Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Mariofev.A - Orsam!rts - Yaludle.D - Dunik!rts - Trafog!rt


  • This topic is locked This topic is locked

#1
gvnaz

gvnaz

    Member

  • Member
  • PipPip
  • 66 posts
i am helping out my church with a secretary's computer and as soon as i sat down i saw that Mcafee was turned off. if internet explorer was clicked it would start and then the window would close just a few seconds later. i installed Malwarebytes from my thumbdrive and updated and scanned with that. it found about 34 different things and i let it clean those.

i then used MCPR.exe to completely remove Mcafee. that happened with no problems.
i then installed Microsoft Security Essentials from my thumbdrive. i updated MSE and it immediately popped up an alert for several worms/trojans that it wanted to clean. i OKed the cleaning and then it wanted to restart. i OKed that and then the comp would no longer boot.

i put in an XP Home CD and ran a repair install which went well. and i was able to boot up again without losing any of the church's files. however, now i am back to XP Home with no Service Packs and IE will not run so Windows update wont start. from my research this is because of having no Service Pack and IE not being compatible with the older version of XP. i am downloading the standalone XP SP3 to see if i can install that way.

as soon as it came back i ran another Mbam scan and it found 3 more infections and i let it clean those.
i then ran a quick MSE scan and it found these:

Adware:Win32/OpenCandy  - Removed
Trojan:Win32/Orsam!rts - Quarantined
Virus:Win32/Mariofev.A - Quarantined
Virus:Win32/Mariofev.A - Quarantined
Virus:Win32/Mariofev.A - Quarantined
PWS:Win32/Yaludle.D - Removed
TrojanDropper:Win32/Dunik!rts - Quarantined
Trojan:Win32/Trafog!rts - Quarantined
Virus:Win32/Mariofev.A - Allowed
TrojanDropper:Win32/Dunik!rts - Quarantined
Trojan:Win32/Malagent - Quarantined
TrojanDropper:Win32/Dunik!rts - Quarantined

somehow 3 of the Mariofev.A infections are Quarantined and 1 is allowed. not sure how it allowed 1 to continue.
anyway, this is where i am now. MSE is updated and will scan but is 'off' and says that 'real time protection is turned off, you should turn it on'.
when i click to turn it on, i get this error.
Security Essentials couldn't turn on real-time protection
This operation returned because the timeout period expired.
Error code:0x800705b4

i am trying to talk them into just letting me wipe the HDD and reinstall Windows but they want to take a week or two and make sure that they have everything backed up. so im trying to get it all cleaned up as a stopgap measure so it will be able to limp along for a little while. TIA!

here is OTL.Txt
OTL logfile created on: 5/19/2011 12:06:15 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\es\My Documents\Downloads
Windows XP Home Edition (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2600.0000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 117.00 Mb Available Physical Memory | 23.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.97 Gb Total Space | 12.20 Gb Free Space | 17.20% Space Free | Partition Type: NTFS
Drive E: | 483.00 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 57.23 Gb Total Space | 37.72 Gb Free Space | 65.92% Space Free | Partition Type: FAT32
Drive G: | 1.87 Gb Total Space | 1.57 Gb Free Space | 83.65% Space Free | Partition Type: FAT32

Computer Name: ERIC | User Name: es | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/19 12:01:41 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\es\My Documents\Downloads\OTL.exe
PRC - [2011/03/18 10:53:06 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2007/02/15 19:01:26 | 000,336,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\WgaTray.exe
PRC - [2007/01/04 14:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2004/07/30 15:47:36 | 000,069,632 | ---- | M] (Dantz Development Corporation) -- C:\Program Files\Dantz\Retrospect Express HD\retrorun.exe
PRC - [2004/05/21 01:30:02 | 000,074,240 | ---- | M] (Cypherix) -- C:\WINDOWS\SYSTEM32\ssoftsrv.exe
PRC - [2001/08/18 05:00:00 | 001,000,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/05/19 12:01:41 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\es\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2004/07/30 15:47:36 | 000,069,632 | ---- | M] (Dantz Development Corporation) [Auto | Running] -- C:\Program Files\Dantz\Retrospect Express HD\retrorun.exe -- (RetroExpLauncher)
SRV - [2004/05/21 01:30:02 | 000,074,240 | ---- | M] (Cypherix) [Auto | Running] -- C:\WINDOWS\System32\ssoftsrv.exe -- (ssoftservice)
SRV - [2003/03/03 11:33:40 | 000,143,360 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)
SRV - [2001/08/18 05:00:00 | 000,047,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SYSTEM32\mspmspsv.dll -- (WmdmPmSp)


========== Driver Services (SafeList) ==========

DRV - [2006/01/23 18:19:28 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\PalmUSBD.sys -- (PalmUSBD)
DRV - [2004/10/07 10:21:22 | 000,015,360 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mxopswd.sys -- (MXOPSWD)
DRV - [2004/09/29 02:02:00 | 000,016,752 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctpdusb2.sys -- (Jukebox)
DRV - [2004/08/03 22:29:26 | 000,701,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2004/05/21 01:30:02 | 000,114,944 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssoftnt4.sys -- (ssoftnt4)
DRV - [2003/10/10 04:23:48 | 000,032,640 | ---- | M] (Cypress Semiconductor) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\MXOFX.SYS -- (MXOFX) USB Storage Adapter FX (MXO)
DRV - [2003/03/13 13:23:28 | 000,019,712 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mxofwfp.sys -- (MaxtorFrontPanel1)
DRV - [2002/11/08 11:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/10/01 10:22:32 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pfc.sys -- (pfc)
DRV - [2001/10/16 13:48:30 | 000,051,072 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EUSBMSD.SYS -- (EUSBMSD)
DRV - [2001/08/17 12:49:58 | 000,018,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2001/08/17 12:49:54 | 000,012,160 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2001/08/17 12:49:50 | 000,023,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2001/08/17 12:49:46 | 000,031,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2001/08/17 12:49:36 | 000,019,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2001/08/17 12:49:34 | 000,029,440 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2001/08/17 12:49:32 | 000,012,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2001/08/17 12:49:26 | 000,012,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2001/08/17 12:49:22 | 000,012,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2001/08/17 12:49:18 | 000,138,240 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gvnaz.org/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://search.condui...&ctid=CT2399412
IE - HKCU\..\URLSearchHook: {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\prxtbFre0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.gvnaz.org/"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/19 11:19:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/05/18 17:39:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\es\Application Data\Mozilla\Extensions
[2011/05/19 11:57:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\es\Application Data\Mozilla\Firefox\Profiles\a5bmhej0.default\extensions
[2011/05/18 17:38:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ES\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\A5BMHEJ0.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/03/18 10:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2008/03/12 20:36:15 | 000,228,383 | R--- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 8011 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Free TV Bar c3 Toolbar) - {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\prxtbFre0.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Free TV Bar c3 Toolbar) - {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\prxtbFre0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM32\msdxm.ocx ()
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Free TV Bar c3 Toolbar) - {3EE8D0BE-F450-4EF2-97B9-AC2222D14DB3} - C:\Program Files\Free_TV_Bar_c3\prxtbFre0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O9 - Extra Button: @shdoclc.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\Web\related.htm ()
O9 - Extra 'Tools' menuitem : @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\Web\related.htm ()
O9 - Extra Button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: microsoft.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://bin.mcafee.co...,21/mcgdmgr.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINDOWS\SYSTEM32\msdxm.ocx ()
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\es\My Documents\My Pictures\Headers\Worship 1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\es\My Documents\My Pictures\Headers\Worship 1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 06:59:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/08/18 05:00:00 | 000,000,110 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2004/07/29 15:08:48 | 000,000,118 | ---- | M] () - F:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{35c77788-4898-11dd-8843-0011110facec}\Shell - "" = AutoRun
O33 - MountPoints2\{35c77788-4898-11dd-8843-0011110facec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{35c77788-4898-11dd-8843-0011110facec}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{a43d2d68-3f2a-11da-863f-0011110facec}\Shell\AutoRun\command - "" = I:\JDSecure\Windows\JDSecure31.exe
O33 - MountPoints2\{acef0274-23b4-11da-8637-0011110facec}\Shell\AutoRun\command - "" = H:\JDSecure\Windows\JDSecure31.exe
O33 - MountPoints2\{acef0275-23b4-11da-8637-0011110facec}\Shell\AutoRun\command - "" = I:\JDSecure\Windows\JDSecure31.exe
O33 - MountPoints2\{d6d94ace-f522-11d8-91d7-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{d6d94ace-f522-11d8-91d7-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d6d94ace-f522-11d8-91d7-806d6172696f}\Shell\AutoRun\command - "" = E:\SETUP.EXE -- [2001/08/18 05:00:00 | 001,310,720 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/19 12:05:08 | 000,112,640 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2011/05/19 12:05:08 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2011/05/19 12:05:07 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2011/05/19 12:05:06 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2011/05/19 12:04:47 | 000,148,992 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2011/05/19 12:04:47 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2011/05/19 12:04:36 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2011/05/19 12:04:29 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2011/05/19 12:04:22 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2011/05/19 12:04:22 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2011/05/19 12:04:22 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2011/05/19 12:04:20 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2011/05/19 12:04:19 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2011/05/19 12:04:17 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2011/05/19 12:04:16 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2011/05/19 12:04:12 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2011/05/19 12:04:10 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2011/05/19 12:04:10 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2011/05/19 12:04:09 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2011/05/19 12:04:05 | 000,031,359 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2011/05/19 12:03:58 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2011/05/19 12:03:58 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2011/05/19 12:03:51 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2011/05/19 12:03:51 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2011/05/19 12:03:51 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2011/05/19 12:03:51 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2011/05/19 12:03:50 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2011/05/19 12:03:50 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2011/05/19 12:03:45 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2011/05/19 12:03:40 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2011/05/19 12:03:40 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2011/05/19 12:03:39 | 000,077,184 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2011/05/19 12:03:37 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2011/05/19 12:03:37 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2011/05/19 12:01:56 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2011/05/19 12:01:55 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2011/05/19 12:01:48 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2011/05/19 12:01:47 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2011/05/19 12:01:47 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2011/05/19 12:01:46 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2011/05/19 12:01:42 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2011/05/19 12:01:18 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2011/05/19 12:01:17 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2011/05/19 12:01:16 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2011/05/19 12:01:15 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2011/05/19 12:01:15 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2011/05/19 12:01:05 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2011/05/19 12:01:05 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2011/05/19 12:01:05 | 000,066,121 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2011/05/19 12:01:04 | 000,031,232 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2011/05/19 12:00:48 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2011/05/19 12:00:48 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2011/05/19 12:00:48 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2011/05/19 12:00:47 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2011/05/19 12:00:37 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2011/05/19 12:00:36 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2011/05/19 12:00:36 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2011/05/19 12:00:32 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2011/05/19 12:00:32 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2011/05/19 12:00:32 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2011/05/19 12:00:32 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2011/05/19 12:00:31 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2011/05/19 12:00:31 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2011/05/19 12:00:31 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2011/05/19 12:00:31 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2011/05/19 12:00:30 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2011/05/19 12:00:29 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2011/05/19 12:00:28 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2011/05/19 12:00:27 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2011/05/19 12:00:27 | 000,024,576 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2011/05/19 12:00:20 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2011/05/19 12:00:17 | 000,075,008 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2011/05/19 12:00:16 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2011/05/19 12:00:15 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2011/05/19 12:00:03 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2011/05/19 12:00:03 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2011/05/19 11:59:53 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2011/05/19 11:59:53 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2011/05/19 11:59:53 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2011/05/19 11:59:51 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2011/05/19 11:59:31 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2011/05/19 11:59:30 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2011/05/19 11:59:29 | 000,045,993 | ---- | C] (FORE Systems, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2011/05/19 11:59:29 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2011/05/19 11:59:23 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2011/05/19 11:59:23 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2011/05/19 11:59:23 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2011/05/19 11:59:22 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2011/05/19 11:59:09 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2011/05/19 11:59:04 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2011/05/19 11:59:03 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2011/05/19 11:59:01 | 000,185,728 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2011/05/19 11:58:56 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2011/05/19 11:58:56 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2011/05/19 11:58:52 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2011/05/19 11:58:52 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2011/05/19 11:58:52 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2011/05/19 11:58:52 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2011/05/19 11:58:51 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2011/05/19 11:58:51 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2011/05/19 11:58:50 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2011/05/19 11:58:50 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2011/05/19 11:58:50 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2011/05/19 11:58:50 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2011/05/19 11:58:50 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2011/05/19 11:57:18 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2011/05/19 11:56:46 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2011/05/19 11:56:46 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2011/05/19 11:56:46 | 000,503,242 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2011/05/19 11:56:45 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2011/05/19 11:56:45 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2011/05/19 11:56:45 | 000,509,353 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2011/05/19 11:56:37 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2011/05/19 11:56:37 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2011/05/19 11:56:36 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2011/05/19 11:56:35 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2011/05/19 11:56:34 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2011/05/19 11:56:34 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2011/05/19 11:54:56 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2011/05/19 11:54:12 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2011/05/19 11:53:09 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2011/05/19 11:53:09 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2011/05/19 11:52:55 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2011/05/19 11:52:55 | 000,025,856 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2011/05/19 11:52:55 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2011/05/19 11:52:52 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2011/05/19 11:52:46 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2011/05/19 11:52:45 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2011/05/19 11:52:43 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2011/05/19 11:52:43 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2011/05/19 11:52:42 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2011/05/19 11:52:40 | 000,052,328 | ---- | C] (FORE Systems, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2011/05/19 11:52:33 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2011/05/19 11:52:32 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2011/05/19 11:52:32 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2011/05/19 11:51:46 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2011/05/19 11:51:41 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2011/05/19 11:51:35 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2011/05/19 11:51:34 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2011/05/19 11:51:34 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2011/05/19 11:51:33 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2011/05/19 11:51:33 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2011/05/19 11:51:33 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2011/05/19 11:51:33 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2011/05/19 11:51:31 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2011/05/19 11:51:25 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2011/05/19 11:51:25 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2011/05/19 11:51:23 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2011/05/19 11:51:14 | 000,046,848 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2011/05/19 11:51:13 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2011/05/19 11:51:13 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2011/05/19 11:51:13 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2011/05/19 11:51:13 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2011/05/19 11:51:13 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2011/05/19 11:51:13 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2011/05/19 11:51:12 | 000,246,272 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2011/05/19 11:51:09 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2011/05/19 11:50:58 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2011/05/19 11:50:52 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2011/05/19 11:50:38 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2011/05/19 11:50:38 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2011/05/19 11:50:38 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2011/05/19 11:50:38 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2011/05/19 11:50:37 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2011/05/19 11:50:35 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2011/05/19 11:50:35 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2011/05/19 11:50:34 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2011/05/19 11:50:34 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2011/05/19 11:50:33 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2011/05/19 11:50:33 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2011/05/19 11:50:19 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2011/05/19 11:50:19 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2011/05/19 11:50:19 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2011/05/19 11:50:19 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2011/05/19 11:50:19 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2011/05/19 11:50:18 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2011/05/19 11:50:18 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2011/05/19 11:50:18 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2011/05/19 11:50:17 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2011/05/19 11:50:17 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2011/05/19 11:50:16 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2011/05/19 11:50:16 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2011/05/19 11:50:16 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2011/05/19 11:50:16 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2011/05/19 11:50:16 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2011/05/19 11:50:15 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2011/05/19 11:50:15 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2011/05/19 11:50:15 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2011/05/19 11:50:13 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2011/05/19 11:50:11 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2011/05/19 11:50:11 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2011/05/19 11:50:11 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2011/05/19 11:50:10 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2011/05/19 11:50:10 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2011/05/19 11:50:10 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2011/05/19 11:50:10 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2011/05/19 11:50:01 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2011/05/19 11:49:56 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2011/05/19 11:49:55 | 000,126,976 | ---- | C] (Sierra Wireless Inc.) -- C:\WINDOWS\System32\dllcache\air300pp.dll
[2011/05/19 11:48:52 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2011/05/19 11:48:51 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2011/05/19 11:48:51 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2011/05/19 11:48:51 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2011/05/19 11:48:51 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2011/05/19 11:48:49 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2011/05/19 11:48:48 | 000,184,320 | ---- | C] (Sierra Wireless Inc.) -- C:\WINDOWS\System32\dllcache\ac300nd5.sys
[2011/05/19 11:48:47 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2011/05/19 11:48:46 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2011/05/19 11:48:46 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2011/05/19 11:48:45 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2011/05/19 11:48:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/05/19 11:30:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\es\Recent
[2011/05/18 17:38:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\es\Local Settings\Application Data\Mozilla
[2011/05/18 17:38:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\es\Application Data\Mozilla
[2011/05/18 17:37:58 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/05/18 17:23:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/05/18 17:17:31 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/05/18 17:17:31 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/05/18 17:17:31 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2011/05/18 17:15:27 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/05/18 17:07:45 | 000,405,504 | ---- | C] (Macromedia, Inc.) -- C:\WINDOWS\System32\dllcache\swflash.ocx
[2011/05/18 17:05:44 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2011/05/18 17:05:28 | 000,272,896 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2011/05/18 15:02:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/05/18 14:10:22 | 000,000,000 | ---D | C] -- C:\Program Files\Revo Uninstaller
[2011/05/18 14:10:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\es\Start Menu\Programs\Revo Uninstaller
[2011/05/18 14:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\es\Application Data\Malwarebytes
[2011/05/18 14:07:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/18 14:07:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/18 14:07:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/18 14:07:09 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/18 14:07:09 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/18 09:23:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2011/04/22 10:23:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\es\Desktop\New music words
[2011/01/14 13:16:38 | 000,462,112 | ---- | C] (How Inc.) -- C:\Program Files\Common Files\ZugoInstaller.exe
[2011/01/14 13:16:38 | 000,382,176 | ---- | C] (Visicom Media Inc. (License)) -- C:\Program Files\Common Files\PandaAntiPhising-FYTDL.exe
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[239 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2 C:\Documents and Settings\es\My Documents\*.tmp files -> C:\Documents and Settings\es\My Documents\*.tmp -> ]
[14 C:\Documents and Settings\es\Desktop\*.tmp files -> C:\Documents and Settings\es\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/19 11:33:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/19 11:31:33 | 534,827,008 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/19 11:31:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/05/19 11:27:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/18 17:39:21 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2011/05/18 17:38:12 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\es\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/18 17:38:12 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/05/18 17:26:55 | 000,000,737 | ---- | M] () -- C:\Documents and Settings\es\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/18 17:26:30 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/05/18 17:22:00 | 000,326,704 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/18 17:19:51 | 000,000,292 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/05/18 17:13:08 | 000,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2011/05/18 17:13:03 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/05/18 17:13:03 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/05/18 17:13:01 | 000,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2011/05/18 17:12:35 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011/05/18 17:06:51 | 000,023,444 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/05/18 17:06:22 | 000,383,126 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2011/05/18 17:06:22 | 000,054,276 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2011/05/18 17:05:32 | 000,000,535 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2011/05/18 17:04:43 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/05/18 15:02:40 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/05/18 11:41:01 | 000,000,338 | ---- | M] () -- C:\Documents and Settings\es\Desktop\Shortcut to public on Naz.lnk
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[239 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[2 C:\Documents and Settings\es\My Documents\*.tmp files -> C:\Documents and Settings\es\My Documents\*.tmp -> ]
[14 C:\Documents and Settings\es\Desktop\*.tmp files -> C:\Documents and Settings\es\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/19 12:05:08 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2011/05/19 12:05:07 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2011/05/19 11:53:09 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2011/05/19 11:53:09 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2011/05/19 11:53:08 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2011/05/19 11:53:08 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2011/05/19 11:53:07 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2011/05/19 11:51:34 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2011/05/19 11:51:34 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2011/05/19 11:51:34 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2011/05/19 11:50:05 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2011/05/19 11:50:04 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2011/05/19 11:50:04 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2011/05/19 11:50:04 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2011/05/19 11:50:04 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2011/05/19 11:50:04 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2011/05/19 11:50:04 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2011/05/19 11:50:04 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2011/05/19 11:50:03 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2011/05/19 11:50:02 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2011/05/18 17:39:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/05/18 17:38:12 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\es\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/18 17:38:12 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/05/18 17:38:10 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/05/18 17:21:58 | 534,827,008 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/18 17:17:18 | 000,294,975 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2011/05/18 17:16:35 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/05/18 17:16:22 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011/05/18 17:16:21 | 000,196,662 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2011/05/18 17:16:19 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/05/18 17:16:06 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011/05/18 17:16:01 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/05/18 17:15:31 | 000,299,069 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011/05/18 17:13:37 | 000,003,144 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srgb.icm
[2011/05/18 17:07:35 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2011/05/18 17:07:32 | 000,004,639 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2011/05/18 16:52:22 | 000,007,100 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2011/05/18 16:52:22 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/05/18 16:52:21 | 001,761,253 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2011/05/18 16:52:21 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/05/18 16:52:21 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/05/18 16:52:21 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011/05/18 16:52:21 | 000,031,136 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2011/05/18 16:52:21 | 000,013,608 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2011/05/18 16:52:21 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/05/18 16:52:21 | 000,010,024 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2011/05/18 16:52:21 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/05/18 16:52:20 | 000,379,415 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2011/05/18 15:02:40 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/05/18 15:02:15 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2010/02/10 04:23:25 | 000,000,036 | ---- | C] () -- C:\WINDOWS\rasqervy.dll
[2010/02/10 04:23:24 | 000,000,006 | ---- | C] () -- C:\WINDOWS\sdfinacs.dll
[2010/02/10 04:23:17 | 000,000,005 | ---- | C] () -- C:\WINDOWS\sdfixwcs.dll
[2009/09/22 11:32:53 | 000,005,059 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ypkpiykb.yyr
[2006/06/12 19:18:14 | 000,012,997 | ---- | C] () -- C:\Documents and Settings\es\Application Data\Comma Separated Values (Windows).CAL
[2006/02/01 09:57:20 | 000,028,950 | ---- | C] () -- C:\Documents and Settings\es\Application Data\Comma Separated Values (Windows).ADR
[2006/01/30 10:27:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006/01/24 15:36:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2006/01/24 09:40:12 | 000,000,097 | ---- | C] () -- C:\WINDOWS\MobileDB_PC.ini
[2006/01/23 18:30:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2006/01/23 17:14:29 | 000,003,995 | ---- | C] () -- C:\Documents and Settings\es\Application Data\Comma Separated Values (DOS).NOT
[2005/10/31 12:04:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/10/29 12:27:33 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\es\Local Settings\Application Data\fusioncache.dat
[2005/10/15 09:57:26 | 000,000,118 | ---- | C] () -- C:\WINDOWS\ppdrv.ini
[2005/10/02 12:57:41 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/09/20 14:53:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\JDSecure31.INI
[2005/05/14 14:36:31 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\es\Application Data\PFP120JPR.{PB
[2005/05/14 14:36:31 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\es\Application Data\PFP120JCM.{PB
[2005/01/03 10:40:51 | 000,000,376 | ---- | C] () -- C:\WINDOWS\mozregistry.dat
[2004/11/16 15:55:36 | 000,000,306 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2004/11/16 15:53:58 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2004/11/16 15:53:57 | 000,040,129 | ---- | C] () -- C:\WINDOWS\iccsigs.dat
[2004/11/16 15:53:57 | 000,000,149 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2004/11/06 15:56:59 | 000,002,347 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2004/09/08 11:03:09 | 000,004,144 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2004/09/08 11:03:07 | 000,034,816 | ---- | C] () -- C:\WINDOWS\upi41003.dll
[2004/09/08 11:03:07 | 000,017,408 | ---- | C] () -- C:\WINDOWS\PI4UN.dll
[2004/09/08 11:03:07 | 000,016,896 | ---- | C] () -- C:\WINDOWS\upi41004.dll
[2004/09/08 11:02:02 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\fplayer.dll
[2004/08/24 15:52:16 | 000,056,320 | ---- | C] () -- C:\Documents and Settings\es\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/08/24 14:28:50 | 000,024,107 | ---- | C] () -- C:\Documents and Settings\es\Application Data\Comma Separated Values (DOS).ADR
[2004/08/23 13:09:01 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/23 11:01:55 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/08/12 08:09:23 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/12 08:05:22 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\PdeSrv2p.dll
[2004/08/12 08:05:21 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2004/08/12 08:02:47 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/08/12 07:51:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2004/08/12 07:49:31 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/08/12 07:49:26 | 000,383,126 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2004/08/12 07:49:26 | 000,054,276 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2004/08/12 07:49:15 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/12 07:38:22 | 000,000,550 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/05/26 13:09:26 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\DSRIRREM.EXE
[2004/05/24 17:11:28 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\zip.exe
[2004/05/24 17:04:56 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\lttls13n.dll
[2004/05/24 17:03:20 | 000,708,608 | ---- | C] () -- C:\WINDOWS\System32\ltcry13n.dll
[2004/05/24 17:01:02 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2004/05/24 17:00:48 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2004/05/21 01:30:02 | 000,114,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\ssoftnt4.sys
[2004/05/11 08:03:20 | 000,326,704 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/05/11 08:02:24 | 000,000,780 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/03/26 14:59:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002/09/03 06:59:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/09/03 06:56:30 | 000,023,444 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/08/29 03:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2001/08/18 05:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/18 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/18 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/18 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/18 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/18 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/18 05:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2001/08/18 05:00:00 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/18 05:00:00 | 000,001,420 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[1979/12/31 22:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== LOP Check ==========

