCLSID: HKU\S-1-5-21-2266730830-467084628-1831518713-500_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Update\1.3.29 (the data entry has 27 more characters).
CustomCLSID: HKU\S-1-5-21-2266730830-467084628-1831518713-500_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Update\1.3.25 (the data entry has 28 more characters).
CustomCLSID: HKU\S-1-5-21-2266730830-467084628-1831518713-500_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2266730830-467084628-1831518713-500_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2266730830-467084628-1831518713-500_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Update\1.3.24 (the data entry has 27 more characters).

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AVG_SYS_TASK_0216pit.job => C:\Documents and Settings\All Users\Application Data\Avg_Update_0216pit\AVG-Secure-Search-Update_0216pit.exe
Task: C:\WINDOWS\Tasks\AVG_SYS_TASK_0216pit_DELETE.job => C:\Documents and Settings\All Users\Application Data\Avg_Update_0216pit\AVG-Secure-Search-Update_0216pit.exe
Task: C:\WINDOWS\Tasks\backuptofileserver.job => C:\batch files\backuptofileserver.bat
Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => c:\Program Files\Microsoft Security Client\MpCmdRun.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2011-09-29 10:19 - 2011-09-29 10:19 - 00067584 _____ () C:\Program Files (x86)\OCS Inventory Agent\zlib1.dll
2010-07-13 15:16 - 2003-09-26 18:26 - 00745472 _____ () C:\FLEXlm\metrowks.exe
2010-06-30 15:49 - 2002-12-17 16:24 - 00385612 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\Repostry\repbrui.dll
2010-06-30 15:49 - 2000-07-07 15:43 - 00069632 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\Repostry\Resources\1033\REPBRUI.rll
2010-06-30 15:49 - 2002-12-17 16:25 - 01233484 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\Repostry\repodbc.dll
2010-06-30 15:49 - 2000-08-06 01:51 - 00417887 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\Repostry\repbr.dll
2010-07-12 11:32 - 2010-03-19 08:33 - 00032768 _____ () C:\Program Files (x86)\Common Files\Centaur\spxsvrps.dll
2007-02-18 06:00 - 2007-02-18 06:00 - 00061440 _____ () C:\WINDOWS\SysWOW64\devenum.dll
2007-02-18 06:00 - 2007-02-18 06:00 - 00023040 _____ () C:\WINDOWS\system32\msdmo.dll
2015-07-27 15:43 - 2014-02-10 13:44 - 04592128 _____ () C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2015-07-27 15:43 - 2014-02-10 13:44 - 00112128 _____ () C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2016-02-22 15:42 - 2016-02-17 22:15 - 16808600 _____ () C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\32229747.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wd.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\32229747.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2007-02-18 06:00 - 2007-02-18 06:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2266730830-467084628-1831518713-500\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.31
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: ) (ConsentPromptBehaviorUser: ) (EnableLUA: )
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.
bfe => Firewall Service is not running.
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe] => Enabled:AVG Diagnostics 2013
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe] => Enabled:AVG Installer
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe] => Enabled:AVG Remote Administration
DomainProfile\GloballyOpenPorts: [1400:TCP] => Enabled:MAPPS Port
DomainProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002

==================== Restore Points =========================

ATTENTION: System Restore is disabled
Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============

Name: Audio Device on High Definition Audio Bus
Description: Audio Device on High Definition Audio Bus
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Other PCI Bridge Device
Description: Other PCI Bridge Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/29/2016 01:34:24 PM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 1 => Generic Agent error)>.

Error: (03/28/2016 09:02:50 PM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 1 => Generic Agent error)>.

Error: (03/28/2016 04:01:03 PM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 1 => Generic Agent error)>.

Error: (03/28/2016 02:09:31 PM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 1 => Generic Agent error)>.

Error: (03/28/2016 02:09:21 PM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 1 => Generic Agent error)>.

Error: (03/27/2016 09:27:16 PM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 1 => Generic Agent error)>.

Error: (03/27/2016 08:55:08 PM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 1 => Generic Agent error)>.