[2011/01/14 13:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Antiphishing Domain Advisor
[2005/05/12 14:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fellowes
[2006/01/23 18:21:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2009/09/23 10:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Movavi Video Converter 8
[2011/05/19 11:24:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RetroExp
[2011/01/04 16:45:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ReviverSoft
[2005/01/05 10:37:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2004/10/25 09:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\Aim
[2006/02/08 14:04:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\Costco Photo Viewer
[2007/05/04 10:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\DeskAlerts_0
[2007/05/04 10:45:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\DeskAlerts_{C1CCE7F6-882E-40e2-A920-A799A50627F4}
[2006/01/23 16:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\HotSync
[2004/08/24 16:03:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\Leadertech
[2005/06/07 16:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\NetMedia Providers
[2011/05/18 14:50:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\PriceGong
[2005/06/07 16:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\Publish Providers
[2005/06/07 16:04:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\Sony
[2005/01/24 14:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\Template
[2008/02/27 18:38:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\Webshots

========== Purity Check ==========



< End of report >


here is Extras.Txt generated by OTL.
OTL Extras logfile created on: 5/19/2011 12:06:15 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\es\My Documents\Downloads
Windows XP Home Edition (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2600.0000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 117.00 Mb Available Physical Memory | 23.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.97 Gb Total Space | 12.20 Gb Free Space | 17.20% Space Free | Partition Type: NTFS
Drive E: | 483.00 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 57.23 Gb Total Space | 37.72 Gb Free Space | 65.92% Space Free | Partition Type: FAT32
Drive G: | 1.87 Gb Total Space | 1.57 Gb Free Space | 83.65% Space Free | Partition Type: FAT32

Computer Name: ERIC | User Name: es | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Dell Computer\Dell Picture Studio v2.0\launch.exe" = C:\Program Files\Dell Computer\Dell Picture Studio v2.0\launch.exe:*:Enabled:Jasc Paint Shop Photo Album Application
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- (America Online, Inc.)
"C:\WINDOWS\SYSTEM32\rtcshare.exe" = C:\WINDOWS\SYSTEM32\rtcshare.exe:*:Enabled:RTC App Sharing -- (Microsoft Corporation)
"C:\Program Files\NetMeeting\conf.exe" = C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting® -- (Microsoft Corporation)
"C:\mcoinstall.exe" = C:\mcoinstall.exe:*:Disabled:mcoinstall
"C:\WINDOWS\Explorer.EXE" = C:\WINDOWS\Explorer.EXE:*:Enabled:enable -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00040409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2
"{00120409-78E1-11D2-B60F-006097C998E7}" = Microsoft FrontPage 2000
"{0030188A-533E-42EE-9837-E044F10E4369}" = Palm
"{040992D7-097E-4C94-BC57-CF67BE2AF28A}" = MediaFACE 4.01 Image Library
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1E88F516-C8AA-4D17-9A54-8AB0768F34C1}" = Retrospect Express HD 1.0
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{231F68F4-70E4-41A6-BEDA-7E7934169B54}" = Maxtor OneTouch
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Dell Media Experience
"{26BDE7D8-93F0-4A07-AD47-1707DB417941}" = Camera Support Core Library
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{3B24D221-448E-11D4-A499-0050DA6E827C}" = DVDit! LE
"{41979C2F-34B8-4F92-8111-B13C5864682D}" = MediaFACE 4.01
"{43FCA273-9534-40DB-B7C5-D7758875616A}" = Dell Support
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{4E5E22C2-1386-47AE-8EDE-32DDCDCD6653}" = QuickTime
"{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}" = upapp
"{55937F00-A69B-4049-8D3A-1C7729742B6F}" = BUM
"{5F4C68B5-0AEF-4A00-A93F-BA9F38626D70}" = MobiSystems SpreadSheet
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.1
"{68D60342-7686-45C9-B8EB-40EF843D0460}" = Dell Networking Guide
"{68E7E8BD-2233-49BE-81D6-1A1FAF1B5196}" = RAW Image Task 1.1
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{7148F0A8-6813-11D6-A77B-00B0D0142050}" = Java 2 Runtime Environment, SE v1.4.2_05
"{7148F0A8-6813-11D6-A77B-00B0D0142060}" = Java 2 Runtime Environment, SE v1.4.2_06
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91120409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Standard
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9811A185-3D3D-11D6-9E14-00036D172B00}" = Adobe MPEG Encoder
"{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}" = Intel® PROSet
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABEB838C-A1A7-4C5D-B7E1-8B4314600777}" = MSN Messenger 7.0
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{AD13BFB0-FDD2-4AFA-A8AF-9F4A950D56B7}" = ArcSoft Camera Suite 1.3
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{B34BE30D-A759-4EC2-B58F-19FE2DEBF651}" = Camera Window
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BA0CA1B4-5491-11D7-97BC-00055D0CA761}" = Roxio DVDMax Player
"{BA0F44C2-A883-11D1-AD0A-006097D15E2C}" = Palm Desktop and Synchronization Software
"{BEF56F2D-56ED-4176-BF72-7B68D4A3B98D}" = Canon PhotoRecord
"{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon Utilities ZoomBrowser EX
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CF2C1A86-5A98-4862-A3AE-9992E3A6427D}" = RemoteCapture Task 1.0.3
"{DE286975-ACF1-45B8-9EF7-34E162B2C817}" = MovieEdit Task
"{EF4C7EB0-D71B-43A3-9552-8053DE4B0401}" = PhotoStitch
"{F00367CA-4E3F-4646-818A-02478313B6E6}" = Movavi Video Converter 8
"{F8D0829C-9C6F-11D3-8080-00C04FA329AA}" = Microsoft Works 6.0
"{FAF7F1D7-C0E7-47EA-8AAA-84E4F9EA3C94}" = Works Suite OS Pack
"{FC4ED75D-916C-4A8C-BB67-3C6F6E06D62B}" = Banctec Service Agreement
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Photoshop 5.0.2" = Adobe Photoshop 5.0.2
"Adobe Premiere 6.5" = Adobe Premiere 6.5
"AOL Instant Messenger" = AOL Instant Messenger
"CCleaner" = CCleaner (remove only)
"ClickArt Gallery 1.0" = ClickArt® Gallery
"ClickArt Infinity 1.0" = ClickArt® Infinity
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Dell File Manager" = Dell DJ Explorer
"Free_TV_Bar_c3 Toolbar" = Free TV Bar c3 Toolbar
"Google Desktop" = Google Desktop
"Handmark® MobileDB™ for Palm OS" = Handmark® MobileDB™ for Palm OS
"hp deskjet 3420 series" = hp deskjet 3420 series (Remove only)
"hp deskjet 845c series_Driver" = hp deskjet 845c series
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{040992D7-097E-4C94-BC57-CF67BE2AF28A}" = MediaFACE 4.01 Image Library
"InstallShield_{231F68F4-70E4-41A6-BEDA-7E7934169B54}" = Maxtor OneTouch
"InstallShield_{26BDE7D8-93F0-4A07-AD47-1707DB417941}" = Canon Camera Support Core Library
"InstallShield_{41979C2F-34B8-4F92-8111-B13C5864682D}" = MediaFACE 4.01
"InstallShield_{4E5E22C2-1386-47AE-8EDE-32DDCDCD6653}" = QuickTime
"InstallShield_{68E7E8BD-2233-49BE-81D6-1A1FAF1B5196}" = Canon RAW Image Task for ZoomBrowser EX
"InstallShield_{B34BE30D-A759-4EC2-B58F-19FE2DEBF651}" = Canon Camera Window for ZoomBrowser EX
"InstallShield_{CF2C1A86-5A98-4862-A3AE-9992E3A6427D}" = Canon RemoteCapture Task for ZoomBrowser EX
"InstallShield_{DE286975-ACF1-45B8-9EF7-34E162B2C817}" = Canon MovieEdit Task for ZoomBrowser EX
"InstallShield_{EF4C7EB0-D71B-43A3-9552-8053DE4B0401}" = Canon Utilities PhotoStitch 3.1
"InterActual Player" = InterActual Player
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Metafile Companion 1.10" = Metafile Companion
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 4.0 (x86 en-US)" = Mozilla Firefox 4.0 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSN Music Assistant" = MSN Music Assistant
"Musicnotes Player_is1" = Musicnotes Player V1.22.2
"MXOFX" = USB Storage Adapter FX (MXO)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Photo Organizer 1.0" = Photo Organizer
"Plaxo" = Plaxo Toolbar for Windows
"PROSet" = Intel® PRO Network Adapters and Drivers
"RealPlayer 6.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.92
"RNCompiler 6.0" = Advanced RealMedia Export Plug-in for Premiere 6.0
"Search Guard Plus Updater" = Search Guard Plus Updater (My Web Tattoo)
"Search Toolbar" = Search Toolbar
"SmartSound Quicktracks for Premiere 6.5" = SmartSound Quicktracks for Premiere 6.5
"TBSB07183.TBSB07183Toolbar" = Fast Browser Search (My Web Tattoo)
"TCEssentials" = TC Native Essentials 2.02
"Ulead PhotoImpact SE 4.0" = Ulead PhotoImpact SE 4.0
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"vmn3_5dn" = Antiphishing Domain Advisor
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2001Setup" = Microsoft Works and Money 2001 Setup Launcher
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{9863F141-7A33-4c9a-A5F2-96996461B216}" = KODAK EASYSHARE Gallery Easy Upload, v2.1
"Adobe After Effects v3.1" = Adobe After Effects v3.1
"GoToMeeting" = GoToMeeting 4.0.0.320

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/18/2011 5:49:37 PM | Computer Name = ERIC | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.

Error - 5/18/2011 5:59:40 PM | Computer Name = ERIC | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.

Error - 5/18/2011 6:02:30 PM | Computer Name = ERIC | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 3.0.8107.0,
P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

Error - 5/18/2011 6:19:14 PM | Computer Name = ERIC | Source = Microsoft Security Client | ID = 5000
Description =

Error - 5/18/2011 6:19:20 PM | Computer Name = ERIC | Source = Microsoft Security Client | ID = 5000
Description =

Error - 5/18/2011 6:21:29 PM | Computer Name = ERIC | Source = Microsoft Security Client | ID = 5000
Description =

Error - 5/19/2011 1:02:26 AM | Computer Name = ERIC | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0, P2 moaccapability, P3 3.0.8107.0, P4
0, P5 0, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

Error - 5/19/2011 1:52:35 PM | Computer Name = ERIC | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 80080005, P2 beginsearch, P3 search, P4
3.0.8107.0, P5 mpsigdwn.dll, P6 3.0.8107.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P8 NIL, P9 NIL, P10 NIL.

Error - 5/19/2011 1:53:13 PM | Computer Name = ERIC | Source = Microsoft Security Client | ID = 5000
Description =

Error - 5/19/2011 2:19:09 PM | Computer Name = ERIC | Source = Perflib | ID = 2002
Description = The open procedure for service "WmiApRpl" in DLL "C:\WINDOWS\System32\wbem\wmiaprpl.dll"
has taken longer than the established wait time to complete. There may be a problem
with this extensible counter or the service it is collecting data from or the system
may have been very busy when this call was attempted.

[ System Events ]
Error - 5/19/2011 2:19:26 PM | Computer Name = ERIC | Source = RemoteAccess | ID = 20151
Description = The Control Protocol EAP in the Point to Point Protocol module C:\WINDOWS\System32\rasppp.dll
returned an error while initializing. The request is not supported.

Error - 5/19/2011 2:19:26 PM | Computer Name = ERIC | Source = Rasman | ID = 20063
Description = Remote Access Connection Manager failed to start because the Point
to Point Protocol failed to initialize. The request is not supported.

Error - 5/19/2011 2:34:00 PM | Computer Name = ERIC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%834 Error Code: 0x80070002 Error description: The system cannot find the file specified.
Reason: %%842

Error - 5/19/2011 2:34:00 PM | Computer Name = ERIC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80070002 Error description: The system cannot find the file specified.
Reason: %%842

Error - 5/19/2011 2:34:00 PM | Computer Name = ERIC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%834 Error Code: 0x80070002 Error description: The system cannot find the file specified.
Reason: %%837

Error - 5/19/2011 2:34:00 PM | Computer Name = ERIC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80070002 Error description: The system cannot find the file specified.
Reason: %%837

Error - 5/19/2011 2:35:04 PM | Computer Name = ERIC | Source = RemoteAccess | ID = 20071
Description = The Point to Point Protocol module C:\WINDOWS\System32\rastls.dll
returned an error while initializing. The request is not supported.

Error - 5/19/2011 2:35:04 PM | Computer Name = ERIC | Source = RemoteAccess | ID = 20151
Description = The Control Protocol EAP in the Point to Point Protocol module C:\WINDOWS\System32\rasppp.dll
returned an error while initializing. The request is not supported.

Error - 5/19/2011 2:35:04 PM | Computer Name = ERIC | Source = Rasman | ID = 20063
Description = Remote Access Connection Manager failed to start because the Point
to Point Protocol failed to initialize. The request is not supported.

Error - 5/19/2011 2:35:09 PM | Computer Name = ERIC | Source = Rasman | ID = 20035
Description = Remote Access Connection Manager failed to start because it could
not create buffers. Restart the computer. Access is denied.


< End of report >

Edited by Essexboy, 26 May 2011 - 01:36 PM.

  • 0

Advertisements


#2
gvnaz

gvnaz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
small update. got Service Pack 3 back onto the computer.
now when i click on internet explorer i get this error.
The ordinal 410 could not be located in the dynamic link library urlmon.dll.

and now MSE real-time protection is actually on. i think that it just wasnt compatible with XP Home with no service packs. however, it now gives me an error if i try to update the definitions.
Virus and spyware definitions update failed
Security Essentials could not check for virus and spyware definition updates due to an internet or network connectivity issue.
Error code: 0x80004002
Error description: Security Essentials couldnt download the definition updates because your computer is using an older version of the Windows Update client or because Windows couldnt start the service that transfers data.

i am posting this on the computer so i know that there are no connectivity issues. just ran another quick scan with MSE (using definitions from yesterday) and it didnt find anything.
  • 0

#3
gvnaz

gvnaz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
another small update. i ran Eset online scan and found an additional 16 infections that were quarantined.
IE still giving the same ordinal 410 error and Win Update still fails to respond (no error message). MSE and Mbam scans are coming up clean.
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there and sorry for the delay - to ensure that we can clean you up properly we will need to get to at least SP2 status

Please download SP1a from here to your desktop and install

Download SP2 from here and install

Once done could you run OTL with the following parameters please

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in

    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    %systemroot%\*. /mp /s
    hklm\software\clients\startmenuinternet|command /rs
    CREATERESTOREPOINT

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

  • 0

#5
gvnaz

gvnaz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
i got it back up to SP3 (my 2nd post). :unsure: :)

ran OTL but didnt get an Extras log file for some reason.
here is the contents of OTL.Txt
OTL logfile created on: 5/27/2011 12:23:09 AM - Run 2
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\es\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

509.98 Mb Total Physical Memory | 258.40 Mb Available Physical Memory | 50.67% Memory free
1.22 Gb Paging File | 0.89 Gb Available in Paging File | 73.25% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.97 Gb Total Space | 10.39 Gb Free Space | 14.65% Space Free | Partition Type: NTFS
Drive F: | 57.23 Gb Total Space | 36.91 Gb Free Space | 64.50% Space Free | Partition Type: FAT32

Computer Name: ERIC | User Name: es | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/27 00:16:17 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\es\Desktop\OTL(1).exe
PRC - [2011/03/01 12:12:00 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2011/03/01 12:11:56 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/11/08 12:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2010/09/17 15:40:06 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/04 14:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2004/07/30 15:47:36 | 000,069,632 | ---- | M] (Dantz Development Corporation) -- C:\Program Files\Dantz\Retrospect Express HD\retrorun.exe
PRC - [2004/05/21 01:30:02 | 000,074,240 | ---- | M] (Cypherix) -- C:\WINDOWS\SYSTEM32\ssoftsrv.exe


========== Modules (SafeList) ==========

MOD - [2011/05/27 00:16:17 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\es\Desktop\OTL(1).exe
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (WmdmPmSp)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/03/01 12:12:00 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2011/03/01 12:11:56 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/11/08 12:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2004/07/30 15:47:36 | 000,069,632 | ---- | M] (Dantz Development Corporation) [Auto | Running] -- C:\Program Files\Dantz\Retrospect Express HD\retrorun.exe -- (RetroExpLauncher)
SRV - [2004/05/21 01:30:02 | 000,074,240 | ---- | M] (Cypherix) [Auto | Running] -- C:\WINDOWS\System32\ssoftsrv.exe -- (ssoftservice)
SRV - [2003/03/03 11:33:40 | 000,143,360 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)


========== Driver Services (SafeList) ==========

DRV - [2011/05/22 22:20:51 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1B145F54-7843-47B8-A100-957E7AFEDF78}\MpKslb8d18c68.sys -- (MpKslb8d18c68)
DRV - [2011/03/01 12:12:24 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010/09/17 15:40:06 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2010/09/17 15:40:06 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/04/13 22:04:34 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2008/04/13 22:04:32 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2008/04/13 22:04:30 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2008/04/13 22:04:30 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2008/04/13 22:04:30 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2008/04/13 22:04:30 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2008/04/13 22:04:28 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2008/04/13 22:04:28 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2008/04/13 22:04:28 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2008/04/13 22:04:28 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2006/01/23 18:19:28 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\PalmUSBD.sys -- (PalmUSBD)
DRV - [2004/10/07 10:21:22 | 000,015,360 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mxopswd.sys -- (MXOPSWD)
DRV - [2004/09/29 02:02:00 | 000,016,752 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctpdusb2.sys -- (Jukebox)
DRV - [2004/08/03 22:29:26 | 000,701,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2004/05/21 01:30:02 | 000,114,944 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssoftnt4.sys -- (ssoftnt4)
DRV - [2003/10/10 04:23:48 | 000,032,640 | ---- | M] (Cypress Semiconductor) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\MXOFX.SYS -- (MXOFX) USB Storage Adapter FX (MXO)
DRV - [2003/03/13 13:23:28 | 000,019,712 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mxofwfp.sys -- (MaxtorFrontPanel1)
DRV - [2002/11/08 11:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/10/01 10:22:32 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pfc.sys -- (pfc)
DRV - [2001/10/16 13:48:30 | 000,051,072 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EUSBMSD.SYS -- (EUSBMSD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/mywaybiz
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywaybiz
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/mywaybiz
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywaybiz
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3663585723-580171662-2714500248-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3663585723-580171662-2714500248-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gvnaz.org/
IE - HKU\S-1-5-21-3663585723-580171662-2714500248-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://search.condui...&ctid=CT2399412
IE - HKU\S-1-5-21-3663585723-580171662-2714500248-1007\..\URLSearchHook: {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\prxtbFre0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3663585723-580171662-2714500248-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3663585723-580171662-2714500248-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
IE - HKU\S-1-5-21-3663585723-580171662-2714500248-1010\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/mywaybiz
IE - HKU\S-1-5-21-3663585723-580171662-2714500248-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/mywaybiz
IE - HKU\S-1-5-21-3663585723-580171662-2714500248-1010\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.gvnaz.org/"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/20 16:48:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/05/18 17:39:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\es\Application Data\Mozilla\Extensions
[2011/05/27 00:13:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\es\Application Data\Mozilla\Firefox\Profiles\a5bmhej0.default\extensions
[2011/05/27 00:13:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\es\Application Data\Mozilla\Firefox\Profiles\a5bmhej0.default\extensions\staged
[2011/05/18 17:38:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ES\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\A5BMHEJ0.DEFAULT\EXTENSIONS\{6E84150A-D526-41F1-A480-A67D3FED910D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ES\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\A5BMHEJ0.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/05/20 16:47:57 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2008/03/12 20:36:15 | 000,228,383 | R--- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 8011 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Free TV Bar c3 Toolbar) - {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\prxtbFre0.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Free TV Bar c3 Toolbar) - {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\prxtbFre0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
O3 - HKU\S-1-5-21-3663585723-580171662-2714500248-1007\..\Toolbar\WebBrowser: (Free TV Bar c3 Toolbar) - {3EE8D0BE-F450-4EF2-97B9-AC2222D14DB3} - C:\Program Files\Free_TV_Bar_c3\prxtbFre0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-3663585723-580171662-2714500248-1007\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3663585723-580171662-2714500248-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3663585723-580171662-2714500248-1010\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O9 - Extra Button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKU\S-1-5-21-3663585723-580171662-2714500248-1007\..Trusted Domains: ([]msn in My Computer)
O15 - HKU\S-1-5-21-3663585723-580171662-2714500248-1007\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-3663585723-580171662-2714500248-1007\..Trusted Domains: microsoft.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-3663585723-580171662-2714500248-1007\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://bin.mcafee.co...,21/mcgdmgr.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\es\My Documents\My Pictures\Headers\Worship 1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\es\My Documents\My Pictures\Headers\Worship 1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 06:59:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004/07/29 15:08:48 | 000,000,118 | ---- | M] () - F:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{35c77788-4898-11dd-8843-0011110facec}\Shell - "" = AutoRun
O33 - MountPoints2\{35c77788-4898-11dd-8843-0011110facec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{35c77788-4898-11dd-8843-0011110facec}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{a43d2d68-3f2a-11da-863f-0011110facec}\Shell\AutoRun\command - "" = I:\JDSecure\Windows\JDSecure31.exe
O33 - MountPoints2\{acef0274-23b4-11da-8637-0011110facec}\Shell\AutoRun\command - "" = H:\JDSecure\Windows\JDSecure31.exe
O33 - MountPoints2\{acef0275-23b4-11da-8637-0011110facec}\Shell\AutoRun\command - "" = I:\JDSecure\Windows\JDSecure31.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 30 Days ==========

[2011/05/27 00:16:03 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\es\Desktop\OTL(1).exe
[2011/05/20 17:12:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\es\Recent
[2011/05/20 12:08:36 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2011/05/19 18:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/05/19 16:09:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\es\Local Settings\Application Data\LogMeIn
[2011/05/19 16:09:30 | 000,029,568 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2011/05/19 16:09:29 | 000,083,360 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2011/05/19 16:09:29 | 000,047,640 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\LMIRfsDriver.sys
[2011/05/19 16:09:10 | 000,087,424 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2011/05/19 16:09:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/05/19 16:08:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2011/05/19 16:08:29 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn
[2011/05/19 15:29:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/05/19 15:01:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011/05/19 14:14:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2011/05/19 13:53:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2011/05/19 12:05:08 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2011/05/19 12:05:07 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2011/05/19 12:05:06 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2011/05/19 12:04:47 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2011/05/19 12:04:36 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2011/05/19 12:04:29 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2011/05/19 12:04:22 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2011/05/19 12:04:22 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2011/05/19 12:04:22 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2011/05/19 12:04:20 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2011/05/19 12:04:19 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2011/05/19 12:04:17 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2011/05/19 12:04:16 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2011/05/19 12:04:12 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2011/05/19 12:04:10 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2011/05/19 12:04:10 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2011/05/19 12:04:09 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2011/05/19 12:03:58 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2011/05/19 12:03:58 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2011/05/19 12:03:51 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2011/05/19 12:03:51 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2011/05/19 12:03:51 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2011/05/19 12:03:51 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2011/05/19 12:03:50 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2011/05/19 12:03:50 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2011/05/19 12:03:45 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2011/05/19 12:03:40 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2011/05/19 12:03:40 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2011/05/19 12:03:37 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2011/05/19 12:03:37 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2011/05/19 12:01:56 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2011/05/19 12:01:55 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2011/05/19 12:01:48 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2011/05/19 12:01:47 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2011/05/19 12:01:47 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2011/05/19 12:01:46 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2011/05/19 12:01:42 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2011/05/19 12:01:18 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2011/05/19 12:01:17 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2011/05/19 12:01:16 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2011/05/19 12:01:15 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2011/05/19 12:01:15 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2011/05/19 12:01:05 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2011/05/19 12:01:05 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2011/05/19 12:00:48 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2011/05/19 12:00:48 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2011/05/19 12:00:48 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2011/05/19 12:00:47 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2011/05/19 12:00:37 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2011/05/19 12:00:36 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2011/05/19 12:00:36 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2011/05/19 12:00:32 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2011/05/19 12:00:32 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2011/05/19 12:00:32 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2011/05/19 12:00:32 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2011/05/19 12:00:31 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2011/05/19 12:00:31 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2011/05/19 12:00:31 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2011/05/19 12:00:31 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2011/05/19 12:00:30 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2011/05/19 12:00:29 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2011/05/19 12:00:28 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2011/05/19 12:00:20 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2011/05/19 12:00:16 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2011/05/19 12:00:15 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2011/05/19 12:00:03 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2011/05/19 12:00:03 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2011/05/19 11:59:53 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2011/05/19 11:59:53 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2011/05/19 11:59:53 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2011/05/19 11:59:51 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2011/05/19 11:59:31 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2011/05/19 11:59:30 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2011/05/19 11:59:29 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2011/05/19 11:59:23 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2011/05/19 11:59:23 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2011/05/19 11:59:23 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2011/05/19 11:59:22 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2011/05/19 11:59:09 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2011/05/19 11:59:04 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2011/05/19 11:59:03 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2011/05/19 11:58:56 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2011/05/19 11:58:56 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2011/05/19 11:58:52 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2011/05/19 11:58:52 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2011/05/19 11:58:52 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2011/05/19 11:58:52 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2011/05/19 11:58:51 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2011/05/19 11:58:51 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2011/05/19 11:58:50 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2011/05/19 11:58:50 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2011/05/19 11:58:50 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2011/05/19 11:58:50 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2011/05/19 11:58:50 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2011/05/19 11:57:18 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2011/05/19 11:56:46 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2011/05/19 11:56:46 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2011/05/19 11:56:45 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2011/05/19 11:56:45 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2011/05/19 11:56:37 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2011/05/19 11:56:37 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2011/05/19 11:56:36 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2011/05/19 11:56:35 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2011/05/19 11:56:34 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2011/05/19 11:56:34 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2011/05/19 11:54:56 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2011/05/19 11:54:12 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2011/05/19 11:53:09 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2011/05/19 11:53:09 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2011/05/19 11:52:55 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2011/05/19 11:52:55 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2011/05/19 11:52:52 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2011/05/19 11:52:46 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2011/05/19 11:52:45 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2011/05/19 11:52:43 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2011/05/19 11:52:43 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2011/05/19 11:52:42 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2011/05/19 11:52:33 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2011/05/19 11:52:32 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2011/05/19 11:52:32 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2011/05/19 11:51:46 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2011/05/19 11:51:41 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2011/05/19 11:51:35 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2011/05/19 11:51:34 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2011/05/19 11:51:34 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2011/05/19 11:51:33 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2011/05/19 11:51:33 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2011/05/19 11:51:33 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2011/05/19 11:51:33 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2011/05/19 11:51:31 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2011/05/19 11:51:25 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2011/05/19 11:51:25 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2011/05/19 11:51:23 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2011/05/19 11:51:13 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2011/05/19 11:51:13 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2011/05/19 11:51:13 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2011/05/19 11:51:13 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2011/05/19 11:51:13 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2011/05/19 11:51:13 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2011/05/19 11:51:09 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2011/05/19 11:50:58 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2011/05/19 11:50:52 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2011/05/19 11:50:38 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2011/05/19 11:50:38 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2011/05/19 11:50:38 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2011/05/19 11:50:38 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2011/05/19 11:50:37 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2011/05/19 11:50:35 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2011/05/19 11:50:35 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2011/05/19 11:50:34 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2011/05/19 11:50:34 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2011/05/19 11:50:33 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2011/05/19 11:50:33 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2011/05/19 11:50:19 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2011/05/19 11:50:19 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2011/05/19 11:50:19 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2011/05/19 11:50:19 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2011/05/19 11:50:19 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2011/05/19 11:50:18 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2011/05/19 11:50:18 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2011/05/19 11:50:18 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2011/05/19 11:50:17 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2011/05/19 11:50:17 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2011/05/19 11:50:16 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2011/05/19 11:50:16 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2011/05/19 11:50:16 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2011/05/19 11:50:16 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2011/05/19 11:50:16 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2011/05/19 11:50:15 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2011/05/19 11:50:15 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2011/05/19 11:50:15 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2011/05/19 11:50:13 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2011/05/19 11:50:11 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2011/05/19 11:50:11 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2011/05/19 11:50:11 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2011/05/19 11:50:10 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2011/05/19 11:50:10 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2011/05/19 11:50:10 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2011/05/19 11:50:10 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2011/05/19 11:50:01 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2011/05/19 11:49:56 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2011/05/19 11:48:52 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2011/05/19 11:48:51 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2011/05/19 11:48:51 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2011/05/19 11:48:51 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2011/05/19 11:48:49 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2011/05/19 11:48:48 | 000,184,320 | ---- | C] (Sierra Wireless Inc.) -- C:\WINDOWS\System32\dllcache\ac300nd5.sys
[2011/05/19 11:48:47 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2011/05/19 11:48:46 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2011/05/19 11:48:46 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2011/05/19 11:48:45 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2011/05/18 17:38:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\es\Local Settings\Application Data\Mozilla
[2011/05/18 17:38:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\es\Application Data\Mozilla
[2011/05/18 17:37:58 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/05/18 17:17:31 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/05/18 17:17:31 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/05/18 17:15:27 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/05/18 17:05:44 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2011/05/18 15:02:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/05/18 14:10:22 | 000,000,000 | ---D | C] -- C:\Program Files\Revo Uninstaller
[2011/05/18 14:10:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\es\Start Menu\Programs\Revo Uninstaller
[2011/05/18 14:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\es\Application Data\Malwarebytes
[2011/05/18 14:07:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/18 14:07:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/18 14:07:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/18 14:07:09 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/18 14:07:09 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/18 09:23:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2011/01/14 13:16:38 | 000,382,176 | ---- | C] (Visicom Media Inc. (License)) -- C:\Program Files\Common Files\PandaAntiPhising-FYTDL.exe
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Documents and Settings\es\My Documents\*.tmp files -> C:\Documents and Settings\es\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/27 00:27:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/27 00:16:17 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\es\Desktop\OTL(1).exe
[2011/05/26 03:27:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/22 22:21:11 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/05/22 22:20:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/05/22 22:20:35 | 534,827,008 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/19 16:19:34 | 000,383,126 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2011/05/19 16:19:34 | 000,054,276 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2011/05/19 16:09:08 | 000,001,024 | ---- | M] () -- C:\.rnd
[2011/05/19 15:32:17 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/05/19 15:28:19 | 000,326,704 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/19 15:17:40 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2011/05/19 15:08:59 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/05/19 15:08:59 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2011/05/18 17:39:21 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2011/05/18 17:38:12 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\es\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/18 17:38:12 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/05/18 17:26:55 | 000,000,737 | ---- | M] () -- C:\Documents and Settings\es\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/18 17:19:51 | 000,000,292 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/05/18 17:13:08 | 000,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2011/05/18 17:13:03 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/05/18 17:13:03 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/05/18 17:13:01 | 000,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2011/05/18 17:12:35 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011/05/18 17:06:51 | 000,023,444 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/05/18 17:05:32 | 000,000,535 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2011/05/18 15:02:40 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/05/18 11:41:01 | 000,000,338 | ---- | M] () -- C:\Documents and Settings\es\Desktop\Shortcut to public on Naz.lnk
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\Documents and Settings\es\My Documents\*.tmp files -> C:\Documents and Settings\es\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/19 16:09:05 | 000,001,024 | ---- | C] () -- C:\.rnd
[2011/05/19 16:08:47 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\LogMeIn.lnk
[2011/05/19 13:45:53 | 001,326,080 | ---- | C] () -- C:\WINDOWS\System32\webfldrs.msi
[2011/05/19 13:45:28 | 000,383,804 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tahoma.ttf
[2011/05/19 13:45:28 | 000,355,680 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tahomabd.ttf
[2011/05/19 13:44:42 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\odbcconf.rsp
[2011/05/19 13:44:42 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\dllcache\odbcconf.rsp
[2011/05/19 13:44:03 | 000,204,396 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2011/05/19 13:43:57 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2011/05/19 13:43:56 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\msdxm.ocx
[2011/05/19 13:43:56 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2011/05/19 13:43:19 | 000,956,990 | ---- | C] () -- C:\WINDOWS\System32\instcat.sql
[2011/05/19 13:43:18 | 000,019,514 | ---- | C] () -- C:\WINDOWS\System32\ieuinit.inf
[2011/05/19 13:43:14 | 000,000,929 | ---- | C] () -- C:\WINDOWS\System32\homepage.inf
[2011/05/19 13:42:57 | 000,498,742 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2011/05/19 13:42:51 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2011/05/19 13:42:41 | 000,252,928 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compatui.dll
[2011/05/19 13:42:24 | 000,218,134 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apphelp.sdb
[2011/05/19 13:42:24 | 000,080,546 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apps.chm
[2011/05/19 12:05:07 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2011/05/19 11:53:09 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2011/05/19 11:53:09 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2011/05/19 11:53:08 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2011/05/19 11:53:08 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2011/05/19 11:53:07 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2011/05/19 11:51:34 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2011/05/19 11:51:34 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2011/05/19 11:51:34 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2011/05/19 11:50:05 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2011/05/19 11:50:04 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2011/05/19 11:50:04 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2011/05/19 11:50:04 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2011/05/19 11:50:04 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2011/05/19 11:50:04 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2011/05/19 11:50:04 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2011/05/19 11:50:04 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2011/05/19 11:50:03 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2011/05/19 11:50:02 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2011/05/18 17:39:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/05/18 17:38:12 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\es\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/18 17:38:12 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/05/18 17:38:10 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/05/18 17:21:58 | 534,827,008 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/18 17:16:35 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/05/18 17:16:19 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/05/18 17:16:06 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011/05/18 17:16:01 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/05/18 17:13:37 | 000,003,144 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srgb.icm
[2011/05/18 16:52:22 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/05/18 16:52:21 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/05/18 16:52:21 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/05/18 16:52:21 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011/05/18 16:52:21 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/05/18 16:52:21 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/05/18 15:02:40 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/05/18 15:02:15 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2010/02/10 04:23:25 | 000,000,036 | ---- | C] () -- C:\WINDOWS\rasqervy.dll
[2010/02/10 04:23:24 | 000,000,006 | ---- | C] () -- C:\WINDOWS\sdfinacs.dll
[2010/02/10 04:23:17 | 000,000,005 | ---- | C] () -- C:\WINDOWS\sdfixwcs.dll
[2009/09/22 11:32:53 | 000,005,059 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ypkpiykb.yyr
[2006/06/12 19:18:14 | 000,012,997 | ---- | C] () -- C:\Documents and Settings\es\Application Data\Comma Separated Values (Windows).CAL
[2006/02/01 09:57:20 | 000,028,950 | ---- | C] () -- C:\Documents and Settings\es\Application Data\Comma Separated Values (Windows).ADR
[2006/01/30 10:27:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006/01/24 15:36:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2006/01/24 09:40:12 | 000,000,097 | ---- | C] () -- C:\WINDOWS\MobileDB_PC.ini
[2006/01/23 18:30:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2006/01/23 17:14:29 | 000,003,995 | ---- | C] () -- C:\Documents and Settings\es\Application Data\Comma Separated Values (DOS).NOT
[2005/10/31 12:04:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/10/29 12:27:33 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\es\Local Settings\Application Data\fusioncache.dat
[2005/10/15 09:57:26 | 000,000,118 | ---- | C] () -- C:\WINDOWS\ppdrv.ini
[2005/10/02 12:57:41 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/09/20 14:53:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\JDSecure31.INI
[2005/05/14 14:36:31 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\es\Application Data\PFP120JPR.{PB
[2005/05/14 14:36:31 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\es\Application Data\PFP120JCM.{PB
[2005/01/03 10:40:51 | 000,000,376 | ---- | C] () -- C:\WINDOWS\mozregistry.dat
[2004/11/16 15:55:36 | 000,000,306 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2004/11/16 15:53:58 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2004/11/16 15:53:57 | 000,040,129 | ---- | C] () -- C:\WINDOWS\iccsigs.dat
[2004/11/16 15:53:57 | 000,000,149 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2004/11/06 15:56:59 | 000,002,347 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2004/09/08 11:03:09 | 000,004,144 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2004/09/08 11:03:07 | 000,034,816 | ---- | C] () -- C:\WINDOWS\upi41003.dll
[2004/09/08 11:03:07 | 000,017,408 | ---- | C] () -- C:\WINDOWS\PI4UN.dll
[2004/09/08 11:03:07 | 000,016,896 | ---- | C] () -- C:\WINDOWS\upi41004.dll
[2004/09/08 11:02:02 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\fplayer.dll
[2004/08/24 15:52:16 | 000,056,320 | ---- | C] () -- C:\Documents and Settings\es\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/08/24 14:28:50 | 000,024,107 | ---- | C] () -- C:\Documents and Settings\es\Application Data\Comma Separated Values (DOS).ADR
[2004/08/23 13:09:01 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/23 11:01:55 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/08/12 08:09:23 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/12 08:05:22 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\PdeSrv2p.dll
[2004/08/12 08:05:21 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2004/08/12 08:02:47 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/08/12 07:51:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2004/08/12 07:49:31 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/08/12 07:49:26 | 000,383,126 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2004/08/12 07:49:26 | 000,054,276 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2004/08/12 07:49:15 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/12 07:38:22 | 000,000,550 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/05/26 13:09:26 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\DSRIRREM.EXE
[2004/05/24 17:11:28 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\zip.exe
[2004/05/24 17:04:56 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\lttls13n.dll
[2004/05/24 17:03:20 | 000,708,608 | ---- | C] () -- C:\WINDOWS\System32\ltcry13n.dll
[2004/05/24 17:01:02 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2004/05/24 17:00:48 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2004/05/21 01:30:02 | 000,114,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\ssoftnt4.sys
[2004/05/11 08:03:20 | 000,326,704 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/05/11 08:02:24 | 000,000,780 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/03/26 14:59:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002/09/03 06:59:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/09/03 06:56:30 | 000,023,444 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/08/29 03:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2001/08/18 05:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/18 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/18 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/18 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/18 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/18 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/18 05:00:00 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[1979/12/31 22:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== LOP Check ==========