Error: (03/27/2016 10:16:16 AM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 1 => Generic Agent error)>.

Error: (03/26/2016 07:07:31 PM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 1 => Generic Agent error)>.

Error: (03/26/2016 06:19:38 AM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 1 => Generic Agent error)>.


System errors:
=============
Error: (03/29/2016 01:27:41 PM) (Source: Microsoft Antimalware) (EventID: 2041) (User: )
Description: The support for your operating system has expired. Running %%860 on an out of support operating system is not an adequate solution to protect against threats.

Error: (03/29/2016 11:27:41 AM) (Source: Microsoft Antimalware) (EventID: 2041) (User: )
Description: The support for your operating system has expired. Running %%860 on an out of support operating system is not an adequate solution to protect against threats.

Error: (03/29/2016 09:27:42 AM) (Source: Microsoft Antimalware) (EventID: 2041) (User: )
Description: The support for your operating system has expired. Running %%860 on an out of support operating system is not an adequate solution to protect against threats.

Error: (03/29/2016 07:28:06 AM) (Source: Microsoft Antimalware) (EventID: 2041) (User: )
Description: The support for your operating system has expired. Running %%860 on an out of support operating system is not an adequate solution to protect against threats.

Error: (03/29/2016 05:29:00 AM) (Source: Microsoft Antimalware) (EventID: 2041) (User: )
Description: The support for your operating system has expired. Running %%860 on an out of support operating system is not an adequate solution to protect against threats.

Error: (03/29/2016 05:29:00 AM) (Source: Microsoft Antimalware) (EventID: 2041) (User: )
Description: The support for your operating system has expired. Running %%860 on an out of support operating system is not an adequate solution to protect against threats.

Error: (03/29/2016 05:28:06 AM) (Source: Microsoft Antimalware) (EventID: 2041) (User: )
Description: The support for your operating system has expired. Running %%860 on an out of support operating system is not an adequate solution to protect against threats.

Error: (03/29/2016 03:34:04 AM) (Source: Microsoft Antimalware) (EventID: 2041) (User: )
Description: The support for your operating system has expired. Running %%860 on an out of support operating system is not an adequate solution to protect against threats.

Error: (03/29/2016 03:29:04 AM) (Source: Microsoft Antimalware) (EventID: 2041) (User: )
Description: The support for your operating system has expired. Running %%860 on an out of support operating system is not an adequate solution to protect against threats.

Error: (03/29/2016 03:29:04 AM) (Source: Microsoft Antimalware) (EventID: 2041) (User: )
Description: The support for your operating system has expired. Running %%860 on an out of support operating system is not an adequate solution to protect against threats.


==================== Memory info ===========================

Processor: AMD Athlon™ II X2 250 Processor
Percentage of memory in use: 80%
Total physical RAM: 3839.01 MB
Available physical RAM: 745.2 MB
Total Virtual: 5652.18 MB
Available Virtual: 2637.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:596.16 GB) (Free:244.47 GB) NTFS
Drive d: (Win2003x64) (CDROM) (Total:0.61 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 596.2 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=596.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Edited by Oh My!, 29 March 2016 - 05:23 PM.


#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:45 PM

Posted 29 March 2016 - 05:35 PM

Thank you Martin.

I would like to gather some additional information before taking any proactive steps.

Please do this.

===================================================

Virustotal Online Virus Scanner

--------------------
  • Please go to Virustotal
  • Select Choose File
  • Navigate to the following file (if multiple files then one at a time), double click on it so the file name is populated, then click Scan it!
  • IMPORTANT! If the file is listed as already analyzed, click on Reanalyse file now button.

C:\windows\Ouie.exe
C:\WINDOWS\SysWOW64\p.exe
C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Temp\JJLWX.exe

  • Once completed, highlight the information in the address bar and copy then paste the link in your reply
virustotal.jpg

===================================================

SystemLook by jpshortstuff

--------------------
  • Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1
Download Mirror #2
Download Mirror #3 For 64-bit users

  • Double-click SystemLook.exe to run it.
  • Vista and above:: Right click on SystemLook.exe, click Run As Administrator
  • Copy the content of the following codebox into the main textfield:
:filefind
istt.exe
dvft.log
dw.log
igg.zip
:folderfind
mst
gthrsvc
7zs66*
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Virustotal links
  • SystemLook log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#7 martinswain

martinswain
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:45 PM

Posted 30 March 2016 - 12:11 PM

Hi Gary,

  Here are the results of the scans you requested. I couldn't scan the Ouie.exe file, it wasn't in the Windows directory. I searched the entire drive but it's not there. 

 

Thanks & Regards,

Martin

 

Virustotal scan for c:\windows\Ouie.exe 

- could not locate file, searched the c drive entirely

 

Virustotal scan for c:\windows\wow64\p.exe

https://www.virustotal.com/en/file/ae1ab894d2311bb489d3b9cf5c462d126fa66d38b1f71036c7250b28b2ab4159/analysis/1459356429/

 

VIrustotal scan for c:\documents and settings\administrator.spartek\temp\JJLWX.exe

https://www.virustotal.com/en/file/4f41e3626c530e4bfcb14d075548084646bb7fb98d6bda4765e9a4187d5b12f4/analysis/1459356754/

Here is the result from systemlook. I changed the filename of one of the files, I gave you wrong one to start with, it's dfvt rather than dvft

 

SystemLook 30.07.11 by jpshortstuff
Log created at 11:03 on 30/03/2016 by Administrator
Administrator - Elevation successful
 
========== filefind ==========
 
Searching for "istt.exe"
C:\WINDOWS\Temp\istt.exe --a---- 3026227 bytes [05:00 22/03/2016] [05:00 23/03/2016] D46498B4D373C71BDC18E9A089C31880
 
Searching for "dfvt.log"
C:\WINDOWS\Temp\dfvt.log --a---- 56 bytes [05:00 22/03/2016] [05:00 30/03/2016] A558E45AC2CA7A2B3B7B850BBAA1C393
 
Searching for "dw.log"
C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Temp\dw.log --a---- 80 bytes [17:04 21/03/2016] [17:04 21/03/2016] 628A6388283B409052BF9E2E434ED06D
C:\WINDOWS\Temp\dw.log --a---- 80 bytes [17:04 21/03/2016] [17:04 21/03/2016] 863BBB1FB4A82A44B4A9344D00FBDF9A
 
Searching for "igg.zip"
C:\WINDOWS\Temp\igg.zip --a---- 10347 bytes [05:00 23/03/2016] [05:00 23/03/2016] 9C2ECE6AFF6BFBB91E4B5BBE66FC4E93
 
========== folderfind ==========
 
Searching for "mst"
C:\WINDOWS\Temp\mst d------ [05:00 23/03/2016]
 
Searching for "gthrsvc"
C:\WINDOWS\Temp\gthrsvc d------ [09:18 24/03/2016]
 
Searching for "7zs66*"
C:\WINDOWS\Temp\7zS66.tmp d------ [20:58 23/03/2016]
 
-= EOF =-
 
 


 



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:45 PM

Posted 30 March 2016 - 02:29 PM

Thank you Martin,

One more step to gather info.

===================================================

SystemLook by jpshortstuff

--------------------
  • Right-click SystemLook.exe and select Run as administrator...
  • Copy the content of the following codebox into the main textfield:
:dir
C:\WINDOWS\Temp\mst /s
C:\WINDOWS\Temp\gthrsvc /s
C:\WINDOWS\Temp\7zS66.tmp /s
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • SystemLook report

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#9 martinswain

martinswain
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:45 PM

Posted 30 March 2016 - 02:44 PM

Hi Gary,

  Here are the results of the scan. 

 

Thanks, 

 

Martin

 

 

SystemLook 30.07.11 by jpshortstuff
Log created at 13:43 on 30/03/2016 by Administrator
Administrator - Elevation successful
 
========== dir ==========
 
C:\WINDOWS\Temp\mst - Parameters: "/s"
 
---Files---
None found.
 