[2011/01/14 13:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Antiphishing Domain Advisor
[2005/05/12 14:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fellowes
[2006/01/23 18:21:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2011/05/27 00:10:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2009/09/23 10:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Movavi Video Converter 8
[2011/05/19 11:24:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RetroExp
[2011/01/04 16:45:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ReviverSoft
[2005/01/05 10:37:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2004/10/25 09:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\Aim
[2006/02/08 14:04:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\Costco Photo Viewer
[2007/05/04 10:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\DeskAlerts_0
[2007/05/04 10:45:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\DeskAlerts_{C1CCE7F6-882E-40e2-A920-A799A50627F4}
[2006/01/23 16:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\HotSync
[2004/08/24 16:03:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\Leadertech
[2005/06/07 16:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\NetMedia Providers
[2011/05/18 14:50:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\PriceGong
[2005/06/07 16:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\Publish Providers
[2005/06/07 16:04:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\Sony
[2005/01/24 14:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\Template
[2008/02/27 18:38:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\Webshots

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007/06/13 04:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2002/08/29 03:41:24 | 001,004,032 | ---- | M] (Microsoft Corporation) MD5=A82B28BFC2E4455FE43022A498C0EF0A -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: SVCHOST.EXE >
[2001/08/18 05:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=0F7D9C87B0CE1FA520473119752C6F79 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2008/04/14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008/04/14 05:42:38 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\SYSTEM32\svchost.exe
[2004/08/04 00:56:57 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\I386\svchost.exe

< MD5 for: USERINIT.EXE >
[2004/08/04 00:56:57 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\I386\userinit.exe
[2008/04/14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/14 05:42:40 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SYSTEM32\userinit.exe
[2002/08/29 03:41:28 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=E931E0A2B8BF0019DB902E98D03662CB -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/04 00:56:57 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\I386\winlogon.exe
[2002/08/29 03:41:28 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=2246D8D8F4714A2CEDB21AB9B1849ABB -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SYSTEM32\DLLCACHE\winlogon.exe
[2008/04/14 05:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SYSTEM32\winlogon.exe

< %systemroot%\*. /mp /s >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/05/20 16:48:02 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/05/20 16:48:02 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/05/20 16:48:02 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/05/20 16:47:58 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/05/20 16:47:58 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/05/20 16:47:58 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: %systemroot%\system32\shmgrate.exe OCInstallReinstallIE [2008/04/14 05:42:36 | 000,045,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: %systemroot%\system32\shmgrate.exe OCInstallHideIE [2008/04/14 05:42:36 | 000,045,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: %systemroot%\system32\shmgrate.exe OCInstallShowIE [2008/04/14 05:42:36 | 000,045,056 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "%programfiles%\Internet Explorer\iexplore.exe" [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\MSN Explorer\shell\open\command\\: "C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE" [2002/08/29 03:00:00 | 000,094,208 | ---- | M] (Microsoft Corporation)

< End of report >
  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
A few pieces to remove, what are your current problems ?

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - Reg Error: Value error. File not found
    O3 - HKLM\..\Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - No CLSID value found.
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error. (Reg Error: Key error.)
    [2010/02/10 04:23:25 | 000,000,036 | ---- | C] () -- C:\WINDOWS\rasqervy.dll
    [2010/02/10 04:23:24 | 000,000,006 | ---- | C] () -- C:\WINDOWS\sdfinacs.dll
    [2010/02/10 04:23:17 | 000,000,005 | ---- | C] () -- C:\WINDOWS\sdfixwcs.dll

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image
  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#8
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,770 posts
Re-opened at OP's request.
  • 0

#9
gvnaz

gvnaz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
thanks for reopening! same problems as above. cant run Windows Update, nothing happens. cant run Internet Explorer,

The ordinal 410 could not be located in the dynamic link library urlmon.dll.


Microsoft Security Essentials gives this error when trying to update.

Virus and spyware definitions update failed
Security Essentials could not check for virus and spyware definition updates due to an internet or network connectivity issue.
Error code: 0x80004002
Error description: Security Essentials couldnt download the definition updates because your computer is using an older version of the Windows Update client or because Windows couldnt start the service that transfers data.



here are the 2 logs...

OTL logfile created on: 5/31/2011 3:05:18 PM - Run 4
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\es\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2800.1106)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

509.98 Mb Total Physical Memory | 148.70 Mb Available Physical Memory | 29.16% Memory free
1.22 Gb Paging File | 0.76 Gb Available in Paging File | 62.39% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.97 Gb Total Space | 13.89 Gb Free Space | 19.58% Space Free | Partition Type: NTFS
Drive F: | 57.23 Gb Total Space | 36.91 Gb Free Space | 64.50% Space Free | Partition Type: FAT32

Computer Name: ERIC | User Name: es | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/27 00:16:17 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\es\Desktop\OTL(1).exe
PRC - [2011/05/20 16:47:58 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/03/01 12:12:00 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2011/03/01 12:11:56 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/11/08 12:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2010/09/17 15:40:06 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/04 14:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2004/07/30 15:47:36 | 000,069,632 | ---- | M] (Dantz Development Corporation) -- C:\Program Files\Dantz\Retrospect Express HD\retrorun.exe
PRC - [2004/05/21 01:30:02 | 000,074,240 | ---- | M] (Cypherix) -- C:\WINDOWS\SYSTEM32\ssoftsrv.exe


========== Modules (SafeList) ==========

MOD - [2011/05/27 00:16:17 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\es\Desktop\OTL(1).exe
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (WmdmPmSp)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/03/01 12:12:00 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2011/03/01 12:11:56 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/11/08 12:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2004/07/30 15:47:36 | 000,069,632 | ---- | M] (Dantz Development Corporation) [Auto | Running] -- C:\Program Files\Dantz\Retrospect Express HD\retrorun.exe -- (RetroExpLauncher)
SRV - [2004/05/21 01:30:02 | 000,074,240 | ---- | M] (Cypherix) [Auto | Running] -- C:\WINDOWS\System32\ssoftsrv.exe -- (ssoftservice)
SRV - [2003/03/03 11:33:40 | 000,143,360 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)


========== Driver Services (SafeList) ==========

DRV - [2011/05/31 08:04:07 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{14455409-CD66-4CAF-9F02-595B47A8A09B}\MpKsl5ed9ca89.sys -- (MpKsl5ed9ca89)
DRV - [2011/05/29 08:51:16 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{14455409-CD66-4CAF-9F02-595B47A8A09B}\MpKsl2a266de5.sys -- (MpKsl2a266de5)
DRV - [2011/03/01 12:12:24 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010/09/17 15:40:06 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2010/09/17 15:40:06 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/04/13 22:04:34 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2008/04/13 22:04:32 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2008/04/13 22:04:30 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2008/04/13 22:04:30 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2008/04/13 22:04:30 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2008/04/13 22:04:30 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2008/04/13 22:04:28 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2008/04/13 22:04:28 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2008/04/13 22:04:28 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2008/04/13 22:04:28 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2006/01/23 18:19:28 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\PalmUSBD.sys -- (PalmUSBD)
DRV - [2004/10/07 10:21:22 | 000,015,360 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mxopswd.sys -- (MXOPSWD)
DRV - [2004/09/29 02:02:00 | 000,016,752 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctpdusb2.sys -- (Jukebox)
DRV - [2004/08/03 22:29:26 | 000,701,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2004/05/21 01:30:02 | 000,114,944 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssoftnt4.sys -- (ssoftnt4)
DRV - [2003/10/10 04:23:48 | 000,032,640 | ---- | M] (Cypress Semiconductor) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\MXOFX.SYS -- (MXOFX) USB Storage Adapter FX (MXO)
DRV - [2003/03/13 13:23:28 | 000,019,712 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mxofwfp.sys -- (MaxtorFrontPanel1)
DRV - [2002/11/08 11:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/10/01 10:22:32 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pfc.sys -- (pfc)
DRV - [2001/10/16 13:48:30 | 000,051,072 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EUSBMSD.SYS -- (EUSBMSD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gvnaz.org/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://search.condui...&ctid=CT2399412
IE - HKCU\..\URLSearchHook: {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\prxtbFre0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/20 16:48:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/05/18 17:39:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\es\Application Data\Mozilla\Extensions
[2011/05/27 01:00:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\es\Application Data\Mozilla\Firefox\Profiles\a5bmhej0.default\extensions
[2011/05/18 17:38:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ES\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\A5BMHEJ0.DEFAULT\EXTENSIONS\{6E84150A-D526-41F1-A480-A67D3FED910D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ES\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\A5BMHEJ0.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/05/20 16:47:57 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/05/30 21:57:41 | 000,000,098 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Free TV Bar c3 Toolbar) - {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\prxtbFre0.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Free TV Bar c3 Toolbar) - {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\prxtbFre0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Free TV Bar c3 Toolbar) - {3EE8D0BE-F450-4EF2-97B9-AC2222D14DB3} - C:\Program Files\Free_TV_Bar_c3\prxtbFre0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O9 - Extra Button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: microsoft.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://bin.mcafee.co...,21/mcgdmgr.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\es\My Documents\My Pictures\Headers\Worship 1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\es\My Documents\My Pictures\Headers\Worship 1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 06:59:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004/07/29 15:08:48 | 000,000,118 | ---- | M] () - F:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{35c77788-4898-11dd-8843-0011110facec}\Shell - "" = AutoRun
O33 - MountPoints2\{35c77788-4898-11dd-8843-0011110facec}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{35c77788-4898-11dd-8843-0011110facec}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{a43d2d68-3f2a-11da-863f-0011110facec}\Shell\AutoRun\command - "" = I:\JDSecure\Windows\JDSecure31.exe
O33 - MountPoints2\{acef0274-23b4-11da-8637-0011110facec}\Shell\AutoRun\command - "" = H:\JDSecure\Windows\JDSecure31.exe
O33 - MountPoints2\{acef0275-23b4-11da-8637-0011110facec}\Shell\AutoRun\command - "" = I:\JDSecure\Windows\JDSecure31.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/30 21:57:34 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/30 21:55:02 | 000,586,240 | ---- | C] (AVAST Software) -- C:\Documents and Settings\es\Desktop\aswMBR.exe
[2011/05/27 00:16:03 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\es\Desktop\OTL(1).exe
[2011/05/20 17:12:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\es\Recent
[2011/05/20 12:08:36 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2011/05/19 18:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/05/19 16:09:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\es\Local Settings\Application Data\LogMeIn
[2011/05/19 16:09:30 | 000,029,568 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2011/05/19 16:09:29 | 000,083,360 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2011/05/19 16:09:29 | 000,047,640 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\LMIRfsDriver.sys
[2011/05/19 16:09:10 | 000,087,424 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2011/05/19 16:09:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/05/19 16:08:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2011/05/19 16:08:29 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn
[2011/05/19 15:29:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/05/19 15:01:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011/05/19 14:14:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2011/05/19 13:53:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2011/05/19 12:05:08 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2011/05/19 12:05:07 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2011/05/19 12:05:06 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2011/05/19 12:04:47 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2011/05/19 12:04:36 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2011/05/19 12:04:29 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2011/05/19 12:04:22 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2011/05/19 12:04:22 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2011/05/19 12:04:22 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2011/05/19 12:04:20 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2011/05/19 12:04:19 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2011/05/19 12:04:17 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2011/05/19 12:04:16 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2011/05/19 12:04:12 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2011/05/19 12:04:10 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2011/05/19 12:04:10 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2011/05/19 12:04:09 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2011/05/19 12:03:58 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2011/05/19 12:03:58 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2011/05/19 12:03:51 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2011/05/19 12:03:51 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2011/05/19 12:03:51 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2011/05/19 12:03:51 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2011/05/19 12:03:50 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2011/05/19 12:03:50 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2011/05/19 12:03:45 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2011/05/19 12:03:40 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2011/05/19 12:03:40 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2011/05/19 12:03:37 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2011/05/19 12:03:37 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2011/05/19 12:01:56 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2011/05/19 12:01:55 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2011/05/19 12:01:48 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2011/05/19 12:01:47 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2011/05/19 12:01:47 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2011/05/19 12:01:46 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2011/05/19 12:01:42 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2011/05/19 12:01:18 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2011/05/19 12:01:17 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2011/05/19 12:01:16 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2011/05/19 12:01:15 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2011/05/19 12:01:15 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2011/05/19 12:01:05 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2011/05/19 12:01:05 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2011/05/19 12:00:48 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2011/05/19 12:00:48 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2011/05/19 12:00:48 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2011/05/19 12:00:47 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2011/05/19 12:00:37 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2011/05/19 12:00:36 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2011/05/19 12:00:36 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2011/05/19 12:00:32 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2011/05/19 12:00:32 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2011/05/19 12:00:32 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2011/05/19 12:00:32 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2011/05/19 12:00:31 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2011/05/19 12:00:31 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2011/05/19 12:00:31 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2011/05/19 12:00:31 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2011/05/19 12:00:30 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2011/05/19 12:00:29 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2011/05/19 12:00:28 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2011/05/19 12:00:20 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2011/05/19 12:00:16 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2011/05/19 12:00:15 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2011/05/19 12:00:03 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2011/05/19 12:00:03 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2011/05/19 11:59:53 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2011/05/19 11:59:53 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2011/05/19 11:59:53 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2011/05/19 11:59:51 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2011/05/19 11:59:31 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2011/05/19 11:59:30 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2011/05/19 11:59:29 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2011/05/19 11:59:23 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2011/05/19 11:59:23 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2011/05/19 11:59:23 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2011/05/19 11:59:22 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2011/05/19 11:59:09 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2011/05/19 11:59:04 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2011/05/19 11:59:03 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2011/05/19 11:58:56 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2011/05/19 11:58:56 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2011/05/19 11:58:52 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2011/05/19 11:58:52 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2011/05/19 11:58:52 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2011/05/19 11:58:52 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2011/05/19 11:58:51 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2011/05/19 11:58:51 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2011/05/19 11:58:50 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2011/05/19 11:58:50 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2011/05/19 11:58:50 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2011/05/19 11:58:50 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2011/05/19 11:58:50 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2011/05/19 11:57:18 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2011/05/19 11:56:46 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2011/05/19 11:56:46 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2011/05/19 11:56:45 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2011/05/19 11:56:45 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2011/05/19 11:56:37 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2011/05/19 11:56:37 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2011/05/19 11:56:36 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2011/05/19 11:56:35 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2011/05/19 11:56:34 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2011/05/19 11:56:34 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2011/05/19 11:54:56 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2011/05/19 11:54:12 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2011/05/19 11:53:09 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2011/05/19 11:53:09 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2011/05/19 11:52:55 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2011/05/19 11:52:55 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2011/05/19 11:52:52 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2011/05/19 11:52:46 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2011/05/19 11:52:45 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2011/05/19 11:52:43 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2011/05/19 11:52:43 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2011/05/19 11:52:42 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2011/05/19 11:52:33 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2011/05/19 11:52:32 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2011/05/19 11:52:32 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2011/05/19 11:51:46 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2011/05/19 11:51:41 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2011/05/19 11:51:35 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2011/05/19 11:51:34 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2011/05/19 11:51:34 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2011/05/19 11:51:33 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2011/05/19 11:51:33 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2011/05/19 11:51:33 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2011/05/19 11:51:33 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2011/05/19 11:51:31 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2011/05/19 11:51:25 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2011/05/19 11:51:25 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2011/05/19 11:51:23 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2011/05/19 11:51:13 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2011/05/19 11:51:13 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2011/05/19 11:51:13 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2011/05/19 11:51:13 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2011/05/19 11:51:13 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2011/05/19 11:51:13 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2011/05/19 11:51:09 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2011/05/19 11:50:58 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2011/05/19 11:50:52 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2011/05/19 11:50:38 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2011/05/19 11:50:38 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2011/05/19 11:50:38 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2011/05/19 11:50:38 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2011/05/19 11:50:37 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2011/05/19 11:50:35 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2011/05/19 11:50:35 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2011/05/19 11:50:34 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2011/05/19 11:50:34 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2011/05/19 11:50:33 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2011/05/19 11:50:33 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2011/05/19 11:50:19 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2011/05/19 11:50:19 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2011/05/19 11:50:19 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2011/05/19 11:50:19 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2011/05/19 11:50:19 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2011/05/19 11:50:18 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2011/05/19 11:50:18 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2011/05/19 11:50:18 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2011/05/19 11:50:17 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2011/05/19 11:50:17 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2011/05/19 11:50:16 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2011/05/19 11:50:16 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2011/05/19 11:50:16 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2011/05/19 11:50:16 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2011/05/19 11:50:16 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2011/05/19 11:50:15 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2011/05/19 11:50:15 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2011/05/19 11:50:15 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2011/05/19 11:50:13 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2011/05/19 11:50:11 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2011/05/19 11:50:11 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2011/05/19 11:50:11 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2011/05/19 11:50:10 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2011/05/19 11:50:10 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2011/05/19 11:50:10 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2011/05/19 11:50:10 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2011/05/19 11:50:01 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2011/05/19 11:49:56 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2011/05/19 11:48:52 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2011/05/19 11:48:51 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2011/05/19 11:48:51 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2011/05/19 11:48:51 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2011/05/19 11:48:49 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2011/05/19 11:48:48 | 000,184,320 | ---- | C] (Sierra Wireless Inc.) -- C:\WINDOWS\System32\dllcache\ac300nd5.sys
[2011/05/19 11:48:47 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2011/05/19 11:48:46 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2011/05/19 11:48:46 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2011/05/19 11:48:45 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2011/05/18 17:38:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\es\Local Settings\Application Data\Mozilla
[2011/05/18 17:38:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\es\Application Data\Mozilla
[2011/05/18 17:37:58 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/05/18 17:17:31 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/05/18 17:17:31 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/05/18 17:15:27 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/05/18 17:05:44 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2011/05/18 15:02:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/05/18 14:10:22 | 000,000,000 | ---D | C] -- C:\Program Files\Revo Uninstaller
[2011/05/18 14:10:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\es\Start Menu\Programs\Revo Uninstaller
[2011/05/18 14:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\es\Application Data\Malwarebytes
[2011/05/18 14:07:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/18 14:07:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/18 14:07:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/18 14:07:09 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/18 14:07:09 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/18 09:23:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2011/01/14 13:16:38 | 000,382,176 | ---- | C] (Visicom Media Inc. (License)) -- C:\Program Files\Common Files\PandaAntiPhising-FYTDL.exe
[2 C:\Documents and Settings\es\My Documents\*.tmp files -> C:\Documents and Settings\es\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/31 14:27:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/31 08:04:36 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/05/31 08:04:02 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/31 08:03:58 | 534,827,008 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/31 08:03:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/05/30 21:57:41 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\Hosts
[2011/05/30 21:55:10 | 000,586,240 | ---- | M] (AVAST Software) -- C:\Documents and Settings\es\Desktop\aswMBR.exe
[2011/05/27 15:48:52 | 000,002,465 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Movavi Video Converter 8.lnk
[2011/05/27 11:30:00 | 000,000,338 | ---- | M] () -- C:\Documents and Settings\es\Desktop\Shortcut to public on Naz.lnk
[2011/05/27 00:16:17 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\es\Desktop\OTL(1).exe
[2011/05/19 16:19:34 | 000,383,126 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2011/05/19 16:19:34 | 000,054,276 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2011/05/19 16:09:08 | 000,001,024 | ---- | M] () -- C:\.rnd
[2011/05/19 15:32:17 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/05/19 15:28:19 | 000,326,704 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/19 15:17:40 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2011/05/19 15:08:59 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/05/19 15:08:59 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2011/05/18 17:39:21 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2011/05/18 17:38:12 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\es\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/18 17:38:12 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/05/18 17:26:55 | 000,000,737 | ---- | M] () -- C:\Documents and Settings\es\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/18 17:19:51 | 000,000,292 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/05/18 17:13:08 | 000,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2011/05/18 17:13:03 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/05/18 17:13:03 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/05/18 17:13:01 | 000,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2011/05/18 17:12:35 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011/05/18 17:06:51 | 000,023,444 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/05/18 17:05:32 | 000,000,535 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2011/05/18 15:02:40 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2 C:\Documents and Settings\es\My Documents\*.tmp files -> C:\Documents and Settings\es\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/19 16:09:05 | 000,001,024 | ---- | C] () -- C:\.rnd
[2011/05/19 16:08:47 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\LogMeIn.lnk
[2011/05/19 13:45:53 | 001,326,080 | ---- | C] () -- C:\WINDOWS\System32\webfldrs.msi
[2011/05/19 13:45:28 | 000,383,804 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tahoma.ttf
[2011/05/19 13:45:28 | 000,355,680 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tahomabd.ttf
[2011/05/19 13:44:42 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\odbcconf.rsp
[2011/05/19 13:44:42 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\dllcache\odbcconf.rsp
[2011/05/19 13:44:03 | 000,204,396 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2011/05/19 13:43:57 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2011/05/19 13:43:56 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\msdxm.ocx
[2011/05/19 13:43:56 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2011/05/19 13:43:19 | 000,956,990 | ---- | C] () -- C:\WINDOWS\System32\instcat.sql
[2011/05/19 13:43:18 | 000,019,514 | ---- | C] () -- C:\WINDOWS\System32\ieuinit.inf
[2011/05/19 13:43:14 | 000,000,929 | ---- | C] () -- C:\WINDOWS\System32\homepage.inf
[2011/05/19 13:42:57 | 000,498,742 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2011/05/19 13:42:51 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2011/05/19 13:42:41 | 000,252,928 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compatui.dll
[2011/05/19 13:42:24 | 000,218,134 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apphelp.sdb
[2011/05/19 13:42:24 | 000,080,546 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apps.chm
[2011/05/19 12:05:07 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2011/05/19 11:53:09 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2011/05/19 11:53:09 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2011/05/19 11:53:08 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2011/05/19 11:53:08 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2011/05/19 11:53:07 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2011/05/19 11:51:34 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2011/05/19 11:51:34 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2011/05/19 11:51:34 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2011/05/19 11:50:05 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2011/05/19 11:50:04 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2011/05/19 11:50:04 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2011/05/19 11:50:04 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2011/05/19 11:50:04 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2011/05/19 11:50:04 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2011/05/19 11:50:04 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2011/05/19 11:50:04 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2011/05/19 11:50:03 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2011/05/19 11:50:02 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2011/05/18 17:39:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/05/18 17:38:12 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\es\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/18 17:38:12 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/05/18 17:38:10 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/05/18 17:21:58 | 534,827,008 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/18 17:16:35 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/05/18 17:16:19 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/05/18 17:16:06 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011/05/18 17:16:01 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/05/18 17:13:37 | 000,003,144 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srgb.icm
[2011/05/18 16:52:22 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/05/18 16:52:21 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/05/18 16:52:21 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/05/18 16:52:21 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011/05/18 16:52:21 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/05/18 16:52:21 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/05/18 15:02:40 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/05/18 15:02:15 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2009/09/22 11:32:53 | 000,005,059 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ypkpiykb.yyr
[2006/06/12 19:18:14 | 000,012,997 | ---- | C] () -- C:\Documents and Settings\es\Application Data\Comma Separated Values (Windows).CAL
[2006/02/01 09:57:20 | 000,028,950 | ---- | C] () -- C:\Documents and Settings\es\Application Data\Comma Separated Values (Windows).ADR
[2006/01/30 10:27:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006/01/24 15:36:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2006/01/24 09:40:12 | 000,000,097 | ---- | C] () -- C:\WINDOWS\MobileDB_PC.ini
[2006/01/23 18:30:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2006/01/23 17:14:29 | 000,003,995 | ---- | C] () -- C:\Documents and Settings\es\Application Data\Comma Separated Values (DOS).NOT
[2005/10/31 12:04:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/10/29 12:27:33 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\es\Local Settings\Application Data\fusioncache.dat
[2005/10/15 09:57:26 | 000,000,118 | ---- | C] () -- C:\WINDOWS\ppdrv.ini
[2005/10/02 12:57:41 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/09/20 14:53:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\JDSecure31.INI
[2005/05/14 14:36:31 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\es\Application Data\PFP120JPR.{PB
[2005/05/14 14:36:31 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\es\Application Data\PFP120JCM.{PB
[2005/01/03 10:40:51 | 000,000,376 | ---- | C] () -- C:\WINDOWS\mozregistry.dat
[2004/11/16 15:55:36 | 000,000,306 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2004/11/16 15:53:58 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2004/11/16 15:53:57 | 000,040,129 | ---- | C] () -- C:\WINDOWS\iccsigs.dat
[2004/11/16 15:53:57 | 000,000,149 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2004/11/06 15:56:59 | 000,002,347 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2004/09/08 11:03:09 | 000,004,144 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2004/09/08 11:03:07 | 000,034,816 | ---- | C] () -- C:\WINDOWS\upi41003.dll
[2004/09/08 11:03:07 | 000,017,408 | ---- | C] () -- C:\WINDOWS\PI4UN.dll
[2004/09/08 11:03:07 | 000,016,896 | ---- | C] () -- C:\WINDOWS\upi41004.dll
[2004/09/08 11:02:02 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\fplayer.dll
[2004/08/24 15:52:16 | 000,056,320 | ---- | C] () -- C:\Documents and Settings\es\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/08/24 14:28:50 | 000,024,107 | ---- | C] () -- C:\Documents and Settings\es\Application Data\Comma Separated Values (DOS).ADR
[2004/08/23 13:09:01 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/23 11:01:55 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/08/12 08:09:23 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/12 08:05:22 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\PdeSrv2p.dll
[2004/08/12 08:05:21 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2004/08/12 08:02:47 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/08/12 07:51:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2004/08/12 07:49:31 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/08/12 07:49:26 | 000,383,126 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2004/08/12 07:49:26 | 000,054,276 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2004/08/12 07:49:15 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/12 07:38:22 | 000,000,550 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/05/26 13:09:26 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\DSRIRREM.EXE
[2004/05/24 17:11:28 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\zip.exe
[2004/05/24 17:04:56 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\lttls13n.dll
[2004/05/24 17:03:20 | 000,708,608 | ---- | C] () -- C:\WINDOWS\System32\ltcry13n.dll
[2004/05/24 17:01:02 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2004/05/24 17:00:48 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2004/05/21 01:30:02 | 000,114,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\ssoftnt4.sys
[2004/05/11 08:03:20 | 000,326,704 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/05/11 08:02:24 | 000,000,780 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/03/26 14:59:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002/09/03 06:59:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/09/03 06:56:30 | 000,023,444 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/08/29 03:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2001/08/18 05:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/18 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/18 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/18 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/18 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/18 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/18 05:00:00 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[1979/12/31 22:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== LOP Check ==========

[2011/01/14 13:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Antiphishing Domain Advisor
[2005/05/12 14:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fellowes
[2006/01/23 18:21:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2011/05/31 08:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2009/09/23 10:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Movavi Video Converter 8
[2011/05/19 11:24:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RetroExp
[2011/01/04 16:45:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ReviverSoft
[2005/01/05 10:37:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2004/10/25 09:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\Aim
[2006/02/08 14:04:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\Costco Photo Viewer
[2007/05/04 10:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\DeskAlerts_0
[2007/05/04 10:45:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\DeskAlerts_{C1CCE7F6-882E-40e2-A920-A799A50627F4}
[2006/01/23 16:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\HotSync
[2004/08/24 16:03:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\Leadertech
[2005/06/07 16:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\NetMedia Providers
[2011/05/18 14:50:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\PriceGong
[2005/06/07 16:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\Publish Providers
[2005/06/07 16:04:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\Sony
[2005/01/24 14:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\Template
[2008/02/27 18:38:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\es\Application Data\Webshots

========== Purity Check ==========



< End of report >


aswMBR version 0.9.5.317 Copyright© 2011 AVAST Software
Run date: 2011-05-31 15:15:12
-----------------------------
15:15:12.703 OS Version: Windows 5.1.2600 Service Pack 3
15:15:12.703 Number of processors: 2 586 0x304
15:15:12.703 ComputerName: ERIC UserName: es
15:15:14.656 Initialize success
15:15:31.625 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
15:15:31.640 Disk 0 Vendor: Maxtor_6Y080L0 YAR41BW0 Size: 76293MB BusType: 3
15:15:31.656 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
15:15:31.656 Disk 1 Vendor: Maxtor_96147H6 ZAH814Y0 Size: 58625MB BusType: 3
15:15:31.656 Disk 2 \Device\Harddisk2\DR6 -> \Device\0000005b
15:15:31.671 Disk 2 Vendor: Maxtor__ 023d Size: 286188MB BusType: 4
15:15:33.703 Disk 0 MBR read successfully
15:15:33.703 Disk 0 MBR scan
15:15:33.703 Disk 0 unknown MBR code
15:15:35.734 Disk 0 scanning sectors +156232125
15:15:35.765 Disk 0 scanning C:\WINDOWS\system32\drivers
15:15:46.640 Service scanning
15:15:48.140 Disk 0 trace - called modules:
15:15:48.156 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
15:15:48.171 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8335fab8]
15:15:48.171 3 CLASSPNP.SYS[f8898fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x833d4d98]
15:16:00.265 Unsigned kernel modules:
15:16:00.281 0xf875a000 C:\WINDOWS\system32\drivers\drvmcdb.sys
15:16:00.453 0xf8ac8000 C:\WINDOWS\system32\drivers\PxHelp20.sys
15:16:08.765 0xf8d64000 C:\WINDOWS\system32\drivers\sscdbhk5.sys
15:16:08.968 0xf862a000 C:\WINDOWS\system32\drivers\pfc.sys
15:16:18.421 0xf8bf0000 C:\WINDOWS\System32\DRIVERS\omci.sys
15:16:21.500 0xf8af8000 C:\WINDOWS\system32\drivers\ssrtln.sys
15:16:31.734 0xef699000 C:\WINDOWS\system32\drivers\drvnddm.sys
15:16:31.843 0xf8f52000 C:\WINDOWS\system32\dla\tfsndres.sys
15:16:31.984 0xef3b5000 C:\WINDOWS\system32\dla\tfsnifs.sys
15:16:32.078 0xef44e000 C:\WINDOWS\system32\dla\tfsnopio.sys
15:16:32.140 0xf8dfc000 C:\WINDOWS\system32\dla\tfsnpool.sys
15:16:32.281 0xf8b68000 C:\WINDOWS\system32\dla\tfsnboio.sys
15:16:32.437 0xf8968000 C:\WINDOWS\system32\dla\tfsncofs.sys
15:16:32.531 0xf8f50000 C:\WINDOWS\system32\dla\tfsndrct.sys
15:16:32.656 0xef39c000 C:\WINDOWS\system32\dla\tfsnudf.sys
15:16:32.843 0xef383000 C:\WINDOWS\system32\dla\tfsnudfa.sys
15:16:35.484 0xeeb74000 C:\WINDOWS\system32\Drivers\ssoftnt4.sys
15:16:37.625 Scan finished successfully
15:16:52.031 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\es\Desktop\MBR.dat"
15:16:52.031 The log file has been saved successfully to "C:\Documents and Settings\es\Desktop\aswMBR.txt"

Edited by gvnaz, 02 June 2011 - 12:45 AM.

  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK two programmes to run, the first to try and reset the internet connection, the second a good malware scan. You are using IE6 which is a tad anciernt

Download and install IE8

Next run the fixit on this page

If that fails then try the following

  • To open a command prompt, click Start > All Programs > Accessories and then right click command prompt and select run as administrator.
  • Copy and paste (or type) the following command in the command box box and then press ENTER:
    netsh winsock reset c:\resetlog.txt
  • Reboot the computer.
  • In next reply please post content of the file c:\resetlog.txt

THEN

Download ComboFix from one of these locations:


Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

  • Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Posted Image



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

Advertisements


#11
gvnaz

gvnaz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
IE is working again after the update to #8. Windows Automatic Updates are also working again. everything seems to be working fine again except for a minor problem with Microsoft Security Essentials. still getting the same error if i click update, however the latest definitions are from today (6/4) so i guess that it is updating automatically but not if i click the button.