No folders found.
 
C:\WINDOWS\Temp\gthrsvc - Parameters: "/s"
 
---Files---
None found.
 
No folders found.
 
C:\WINDOWS\Temp\7zS66.tmp - Parameters: "/s"
 
---Files---
None found.
 
No folders found.
 
-= EOF =-


#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:45 PM

Posted 30 March 2016 - 03:01 PM

Thanks Martin.

Please do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it as fixlist.txt in the same location/folder as FRST.exe (<<<Important)
C:\WINDOWS\Temp\istt.exe
C:\WINDOWS\Temp\dfvt.log
C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Temp\dw.log
C:\WINDOWS\Temp\dw.log
C:\WINDOWS\Temp\igg.zip
C:\WINDOWS\Temp\mst
C:\WINDOWS\Temp\gthrsvc
C:\WINDOWS\Temp\7zS66.tmp
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Update on system behavior

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#11 martinswain

martinswain
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:45 PM

Posted 30 March 2016 - 03:15 PM

Hi Gary,
  I did that, here is the log. Amazingly, those files & folders are not reappearing. 
 
Martin
 
Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Administrator (2016-03-30 14:07:02) Run:1
Running from C:\Documents and Settings\Administrator.SPARTEK\Desktop\New Folder
Loaded Profiles: Administrator (Available Profiles: Administrator & Administrator)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
C:\WINDOWS\Temp\istt.exe
C:\WINDOWS\Temp\dfvt.log
C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Temp\dw.log
C:\WINDOWS\Temp\dw.log
C:\WINDOWS\Temp\igg.zip
C:\WINDOWS\Temp\mst
C:\WINDOWS\Temp\gthrsvc
C:\WINDOWS\Temp\7zS66.tmp
*****************
 
C:\WINDOWS\Temp\istt.exe => moved successfully
C:\WINDOWS\Temp\dfvt.log => moved successfully
C:\Documents and Settings\Administrator.SPARTEK\Local Settings\Temp\dw.log => moved successfully
C:\WINDOWS\Temp\dw.log => moved successfully
C:\WINDOWS\Temp\igg.zip => moved successfully
C:\WINDOWS\Temp\mst => moved successfully
C:\WINDOWS\Temp\gthrsvc => moved successfully
C:\WINDOWS\Temp\7zS66.tmp => moved successfully
 
==== End of Fixlog 14:06:59 ====


#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:45 PM

Posted 30 March 2016 - 03:21 PM

Hi Martin,

That is encouraging. Usually I would run a couple of follow up programs, one an online scan and the other to check for system vulnerabilities but given our circumstances I will leave that up to you. I am simply not familiar enough with Server 2003.

I would like to give it a day and see how we do. Please touch base tomorrow, or sooner if you have an issue, and we will go from there. Does that sound OK with you?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#13 martinswain

martinswain
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:45 PM

Posted 30 March 2016 - 03:30 PM

Hi Gary,

  Sound good, thanks for your help! I had thought there was some process running that was making those files and folders reappear when I deleted them, but I guess not.

  I will post tomorrow with an update, either way. 

 

Thanks again,

 

Martin



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:45 PM

Posted 30 March 2016 - 06:38 PM

Hi Martin,

Something had to be recreating them. The only thing I can find that may have been causing it is:

C:\WINDOWS\Temp\istt.exe

Hopefully we have solved it for good.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#15 martinswain

martinswain
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:45 PM

Posted 31 March 2016 - 09:54 AM

Hi Martin,

Something had to be recreating them. The only thing I can find that may have been causing it is:

C:\WINDOWS\Temp\istt.exe

Hopefully we have solved it for good.

 Hi Gary,

  Looks like maybe not. There may still be something running; the file called dfvt.log reappeared overnight. It has a timestamp of 11:00 P.M., which is common amongst these occurences. None of the other files or folders reappeared though, so I think the virus or whatever is mostly broken.

  I have some ideas. I don't want to say what they are but I will post afterwards and let you know what I did and how it worked out.

 

Thanks & Regards,

 

Martin






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users