*edit - actually this is a different error code now. btw, i found that its easier to use the Snipping Tool on my Win 7 machine to take the screenshot so its in black and white because the LogMeIn window goes b&w when its not in focus.
Posted Image


heres the ComboFix.txt

ComboFix 11-06-03.02 - es 06/04/2011 20:50:52.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.136 [GMT -7:00]
Running from: c:\documents and settings\es\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\es\Application Data\PriceGong
c:\documents and settings\es\Application Data\PriceGong\Data\1.xml
c:\documents and settings\es\Application Data\PriceGong\Data\a.xml
c:\documents and settings\es\Application Data\PriceGong\Data\b.xml
c:\documents and settings\es\Application Data\PriceGong\Data\c.xml
c:\documents and settings\es\Application Data\PriceGong\Data\d.xml
c:\documents and settings\es\Application Data\PriceGong\Data\e.xml
c:\documents and settings\es\Application Data\PriceGong\Data\f.xml
c:\documents and settings\es\Application Data\PriceGong\Data\g.xml
c:\documents and settings\es\Application Data\PriceGong\Data\h.xml
c:\documents and settings\es\Application Data\PriceGong\Data\i.xml
c:\documents and settings\es\Application Data\PriceGong\Data\J.xml
c:\documents and settings\es\Application Data\PriceGong\Data\k.xml
c:\documents and settings\es\Application Data\PriceGong\Data\l.xml
c:\documents and settings\es\Application Data\PriceGong\Data\m.xml
c:\documents and settings\es\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\es\Application Data\PriceGong\Data\n.xml
c:\documents and settings\es\Application Data\PriceGong\Data\o.xml
c:\documents and settings\es\Application Data\PriceGong\Data\p.xml
c:\documents and settings\es\Application Data\PriceGong\Data\q.xml
c:\documents and settings\es\Application Data\PriceGong\Data\r.xml
c:\documents and settings\es\Application Data\PriceGong\Data\s.xml
c:\documents and settings\es\Application Data\PriceGong\Data\t.xml
c:\documents and settings\es\Application Data\PriceGong\Data\u.xml
c:\documents and settings\es\Application Data\PriceGong\Data\v.xml
c:\documents and settings\es\Application Data\PriceGong\Data\w.xml
c:\documents and settings\es\Application Data\PriceGong\Data\x.xml
c:\documents and settings\es\Application Data\PriceGong\Data\y.xml
c:\documents and settings\es\Application Data\PriceGong\Data\z.xml
c:\documents and settings\es\WINDOWS
c:\program files\deskalerts
c:\program files\deskalerts\basis.xml
c:\program files\deskalerts\cancel_button.gif
c:\program files\deskalerts\deskbar.crc
c:\program files\deskalerts\deskbar.inf
c:\program files\deskalerts\history.html
c:\program files\deskalerts\hs_delete.bmp
c:\program files\deskalerts\hs_search.bmp
c:\program files\deskalerts\icons.bmp
c:\program files\deskalerts\mbclose.bmp
c:\program files\deskalerts\mblogo.bmp
c:\program files\deskalerts\newversion.txt
c:\program files\deskalerts\notify.wav
c:\program files\deskalerts\options.html
c:\program files\deskalerts\save_button.gif
c:\program files\deskalerts\title_back.gif
c:\program files\deskalerts\version.txt
c:\program files\Fast Browser Search
c:\program files\Fast Browser Search\IE\1.bat
c:\program files\Fast Browser Search\IE\about.html
c:\program files\Fast Browser Search\IE\affid.dat
c:\program files\Fast Browser Search\IE\basis.xml
c:\program files\Fast Browser Search\IE\basis_br.xml
c:\program files\Fast Browser Search\IE\basis_de.xml
c:\program files\Fast Browser Search\IE\basis_en.xml
c:\program files\Fast Browser Search\IE\basis_es.xml
c:\program files\Fast Browser Search\IE\basis_fr.xml
c:\program files\Fast Browser Search\IE\basis_it.xml
c:\program files\Fast Browser Search\IE\basis_nr.xml
c:\program files\Fast Browser Search\IE\basis_pt.xml
c:\program files\Fast Browser Search\IE\basis_ru.xml
c:\program files\Fast Browser Search\IE\basis_tr.xml
c:\program files\Fast Browser Search\IE\ClearRecycleBin.exe
c:\program files\Fast Browser Search\IE\error.html
c:\program files\Fast Browser Search\IE\FBSPlugin.dll
c:\program files\Fast Browser Search\IE\fbsProtection.xml
c:\program files\Fast Browser Search\IE\FbsSearchProvider.xml
c:\program files\Fast Browser Search\IE\FbsSearchProviderIE8.exe
c:\program files\Fast Browser Search\IE\FBStoolbar.dll
c:\program files\Fast Browser Search\IE\fbstoolbar.jar
c:\program files\Fast Browser Search\IE\fbstoolbar.manifest
c:\program files\Fast Browser Search\IE\icons.bmp
c:\program files\Fast Browser Search\IE\info.txt
c:\program files\Fast Browser Search\IE\local.xml
c:\program files\Fast Browser Search\IE\logobg.bmp
c:\program files\Fast Browser Search\IE\MTWBtoolbar.html
c:\program files\Fast Browser Search\IE\search.bmp
c:\program files\Fast Browser Search\IE\search_br.bmp
c:\program files\Fast Browser Search\IE\search_de.bmp
c:\program files\Fast Browser Search\IE\search_es.bmp
c:\program files\Fast Browser Search\IE\search_fr.bmp
c:\program files\Fast Browser Search\IE\search_it.bmp
c:\program files\Fast Browser Search\IE\search_pt.bmp
c:\program files\Fast Browser Search\IE\search_ru.bmp
c:\program files\Fast Browser Search\IE\SearchAssistant.dll
c:\program files\Fast Browser Search\IE\SearchGuardPlus.ico
c:\program files\Fast Browser Search\IE\SGPU.ico
c:\program files\Fast Browser Search\IE\sgpUpdater.exe
c:\program files\Fast Browser Search\IE\sgpUpdater.xml
c:\program files\Fast Browser Search\IE\SGPUpdaterS.exe
c:\program files\Fast Browser Search\IE\tbhelper.dll
c:\program files\Fast Browser Search\IE\tbs_include_script_003175.js
c:\program files\Fast Browser Search\IE\tbs_include_script_005064.js
c:\program files\Fast Browser Search\IE\tbs_include_script_012817.js
c:\program files\Fast Browser Search\IE\Toolbar Help.htm
c:\program files\Fast Browser Search\IE\ToolBarBHO.dll
c:\program files\Fast Browser Search\IE\uninstall.exe
c:\program files\Fast Browser Search\IE\uninstalSGP.exe
c:\program files\Fast Browser Search\IE\uninstalSGPU.exe
c:\program files\Fast Browser Search\IE\version.txt
c:\program files\Search Guard Plus
c:\program files\Search Guard Plus\fbsProtection.xml
c:\program files\Search Guard Plus\fbsSearchProvider.xml
c:\program files\Search Guard Plus\FbsSearchProviderIE8.exe
c:\program files\Search Guard Plus\SearchGuardPlus.ico
c:\program files\Search Guard Plus\uninstalSGP.exe
c:\program files\Search Guard PlusU
c:\program files\Search Guard PlusU\SGPU.ico
c:\program files\Search Guard PlusU\sgpUpdater.exe
c:\program files\Search Guard PlusU\sgpUpdater.xml
c:\program files\Search Guard PlusU\sgpUpdaters.exe
c:\program files\Search Guard PlusU\uninstalSGPU.exe
c:\program files\Search Toolbar
c:\program files\Search Toolbar\icon.ico
c:\program files\Search Toolbar\SearchToolbarUninstall.exe
c:\program files\Search Toolbar\SearchToolbarUpdater.exe
c:\program files\SGPSA
c:\program files\SGPSA\SearchAssistant.dll
c:\windows\system32\ff4h.gy
c:\windows\system32\user32.DLLA3DC33F5
c:\windows\system32\user32.DLLBFA4D093
c:\windows\system32\user32.DLLE78F934E
.
.
((((((((((((((((((((((((( Files Created from 2011-05-05 to 2011-06-05 )))))))))))))))))))))))))))))))
.
.
2011-06-05 03:28 . 2011-06-05 03:28 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{041A586D-262C-41E4-85F6-415AADE724E2}\MpKsl5b143126.sys
2011-06-05 00:33 . 2011-05-18 19:37 6962000 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{041A586D-262C-41E4-85F6-415AADE724E2}\mpengine.dll
2011-05-31 04:57 . 2011-05-31 04:57 -------- d-----w- C:\_OTL
2011-05-20 19:08 . 2008-04-14 05:06 10880 -c--a-w- c:\windows\system32\dllcache\admjoy.sys
2011-05-20 19:08 . 2008-04-14 05:06 84480 -c--a-w- c:\windows\system32\dllcache\ac97via.sys
2011-05-20 19:08 . 2008-04-14 05:06 231552 -c--a-w- c:\windows\system32\dllcache\ac97ali.sys
2011-05-20 19:08 . 2008-04-14 07:10 12288 -c--a-w- c:\windows\system32\dllcache\4mmdat.sys
2011-05-20 19:07 . 2008-04-14 07:57 2188928 -c--a-w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-05-20 01:52 . 2011-05-18 19:37 6962000 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-05-20 01:35 . 2011-05-20 01:35 -------- d-----w- c:\program files\ESET
2011-05-20 01:23 . 2011-06-05 03:25 -------- d-----w- c:\documents and settings\LogMeInRemoteUser
2011-05-19 23:09 . 2011-05-19 23:09 -------- d-----w- c:\documents and settings\es\Local Settings\Application Data\LogMeIn
2011-05-19 23:09 . 2011-03-01 19:12 53632 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2011-05-19 23:09 . 2011-03-01 19:12 29568 ----a-w- c:\windows\system32\LMIport.dll
2011-05-19 23:09 . 2011-03-01 19:12 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2011-05-19 23:09 . 2010-09-17 22:40 47640 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys
2011-05-19 23:09 . 2011-03-01 19:12 87424 ----a-w- c:\windows\system32\LMIinit.dll
2011-05-19 23:09 . 2011-06-05 00:23 -------- d-----w- c:\documents and settings\All Users\Application Data\LogMeIn
2011-05-19 23:08 . 2011-05-19 23:08 -------- d-----w- c:\program files\LogMeIn
2011-05-19 22:16 . 2008-04-14 12:42 1306624 -c----w- c:\windows\system32\dllcache\msxml6.dll
2011-05-19 22:16 . 2008-04-14 05:57 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2011-05-19 22:16 . 2009-08-07 02:24 217816 ----a-w- c:\windows\system32\wuaucpl.cpl
2011-05-19 22:16 . 2008-04-14 12:42 380416 ------w- c:\windows\system32\irprops.cpl
2011-05-19 21:31 . 2008-04-14 12:41 7168 ----a-w- c:\windows\system32\hccoin.dll
2011-05-19 21:31 . 2008-04-14 07:15 30208 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-19 21:15 . 2008-04-14 12:42 74240 ----a-w- c:\windows\system32\usbui.dll
2011-05-19 21:15 . 2008-04-14 07:15 143872 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-19 21:15 . 2008-04-14 07:15 20608 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-19 21:15 . 2008-04-14 07:15 59520 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-19 21:15 . 2008-04-14 07:10 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
2011-05-19 21:15 . 2008-04-14 07:10 24960 ----a-w- c:\windows\system32\drivers\pciidex.sys
2011-05-19 21:15 . 2001-08-17 20:51 3328 -c--a-w- c:\windows\system32\dllcache\pciide.sys
2011-05-19 21:15 . 2001-08-17 20:51 3328 ----a-w- c:\windows\system32\drivers\pciide.sys
2011-05-19 21:15 . 2008-04-14 07:06 37248 ----a-w- c:\windows\system32\drivers\isapnp.sys
2011-05-19 21:14 . 2008-04-14 07:06 68224 ----a-w- c:\windows\system32\drivers\pci.sys
2011-05-19 20:53 . 2011-05-19 22:16 -------- d-----w- c:\windows\ServicePackFiles
2011-05-19 20:45 . 2008-04-14 12:42 60928 ----a-w- c:\windows\system32\wbem\wmicookr.dll
2011-05-19 20:44 . 2008-04-14 12:42 1614848 ----a-w- c:\windows\system32\sfcfiles.dll
2011-05-19 19:00 . 2001-08-17 20:53 3328 -c--a-w- c:\windows\system32\dllcache\qv2kux.sys
2011-05-19 18:58 . 2001-08-17 19:11 65278 -c--a-w- c:\windows\system32\dllcache\netflx3.sys
2011-05-19 18:57 . 2001-08-17 21:02 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys
2011-05-19 18:57 . 2001-08-17 20:48 6016 -c--a-w- c:\windows\system32\dllcache\msfsio.sys
2011-05-19 18:57 . 2001-08-17 20:48 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2011-05-19 18:57 . 2001-08-17 20:57 16128 -c--a-w- c:\windows\system32\dllcache\modemcsa.sys
2011-05-19 18:57 . 2001-08-17 20:52 6528 -c--a-w- c:\windows\system32\dllcache\miniqic.sys
2011-05-19 18:57 . 2001-08-17 19:50 320384 -c--a-w- c:\windows\system32\dllcache\mgaum.sys
2011-05-19 18:57 . 2001-08-17 21:56 235648 -c--a-w- c:\windows\system32\dllcache\mgaud.dll
2011-05-19 18:57 . 2001-08-18 05:36 47616 -c--a-w- c:\windows\system32\dllcache\memgrp.dll
2011-05-19 18:57 . 2001-08-17 20:58 8320 -c--a-w- c:\windows\system32\dllcache\memcard.sys
2011-05-19 18:57 . 2001-08-17 19:12 164586 -c--a-w- c:\windows\system32\dllcache\mdgndis5.sys
2011-05-19 18:57 . 2001-08-17 20:52 7424 -c--a-w- c:\windows\system32\dllcache\mammoth.sys
2011-05-19 18:55 . 2001-08-17 21:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll
2011-05-19 18:55 . 2001-08-17 21:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2011-05-19 18:55 . 2001-08-17 21:55 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll
2011-05-19 18:53 . 2001-08-17 20:28 50751 -c--a-w- c:\windows\system32\dllcache\hsf_tone.sys
2011-05-19 18:52 . 2001-08-17 20:28 907456 -c--a-w- c:\windows\system32\dllcache\hcf_msft.sys
2011-05-19 18:51 . 2001-08-17 20:28 595647 -c--a-w- c:\windows\system32\dllcache\es56cvmp.sys
2011-05-19 18:50 . 2001-08-17 20:51 20736 -c--a-w- c:\windows\system32\dllcache\cmbp0wdm.sys
2011-05-19 18:49 . 2001-08-17 20:47 6272 -c--a-w- c:\windows\system32\dllcache\apmbatt.sys
2011-05-19 18:49 . 2001-08-17 19:11 16969 -c--a-w- c:\windows\system32\dllcache\amb8002.sys
2011-05-19 18:49 . 2001-08-17 20:49 26624 -c--a-w- c:\windows\system32\dllcache\alifir.sys
2011-05-19 18:49 . 2001-08-17 19:11 27678 -c--a-w- c:\windows\system32\dllcache\ali5261.sys
2011-05-19 00:38 . 2011-05-19 00:38 -------- d-----w- c:\documents and settings\es\Local Settings\Application Data\Mozilla
2011-05-19 00:27 . 2005-09-20 16:31 135168 ----a-w- c:\windows\system32\igfxres.dll
2011-05-19 00:16 . 2001-08-18 12:00 98304 -c--a-w- c:\windows\system32\dllcache\msir3jp.dll
2011-05-19 00:15 . 2001-08-18 12:00 6144 -c--a-w- c:\windows\system32\dllcache\ftlx041e.dll
2011-05-19 00:07 . 2008-04-14 12:42 45568 ----a-w- c:\windows\system32\safrslv.dll
2011-05-19 00:05 . 2008-04-14 12:42 281088 ----a-w- c:\program files\Windows NT\Pinball\pinball.exe
2011-05-18 23:58 . 2008-04-14 07:15 6272 ----a-w- c:\windows\system32\drivers\splitter.sys
2011-05-18 23:58 . 2008-04-14 07:15 52864 ----a-w- c:\windows\system32\drivers\dmusic.sys
2011-05-18 23:57 . 2008-04-14 07:10 57600 ----a-w- c:\windows\system32\drivers\redbook.sys
2011-05-18 23:54 . 2008-04-14 12:43 40840 ----a-w- c:\windows\system32\drivers\termdd.sys
2011-05-18 23:52 . 2008-04-14 07:24 11264 ----a-w- c:\windows\system32\drivers\irenum.sys
2011-05-18 23:52 . 2001-08-18 12:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2011-05-18 23:52 . 2001-08-18 12:00 13312 ----a-w- c:\windows\system32\irclass.dll
2011-05-18 23:52 . 2008-04-14 12:42 146432 ----a-w- c:\windows\system\winspool.drv
2011-05-18 23:52 . 2001-08-18 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2011-05-18 22:19 . 2011-05-18 22:19 578560 ------w- c:\windows\system32\user32.DLL9D39883B
2011-05-18 22:19 . 2011-05-18 22:19 578560 ------w- c:\windows\system32\user32.DLL09176014
2011-05-18 22:18 . 2011-05-18 22:18 578560 ----a-w- c:\windows\system32\user32.DLL891E711B
2011-05-18 22:08 . 2010-10-19 18:33 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-18 22:02 . 2011-05-18 22:02 -------- d-----w- c:\program files\Microsoft Security Client
2011-05-18 21:10 . 2011-05-18 21:10 -------- d-----w- c:\program files\Revo Uninstaller
2011-05-18 21:07 . 2011-05-18 21:07 -------- d-----w- c:\documents and settings\es\Application Data\Malwarebytes
2011-05-18 21:07 . 2011-05-29 16:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-18 21:07 . 2011-05-18 21:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-05-18 21:07 . 2011-05-31 22:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-05-18 21:07 . 2011-05-29 16:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-18 16:23 . 2011-05-18 16:23 -------- d-----w- c:\windows\java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-11 21:55 . 2011-04-11 21:55 1409 ----a-w- c:\windows\QTFont.for
2011-03-07 05:33 . 2004-03-02 18:18 692736 ----a-w- c:\windows\system32\inetcomm.dll
2010-12-07 13:30 . 2011-01-14 20:16 382176 ----a-w- c:\program files\Common Files\PandaAntiPhising-FYTDL.exe
2011-05-20 23:47 . 2011-05-19 00:38 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-08-30 20:52 . 2011-05-19 18:19 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{3ee8d0be-f450-4ef2-97b9-ac2222d14db3}"= "c:\program files\Free_TV_Bar_c3\prxtbFre0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{3ee8d0be-f450-4ef2-97b9-ac2222d14db3}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3ee8d0be-f450-4ef2-97b9-ac2222d14db3}]
2011-01-17 14:54 175912 ----a-w- c:\program files\Free_TV_Bar_c3\prxtbFre0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3ee8d0be-f450-4ef2-97b9-ac2222d14db3}"= "c:\program files\Free_TV_Bar_c3\prxtbFre0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{3ee8d0be-f450-4ef2-97b9-ac2222d14db3}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3EE8D0BE-F450-4EF2-97B9-AC2222D14DB3}"= "c:\program files\Free_TV_Bar_c3\prxtbFre0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{3ee8d0be-f450-4ef2-97b9-ac2222d14db3}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-15 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2010-09-17 63048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoActiveDesktop"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2011-03-01 19:12 87424 ----a-w- c:\windows\SYSTEM32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sprestrt\0sprestrt
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\WINDOWS\\SYSTEM32\\rtcshare.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
R0 ppa;Iomega Parallel Port Filter Driver;c:\windows\SYSTEM32\DRIVERS\ppa.sys [5/15/2006 11:45 AM 17792]
R1 MpKsl5b143126;MpKsl5b143126;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{041A586D-262C-41E4-85F6-415AADE724E2}\MpKsl5b143126.sys [6/4/2011 8:28 PM 28752]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [3/1/2011 12:11 PM 374152]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [9/17/2010 3:40 PM 12856]
R2 ssoftnt4;ssoftnt4;c:\windows\SYSTEM32\DRIVERS\ssoftnt4.sys [5/21/2004 1:30 AM 114944]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [1/10/2007 11:33 AM 24652]
S1 ceklooxc;ceklooxc;\??\c:\windows\system32\drivers\ceklooxc.sys --> c:\windows\system32\drivers\ceklooxc.sys [?]
S1 gtodbuzo;gtodbuzo;\??\c:\windows\system32\drivers\gtodbuzo.sys --> c:\windows\system32\drivers\gtodbuzo.sys [?]
S1 kwrcjaaf;kwrcjaaf;\??\c:\windows\system32\drivers\kwrcjaaf.sys --> c:\windows\system32\drivers\kwrcjaaf.sys [?]
S1 tiuufikk;tiuufikk;\??\c:\windows\system32\drivers\tiuufikk.sys --> c:\windows\system32\drivers\tiuufikk.sys [?]
S1 winsiust;winsiust;\??\c:\windows\system32\drivers\winsiust.sys --> c:\windows\system32\drivers\winsiust.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/1/2010 10:56 AM 135664]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [11/29/2006 6:13 PM 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/1/2010 10:56 AM 135664]
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 17:56]
.
2011-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 17:56]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.gvnaz.org/
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
Trusted Zone: microsoft.com\www
TCP: DhcpNameServer = 4.2.2.2 204.117.214.10
FF - ProfilePath - c:\documents and settings\es\Application Data\Mozilla\Firefox\Profiles\a5bmhej0.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Search Toolbar - c:\program files\Search Toolbar\SearchToolbarUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-04 21:02
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(488)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
- - - - - - - > 'explorer.exe'(2604)
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Dell\Dell DJ Explorer\CTOJBNS.DLL
c:\program files\Dell\Dell DJ Explorer\CTIntrfc.dll
c:\program files\Dell\Dell DJ Explorer\DFMHK.dll
c:\program files\Dell\Dell DJ Explorer\CTOJBRES.DLL
c:\program files\Microsoft Office\Office10\msohev.dll
c:\windows\system32\LMIRfsClientNP.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\progra~1\Dantz\RETROS~1\retrorun.exe
c:\windows\system32\ssoftsrv.exe
c:\windows\system32\wscntfy.exe
c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
.
**************************************************************************
.
Completion time: 2011-06-04 21:13:21 - machine was rebooted
ComboFix-quarantined-files.txt 2011-06-05 04:13
.
Pre-Run: 14,151,053,312 bytes free
Post-Run: 13,868,376,064 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 5FEB69183C1C286C7E26F70FC1766277

Edited by gvnaz, 04 June 2011 - 10:56 PM.

  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
That has now allowed me to see some bad drivers. Check for updates again on completion of this run

1. Please open Notepad
  • Click Start , then Run
  • Type notepad .exe in the Run Box.

2. Now copy/paste the entire content of the codebox below into the Notepad window:

KillAll::

File::
c:\windows\system32\user32.DLL9D39883B
c:\windows\system32\user32.DLL09176014
c:\windows\system32\user32.DLL891E711B
c:\windows\system32\drivers\ceklooxc.sys
c:\windows\system32\drivers\gtodbuzo.sys
c:\windows\system32\drivers\kwrcjaaf.sys
c:\windows\system32\drivers\tiuufikk.sys
c:\windows\system32\drivers\winsiust.sys

Driver::
ceklooxc
gtodbuzo
kwrcjaaf
tiuufikk
winsiust


3. Then in the text file go to FILE > SAVE AS and in the dropdown box select SAVE AS TYPE to ALL FILES

4. Save the above as CFScript.txt

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

Posted Image


6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
  • Combofix.txt
  • A new OTListit log.

  • 0

#13
gvnaz

gvnaz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
ComboFix 11-06-05.02 - es 06/05/2011 16:43:53.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.122 [GMT -7:00]
Running from: c:\documents and settings\es\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\es\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
FILE ::
"c:\windows\system32\drivers\ceklooxc.sys"
"c:\windows\system32\drivers\gtodbuzo.sys"
"c:\windows\system32\drivers\kwrcjaaf.sys"
"c:\windows\system32\drivers\tiuufikk.sys"
"c:\windows\system32\drivers\winsiust.sys"
"c:\windows\system32\user32.DLL09176014"
"c:\windows\system32\user32.DLL891E711B"
"c:\windows\system32\user32.DLL9D39883B"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\user32.DLL09176014
c:\windows\system32\user32.DLL891E711B
c:\windows\system32\user32.DLL9D39883B
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_ceklooxc
-------\Service_gtodbuzo
-------\Service_kwrcjaaf
-------\Service_tiuufikk
-------\Service_winsiust
.
.
((((((((((((((((((((((((( Files Created from 2011-05-05 to 2011-06-05 )))))))))))))))))))))))))))))))
.
.
2011-06-05 08:17 . 2011-06-05 08:17 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{65AC921E-9E19-4C31-A6B2-48D1D59BEBDE}\MpKsl171883ce.sys
2011-06-05 04:18 . 2011-05-18 19:37 6962000 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{65AC921E-9E19-4C31-A6B2-48D1D59BEBDE}\mpengine.dll
2011-06-05 04:14 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-06-05 04:14 . 2010-08-27 08:02 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2011-06-05 04:14 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2011-06-05 04:13 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2011-06-05 04:13 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2011-06-05 04:13 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2011-06-05 04:11 . 2011-02-22 23:06 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-06-05 04:11 . 2011-02-22 23:06 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-06-05 04:11 . 2011-02-22 23:06 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-06-05 04:11 . 2011-02-22 23:06 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-06-05 04:11 . 2011-02-22 23:06 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-06-05 04:11 . 2011-02-22 23:06 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-06-05 04:11 . 2011-02-22 23:06 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-06-05 04:10 . 2010-06-14 07:41 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2011-06-05 04:10 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2011-06-05 03:49 . 2011-02-17 13:18 455936 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-06-05 03:40 . 2010-12-09 13:07 2027008 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-06-05 03:40 . 2010-12-09 13:07 2069376 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2011-06-05 03:37 . 2010-08-16 08:45 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2011-05-31 04:57 . 2011-05-31 04:57 -------- d-----w- C:\_OTL
2011-05-20 19:08 . 2008-04-14 05:06 10880 -c--a-w- c:\windows\system32\dllcache\admjoy.sys
2011-05-20 19:08 . 2008-04-14 05:06 84480 -c--a-w- c:\windows\system32\dllcache\ac97via.sys
2011-05-20 19:08 . 2008-04-14 05:06 231552 -c--a-w- c:\windows\system32\dllcache\ac97ali.sys
2011-05-20 19:08 . 2008-04-14 07:10 12288 -c--a-w- c:\windows\system32\dllcache\4mmdat.sys
2011-05-20 19:07 . 2010-12-09 13:38 2192768 -c--a-w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-05-20 01:52 . 2011-05-18 19:37 6962000 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-05-20 01:35 . 2011-05-20 01:35 -------- d-----w- c:\program files\ESET
2011-05-20 01:23 . 2011-06-05 07:42 -------- d-----w- c:\documents and settings\LogMeInRemoteUser
2011-05-19 23:09 . 2011-05-19 23:09 -------- d-----w- c:\documents and settings\es\Local Settings\Application Data\LogMeIn
2011-05-19 23:09 . 2011-03-01 19:12 53632 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2011-05-19 23:09 . 2011-03-01 19:12 29568 ----a-w- c:\windows\system32\LMIport.dll
2011-05-19 23:09 . 2011-03-01 19:12 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2011-05-19 23:09 . 2010-09-17 22:40 47640 ----a-w- c:\windows\system32\drivers\LMIRfsDriver.sys
2011-05-19 23:09 . 2011-03-01 19:12 87424 ----a-w- c:\windows\system32\LMIinit.dll
2011-05-19 23:09 . 2011-06-05 07:41 -------- d-----w- c:\documents and settings\All Users\Application Data\LogMeIn
2011-05-19 23:08 . 2011-05-19 23:08 -------- d-----w- c:\program files\LogMeIn
2011-05-19 22:16 . 2009-07-31 17:05 1372672 -c----w- c:\windows\system32\dllcache\msxml6.dll
2011-05-19 22:16 . 2008-04-14 05:57 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2011-05-19 22:16 . 2009-08-07 02:24 217816 ----a-w- c:\windows\system32\wuaucpl.cpl
2011-05-19 22:16 . 2008-04-14 12:42 380416 ------w- c:\windows\system32\irprops.cpl
2011-05-19 21:31 . 2008-04-14 12:41 7168 ----a-w- c:\windows\system32\hccoin.dll
2011-05-19 21:31 . 2008-04-14 07:15 30208 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-19 21:15 . 2008-04-14 12:42 74240 ----a-w- c:\windows\system32\usbui.dll
2011-05-19 21:15 . 2008-04-14 07:15 143872 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-19 21:15 . 2008-04-14 07:15 20608 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-19 21:15 . 2008-04-14 07:15 59520 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-19 21:15 . 2008-04-14 07:10 96512 ----a-w- c:\windows\system32\drivers\atapi.sys
2011-05-19 21:15 . 2008-04-14 07:10 24960 ----a-w- c:\windows\system32\drivers\pciidex.sys
2011-05-19 21:15 . 2001-08-17 20:51 3328 -c--a-w- c:\windows\system32\dllcache\pciide.sys
2011-05-19 21:15 . 2001-08-17 20:51 3328 ----a-w- c:\windows\system32\drivers\pciide.sys
2011-05-19 21:15 . 2008-04-14 07:06 37248 ----a-w- c:\windows\system32\drivers\isapnp.sys
2011-05-19 21:14 . 2008-04-14 07:06 68224 ----a-w- c:\windows\system32\drivers\pci.sys
2011-05-19 20:53 . 2011-05-19 22:16 -------- d-----w- c:\windows\ServicePackFiles
2011-05-19 20:45 . 2008-04-14 12:42 60928 ----a-w- c:\windows\system32\wbem\wmicookr.dll
2011-05-19 20:44 . 2008-04-14 12:42 1614848 -c--a-w- c:\windows\system32\dllcache\sfcfiles.dll
2011-05-19 19:05 . 2001-08-18 05:36 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2011-05-19 19:05 . 2001-08-18 05:37 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe
2011-05-19 19:05 . 2001-08-18 05:37 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe
2011-05-19 19:05 . 2001-08-18 05:37 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe
2011-05-19 19:05 . 2001-08-17 19:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys
2011-05-19 19:03 . 2001-08-18 05:36 28160 -c--a-w- c:\windows\system32\dllcache\umaxu40.dll
2011-05-19 19:02 . 2001-08-17 20:49 30464 -c--a-w- c:\windows\system32\dllcache\tbatm155.sys
2011-05-19 19:00 . 2001-08-17 19:51 98080 -c--a-w- c:\windows\system32\dllcache\sgiulnt5.sys
2011-05-19 18:59 . 2001-08-17 20:28 130942 -c--a-w- c:\windows\system32\dllcache\ptserlv.sys
2011-05-19 18:58 . 2001-08-17 19:11 65278 -c--a-w- c:\windows\system32\dllcache\netflx3.sys
2011-05-19 18:57 . 2001-08-17 21:02 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys
2011-05-19 18:57 . 2001-08-17 20:48 6016 -c--a-w- c:\windows\system32\dllcache\msfsio.sys
2011-05-19 18:57 . 2001-08-17 20:48 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2011-05-19 18:57 . 2001-08-17 20:57 16128 -c--a-w- c:\windows\system32\dllcache\modemcsa.sys
2011-05-19 18:57 . 2001-08-17 20:52 6528 -c--a-w- c:\windows\system32\dllcache\miniqic.sys
2011-05-19 18:57 . 2001-08-17 19:50 320384 -c--a-w- c:\windows\system32\dllcache\mgaum.sys
2011-05-19 18:57 . 2001-08-17 21:56 235648 -c--a-w- c:\windows\system32\dllcache\mgaud.dll
2011-05-19 18:57 . 2001-08-18 05:36 47616 -c--a-w- c:\windows\system32\dllcache\memgrp.dll
2011-05-19 18:57 . 2001-08-17 20:58 8320 -c--a-w- c:\windows\system32\dllcache\memcard.sys
2011-05-19 18:57 . 2001-08-17 19:12 164586 -c--a-w- c:\windows\system32\dllcache\mdgndis5.sys
2011-05-19 18:57 . 2001-08-17 20:52 7424 -c--a-w- c:\windows\system32\dllcache\mammoth.sys
2011-05-19 18:55 . 2001-08-17 21:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll
2011-05-19 18:55 . 2001-08-17 21:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2011-05-19 18:55 . 2001-08-17 21:55 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll
2011-05-19 18:53 . 2001-08-17 20:28 50751 -c--a-w- c:\windows\system32\dllcache\hsf_tone.sys
2011-05-19 18:52 . 2001-08-17 20:28 907456 -c--a-w- c:\windows\system32\dllcache\hcf_msft.sys
2011-05-19 18:51 . 2001-08-17 20:28 595647 -c--a-w- c:\windows\system32\dllcache\es56cvmp.sys
2011-05-19 18:50 . 2001-08-17 20:51 20736 -c--a-w- c:\windows\system32\dllcache\cmbp0wdm.sys
2011-05-19 18:49 . 2001-08-17 20:47 6272 -c--a-w- c:\windows\system32\dllcache\apmbatt.sys
2011-05-19 18:49 . 2001-08-17 19:11 16969 -c--a-w- c:\windows\system32\dllcache\amb8002.sys
2011-05-19 18:49 . 2001-08-17 20:49 26624 -c--a-w- c:\windows\system32\dllcache\alifir.sys
2011-05-19 18:49 . 2001-08-17 19:11 27678 -c--a-w- c:\windows\system32\dllcache\ali5261.sys
2011-05-19 18:44 . 2001-08-17 21:56 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2011-05-19 00:38 . 2011-05-19 00:38 -------- d-----w- c:\documents and settings\es\Local Settings\Application Data\Mozilla
2011-05-19 00:27 . 2005-09-20 16:31 135168 ----a-w- c:\windows\system32\igfxres.dll
2011-05-19 00:18 . 2001-08-18 12:00 41600 -c--a-w- c:\windows\system32\dllcache\weitekp9.dll
2011-05-19 00:18 . 2001-08-18 12:00 31232 -c--a-w- c:\windows\system32\dllcache\weitekp9.sys
2011-05-19 00:18 . 2001-08-18 12:00 48256 -c--a-w- c:\windows\system32\dllcache\w32.dll
2011-05-19 00:18 . 2001-08-18 12:00 14336 -c--a-w- c:\windows\system32\dllcache\tsprof.exe
2011-05-19 00:18 . 2001-08-18 12:00 21896 -c--a-w- c:\windows\system32\dllcache\tdipx.sys
2011-05-19 00:18 . 2001-08-18 12:00 19464 -c--a-w- c:\windows\system32\dllcache\tdspx.sys
2011-05-19 00:18 . 2001-08-18 12:00 185344 -c--a-w- c:\windows\system32\dllcache\thawbrkr.dll
2011-05-19 00:16 . 2001-08-18 12:00 98304 -c--a-w- c:\windows\system32\dllcache\msir3jp.dll
2011-05-19 00:15 . 2001-08-18 12:00 6144 -c--a-w- c:\windows\system32\dllcache\ftlx041e.dll
2011-05-19 00:07 . 2008-04-14 12:42 45568 ----a-w- c:\windows\system32\safrslv.dll
2011-05-19 00:05 . 2008-04-14 12:42 281088 ----a-w- c:\program files\Windows NT\Pinball\pinball.exe
2011-05-18 23:58 . 2008-04-14 07:15 6272 ----a-w- c:\windows\system32\drivers\splitter.sys
2011-05-18 23:58 . 2008-04-14 07:15 52864 ----a-w- c:\windows\system32\drivers\dmusic.sys
2011-05-18 23:57 . 2008-04-14 07:10 57600 ----a-w- c:\windows\system32\drivers\redbook.sys
2011-05-18 23:54 . 2008-04-14 12:43 40840 ----a-w- c:\windows\system32\drivers\termdd.sys
2011-05-18 23:52 . 2008-04-14 07:24 11264 ----a-w- c:\windows\system32\drivers\irenum.sys
2011-05-18 23:52 . 2001-08-18 12:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2011-05-18 23:52 . 2001-08-18 12:00 13312 ----a-w- c:\windows\system32\irclass.dll
2011-05-18 23:52 . 2008-04-14 12:42 146432 ----a-w- c:\windows\system\winspool.drv
2011-05-18 23:52 . 2001-08-18 12:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2011-05-18 23:52 . 2001-08-18 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2011-05-18 22:08 . 2010-10-19 18:33 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-18 22:02 . 2011-05-18 22:02 -------- d-----w- c:\program files\Microsoft Security Client
2011-05-18 21:10 . 2011-05-18 21:10 -------- d-----w- c:\program files\Revo Uninstaller
2011-05-18 21:07 . 2011-05-18 21:07 -------- d-----w- c:\documents and settings\es\Application Data\Malwarebytes
2011-05-18 21:07 . 2011-05-29 16:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-18 21:07 . 2011-05-18 21:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-05-18 21:07 . 2011-05-31 22:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-05-18 21:07 . 2011-05-29 16:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-18 16:23 . 2011-05-18 16:23 -------- d-----w- c:\windows\java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-11 21:55 . 2011-04-11 21:55 1409 ----a-w- c:\windows\QTFont.for
2010-12-07 13:30 . 2011-01-14 20:16 382176 ----a-w- c:\program files\Common Files\PandaAntiPhising-FYTDL.exe
2011-05-20 23:47 . 2011-05-19 00:38 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-08-30 20:52 . 2011-05-19 18:19 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{3ee8d0be-f450-4ef2-97b9-ac2222d14db3}"= "c:\program files\Free_TV_Bar_c3\prxtbFre0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{3ee8d0be-f450-4ef2-97b9-ac2222d14db3}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3ee8d0be-f450-4ef2-97b9-ac2222d14db3}]
2011-01-17 14:54 175912 ----a-w- c:\program files\Free_TV_Bar_c3\prxtbFre0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3ee8d0be-f450-4ef2-97b9-ac2222d14db3}"= "c:\program files\Free_TV_Bar_c3\prxtbFre0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{3ee8d0be-f450-4ef2-97b9-ac2222d14db3}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3EE8D0BE-F450-4EF2-97B9-AC2222D14DB3}"= "c:\program files\Free_TV_Bar_c3\prxtbFre0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{3ee8d0be-f450-4ef2-97b9-ac2222d14db3}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-15 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2010-09-17 63048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2011-03-01 19:12 87424 ----a-w- c:\windows\SYSTEM32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sprestrt\0sprestrt
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\WINDOWS\\SYSTEM32\\rtcshare.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
R0 ppa;Iomega Parallel Port Filter Driver;c:\windows\SYSTEM32\DRIVERS\ppa.sys [5/15/2006 11:45 AM 17792]
R1 MpKsl171883ce;MpKsl171883ce;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{65AC921E-9E19-4C31-A6B2-48D1D59BEBDE}\MpKsl171883ce.sys [6/5/2011 1:17 AM 28752]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [3/1/2011 12:11 PM 374152]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [9/17/2010 3:40 PM 12856]
R2 ssoftnt4;ssoftnt4;c:\windows\SYSTEM32\DRIVERS\ssoftnt4.sys [5/21/2004 1:30 AM 114944]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [1/10/2007 11:33 AM 24652]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/1/2010 10:56 AM 135664]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [11/29/2006 6:13 PM 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/1/2010 10:56 AM 135664]
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 17:56]
.
2011-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 17:56]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.gvnaz.org/
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
Trusted Zone: microsoft.com\www
TCP: DhcpNameServer = 4.2.2.2 204.117.214.10
FF - ProfilePath - c:\documents and settings\es\Application Data\Mozilla\Firefox\Profiles\a5bmhej0.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-05 16:55
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(484)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
- - - - - - - > 'explorer.exe'(596)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\program files\Dell\Dell DJ Explorer\CTOJBNS.DLL
c:\program files\Dell\Dell DJ Explorer\CTIntrfc.dll
c:\program files\Dell\Dell DJ Explorer\DFMHK.dll
c:\program files\Dell\Dell DJ Explorer\CTOJBRES.DLL
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Microsoft Office\Office10\msohev.dll
c:\windows\system32\LMIRfsClientNP.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\progra~1\Dantz\RETROS~1\retrorun.exe
c:\windows\system32\ssoftsrv.exe
c:\windows\system32\wscntfy.exe
c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe
.
**************************************************************************
.
Completion time: 2011-06-05 17:03:28 - machine was rebooted
ComboFix-quarantined-files.txt 2011-06-06 00:03
ComboFix2.txt 2011-06-05 04:13
.
Pre-Run: 15,274,041,344 bytes free
Post-Run: 15,238,107,136 bytes free
.
- - End Of File - - 866DBB29627F1A433364339D8A529DF3


OTL logfile created on: 6/5/2011 5:59:04 PM - Run 5
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\es\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

509.98 Mb Total Physical Memory | 187.08 Mb Available Physical Memory | 36.68% Memory free
1.22 Gb Paging File | 0.91 Gb Available in Paging File | 74.82% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.97 Gb Total Space | 14.22 Gb Free Space | 20.04% Space Free | Partition Type: NTFS
Drive F: | 57.23 Gb Total Space | 37.26 Gb Free Space | 65.10% Space Free | Partition Type: FAT32

Computer Name: ERIC | User Name: es | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/27 00:16:17 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\es\Desktop\OTL(1).exe
PRC - [2011/03/01 12:12:00 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2011/03/01 12:11:56 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/11/08 12:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2010/09/17 15:40:06 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/04 14:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2004/07/30 15:47:36 | 000,069,632 | ---- | M] (Dantz Development Corporation) -- C:\Program Files\Dantz\Retrospect Express HD\retrorun.exe
PRC - [2004/05/21 01:30:02 | 000,074,240 | ---- | M] (Cypherix) -- C:\WINDOWS\SYSTEM32\ssoftsrv.exe


========== Modules (SafeList) ==========

MOD - [2011/05/27 00:16:17 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\es\Desktop\OTL(1).exe
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (WmdmPmSp)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/03/01 12:12:00 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2011/03/01 12:11:56 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/11/08 12:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2004/07/30 15:47:36 | 000,069,632 | ---- | M] (Dantz Development Corporation) [Auto | Running] -- C:\Program Files\Dantz\Retrospect Express HD\retrorun.exe -- (RetroExpLauncher)
SRV - [2004/05/21 01:30:02 | 000,074,240 | ---- | M] (Cypherix) [Auto | Running] -- C:\WINDOWS\System32\ssoftsrv.exe -- (ssoftservice)
SRV - [2003/03/03 11:33:40 | 000,143,360 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2011/06/05 01:17:04 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{65AC921E-9E19-4C31-A6B2-48D1D59BEBDE}\MpKsl171883ce.sys -- (MpKsl171883ce)
DRV - [2011/03/01 12:12:24 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010/09/17 15:40:06 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2010/09/17 15:40:06 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008/04/13 22:04:34 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2008/04/13 22:04:32 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2008/04/13 22:04:30 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2008/04/13 22:04:30 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2008/04/13 22:04:30 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2008/04/13 22:04:30 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2008/04/13 22:04:28 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2008/04/13 22:04:28 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2008/04/13 22:04:28 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2008/04/13 22:04:28 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2006/01/23 18:19:28 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\PalmUSBD.sys -- (PalmUSBD)
DRV - [2004/10/07 10:21:22 | 000,015,360 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mxopswd.sys -- (MXOPSWD)
DRV - [2004/09/29 02:02:00 | 000,016,752 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctpdusb2.sys -- (Jukebox)
DRV - [2004/08/03 22:29:26 | 000,701,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys -- (ati2mtag)
DRV - [2004/05/21 01:30:02 | 000,114,944 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssoftnt4.sys -- (ssoftnt4)
DRV - [2003/10/10 04:23:48 | 000,032,640 | ---- | M] (Cypress Semiconductor) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\MXOFX.SYS -- (MXOFX) USB Storage Adapter FX (MXO)
DRV - [2003/03/13 13:23:28 | 000,019,712 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mxofwfp.sys -- (MaxtorFrontPanel1)
DRV - [2002/11/08 11:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002/10/01 10:22:32 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pfc.sys -- (pfc)
DRV - [2001/10/16 13:48:30 | 000,051,072 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EUSBMSD.SYS -- (EUSBMSD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gvnaz.org/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://search.condui...&ctid=CT2399412
IE - HKCU\..\URLSearchHook: {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\prxtbFre0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/20 16:48:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/05/18 17:39:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\es\Application Data\Mozilla\Extensions
[2011/05/27 01:00:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\es\Application Data\Mozilla\Firefox\Profiles\a5bmhej0.default\extensions
[2011/05/18 17:38:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ES\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\A5BMHEJ0.DEFAULT\EXTENSIONS\{6E84150A-D526-41F1-A480-A67D3FED910D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ES\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\A5BMHEJ0.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/05/20 16:47:57 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/06/05 16:55:15 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Free TV Bar c3 Toolbar) - {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\prxtbFre0.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Free TV Bar c3 Toolbar) - {3ee8d0be-f450-4ef2-97b9-ac2222d14db3} - C:\Program Files\Free_TV_Bar_c3\prxtbFre0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Free TV Bar c3 Toolbar) - {3EE8D0BE-F450-4EF2-97B9-AC2222D14DB3} - C:\Program Files\Free_TV_Bar_c3\prxtbFre0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll (Sun Microsystems, Inc.)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O9 - Extra Button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: microsoft.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://bin.mcafee.co...,21/mcgdmgr.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 4.2.2.2 204.117.214.10
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\es\My Documents\My Pictures\Headers\Worship 1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\es\My Documents\My Pictures\Headers\Worship 1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 06:59:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004/07/29 15:08:48 | 000,000,118 | ---- | M] () - F:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/05 17:03:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/06/04 21:14:30 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2011/06/04 21:14:07 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2011/06/04 21:14:07 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2011/06/04 21:11:14 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2011/06/04 21:11:14 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2011/06/04 21:11:11 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2011/06/04 21:11:10 | 001,991,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2011/06/04 21:11:06 | 011,080,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2011/06/04 21:10:21 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2011/06/04 21:10:05 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2011/06/04 21:09:55 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2011/06/04 20:49:07 | 000,455,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2011/06/04 20:47:27 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/06/04 20:41:10 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/06/04 20:41:10 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/06/04 20:41:10 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/06/04 20:41:10 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/06/04 20:40:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/06/04 20:40:19 | 002,027,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2011/06/04 20:40:18 | 002,069,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2011/06/04 20:39:49 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/06/04 20:39:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\es\Start Menu\Programs\Administrative Tools
[2011/06/04 20:37:53 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2011/06/04 17:32:04 | 004,112,084 | R--- | C] (Swearware) -- C:\Documents and Settings\es\Desktop\ComboFix.exe
[2011/05/30 21:57:34 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/30 21:55:02 | 000,586,240 | ---- | C] (AVAST Software) -- C:\Documents and Settings\es\Desktop\aswMBR.exe
[2011/05/27 00:16:03 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\es\Desktop\OTL(1).exe
[2011/05/20 17:12:20 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\es\Recent
[2011/05/20 12:08:36 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2011/05/20 12:08:30 | 000,084,480 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ac97via.sys
[2011/05/20 12:08:27 | 000,231,552 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ac97ali.sys
[2011/05/20 12:08:24 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\4mmdat.sys
[2011/05/20 12:07:49 | 002,192,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2011/05/19 18:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/05/19 16:09:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\es\Local Settings\Application Data\LogMeIn
[2011/05/19 16:09:30 | 000,029,568 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2011/05/19 16:09:29 | 000,083,360 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2011/05/19 16:09:29 | 000,047,640 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\LMIRfsDriver.sys
[2011/05/19 16:09:10 | 000,087,424 | ---- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2011/05/19 16:09:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogMeIn
[2011/05/19 16:08:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2011/05/19 16:08:29 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn
[2011/05/19 15:29:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/05/19 15:16:37 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2011/05/19 15:16:37 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2011/05/19 15:16:24 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irprops.cpl
[2011/05/19 15:16:24 | 000,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2011/05/19 15:01:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011/05/19 14:31:59 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hccoin.dll
[2011/05/19 14:15:27 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbport.sys
[2011/05/19 14:15:27 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2011/05/19 14:15:14 | 000,024,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pciidex.sys
[2011/05/19 14:15:14 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pciide.sys
[2011/05/19 14:14:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2011/05/19 13:53:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2011/05/19 13:46:10 | 000,174,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xenroll.dll
[2011/05/19 13:46:10 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactsrv.dll
[2011/05/19 13:46:09 | 001,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2011/05/19 13:46:09 | 000,383,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wzcdlg.dll
[2011/05/19 13:46:09 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wow32.dll
[2011/05/19 13:46:09 | 000,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2011/05/19 13:46:09 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wzcsapi.dll
[2011/05/19 13:46:09 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wsnmp32.dll
[2011/05/19 13:46:09 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wtsapi32.dll
[2011/05/19 13:46:09 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wship6.dll
[2011/05/19 13:46:08 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmoe.dll
[2011/05/19 13:46:08 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvds32.ax
[2011/05/19 13:46:07 | 000,311,327 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmv8dmod.dll
[2011/05/19 13:46:07 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmv8ds32.ax
[2011/05/19 13:46:06 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmstream.dll
[2011/05/19 13:46:06 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmoe.dll
[2011/05/19 13:46:04 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpstub.exe
[2011/05/19 13:45:59 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmidx.ocx
[2011/05/19 13:45:59 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmerrenu.dll
[2011/05/19 13:45:58 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winsta.dll
[2011/05/19 13:45:56 | 000,916,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2011/05/19 13:45:56 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\winhlp32.exe
[2011/05/19 13:45:54 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\webvw.dll
[2011/05/19 13:45:54 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiadss.dll
[2011/05/19 13:45:54 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wextract.exe
[2011/05/19 13:45:51 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\watchdog.sys
[2011/05/19 13:45:49 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2011/05/19 13:45:49 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vdmredir.dll
[2011/05/19 13:45:48 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vbscript.dll
[2011/05/19 13:45:48 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbscript.dll
[2011/05/19 13:45:48 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\utilman.exe
[2011/05/19 13:45:44 | 001,210,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2011/05/19 13:45:43 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\upnp.dll
[2011/05/19 13:45:43 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2011/05/19 13:45:43 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2011/05/19 13:45:41 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umpnpmgr.dll
[2011/05/19 13:45:41 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\umandlg.dll
[2011/05/19 13:45:40 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\udhisapi.dll
[2011/05/19 13:45:38 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2011/05/19 13:45:38 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2011/05/19 13:45:37 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tracert.exe
[2011/05/19 13:45:31 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\telnet.exe
[2011/05/19 13:45:31 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2011/05/19 13:45:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2011/05/19 13:45:29 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tapi32.dll
[2011/05/19 13:45:27 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sysmon.ocx
[2011/05/19 13:45:24 | 000,713,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sxs.dll
[2011/05/19 13:45:23 | 000,247,326 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\strmdll.dll
[2011/05/19 13:45:23 | 000,247,326 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmdll.dll
[2011/05/19 13:45:22 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sti_ci.dll
[2011/05/19 13:45:22 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2011/05/19 13:45:22 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sti.dll
[2011/05/19 13:45:21 | 000,679,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sstext3d.scr
[2011/05/19 13:45:21 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssstars.scr
[2011/05/19 13:45:20 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sspipes.scr
[2011/05/19 13:45:20 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssflwbox.scr
[2011/05/19 13:45:20 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmarque.scr
[2011/05/19 13:45:20 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmyst.scr
[2011/05/19 13:45:19 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssdpapi.dll
[2011/05/19 13:45:19 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssbezier.scr
[2011/05/19 13:45:18 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ss3dfo.scr
[2011/05/19 13:45:17 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2011/05/19 13:45:15 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlsrv32.dll
[2011/05/19 13:45:15 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spoolss.dll
[2011/05/19 13:45:14 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2011/05/19 13:45:13 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smlogcfg.dll
[2011/05/19 13:45:13 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\sl_anet.acm
[2011/05/19 13:45:13 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\skeys.exe
[2011/05/19 13:45:13 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slayerxp.dll
[2011/05/19 13:45:13 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\snmpapi.dll
[2011/05/19 13:45:12 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sigverif.exe
[2011/05/19 13:45:12 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shmgrate.exe
[2011/05/19 13:45:12 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2011/05/19 13:45:12 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2011/05/19 13:45:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\simpdata.tlb
[2011/05/19 13:45:12 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sigtab.dll
[2011/05/19 13:45:10 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shgina.dll
[2011/05/19 13:45:10 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimeng.dll
[2011/05/19 13:45:10 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shfolder.dll
[2011/05/19 13:44:59 | 001,614,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sfcfiles.dll
[2011/05/19 13:44:59 | 001,614,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sfcfiles.dll
[2011/05/19 13:44:58 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdbinst.exe
[2011/05/19 13:44:58 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sdbinst.exe
[2011/05/19 13:44:58 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setup.exe
[2011/05/19 13:44:58 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scrnsave.scr
[2011/05/19 13:44:58 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sensapi.dll
[2011/05/19 13:44:57 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scesrv.dll
[2011/05/19 13:44:57 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scecli.dll
[2011/05/19 13:44:57 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sccsccp.dll
[2011/05/19 13:44:57 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sccbase.dll
[2011/05/19 13:44:56 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rtcshare.exe
[2011/05/19 13:44:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\runonce.exe
[2011/05/19 13:44:55 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsaenh.dll
[2011/05/19 13:44:54 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\riched20.dll
[2011/05/19 13:44:54 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\riched20.dll
[2011/05/19 13:44:54 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reg.exe
[2011/05/19 13:44:54 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regapi.dll
[2011/05/19 13:44:53 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rastls.dll
[2011/05/19 13:44:53 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2011/05/19 13:44:53 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2011/05/19 13:44:53 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2011/05/19 13:44:53 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rcimlby.exe
[2011/05/19 13:44:53 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2011/05/19 13:44:53 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rassapi.dll
[2011/05/19 13:44:53 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2011/05/19 13:44:52 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasppp.dll
[2011/05/19 13:44:52 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\raschap.dll
[2011/05/19 13:44:50 | 001,435,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\query.dll
[2011/05/19 13:44:50 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2011/05/19 13:44:48 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\psbase.dll
[2011/05/19 13:44:48 | 000,081,920 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\proctexe.ocx
[2011/05/19 13:44:47 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pngfilt.dll
[2011/05/19 13:44:47 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ping.exe
[2011/05/19 13:44:46 | 000,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pdh.dll
[2011/05/19 13:44:46 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pautoenr.dll
[2011/05/19 13:44:46 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\packager.exe
[2011/05/19 13:44:45 | 000,713,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\opengl32.dll
[2011/05/19 13:44:45 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\osk.exe
[2011/05/19 13:44:45 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oleprn.dll
[2011/05/19 13:44:44 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32.dll
[2011/05/19 13:44:43 | 001,288,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ole32.dll
[2011/05/19 13:44:43 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\offfilt.dll
[2011/05/19 13:44:43 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbctrac.dll
[2011/05/19 13:44:43 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbctrac.dll
[2011/05/19 13:44:43 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccp32.dll
[2011/05/19 13:44:43 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbccp32.dll
[2011/05/19 13:44:43 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccu32.dll
[2011/05/19 13:44:43 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbccu32.dll
[2011/05/19 13:44:43 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccr32.dll
[2011/05/19 13:44:43 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbccr32.dll
[2011/05/19 13:44:43 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcp32r.dll
[2011/05/19 13:44:42 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oakley.dll
[2011/05/19 13:44:42 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbc32.dll
[2011/05/19 13:44:42 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbc32.dll
[2011/05/19 13:44:42 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcconf.dll
[2011/05/19 13:44:42 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcconf.dll
[2011/05/19 13:44:42 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcconf.exe
[2011/05/19 13:44:42 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcconf.exe
[2011/05/19 13:44:42 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcad32.exe
[2011/05/19 13:44:42 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcad32.exe
[2011/05/19 13:44:42 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcbcp.dll
[2011/05/19 13:44:42 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbc32gt.dll
[2011/05/19 13:44:42 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbc32gt.dll
[2011/05/19 13:44:37 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmsdba.dll
[2011/05/19 13:44:37 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmsapi.dll
[2011/05/19 13:44:36 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntlanman.dll
[2011/05/19 13:44:31 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2011/05/19 13:44:31 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\npptools.dll
[2011/05/19 13:44:31 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2011/05/19 13:44:30 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\newdev.dll
[2011/05/19 13:44:30 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nlhtml.dll
[2011/05/19 13:44:30 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2011/05/19 13:44:25 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2011/05/19 13:44:24 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2011/05/19 13:44:23 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.exe
[2011/05/19 13:44:22 | 000,622,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netcfgx.dll
[2011/05/19 13:44:22 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netlogon.dll
[2011/05/19 13:44:22 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2011/05/19 13:44:21 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\net1.exe
[2011/05/19 13:44:21 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\net.exe
[2011/05/19 13:44:21 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ncobjapi.dll
[2011/05/19 13:44:21 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nddenb32.dll
[2011/05/19 13:44:20 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml2.dll
[2011/05/19 13:44:20 | 000,355,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxbde40.dll
[2011/05/19 13:44:20 | 000,355,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxbde40.dll
[2011/05/19 13:44:20 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2011/05/19 13:44:18 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvcrt.dll
[2011/05/19 13:44:18 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvfw32.dll
[2011/05/19 13:44:17 | 000,241,725 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msuni11.dll
[2011/05/19 13:44:17 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msutb.dll
[2011/05/19 13:44:16 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2011/05/19 13:44:16 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2011/05/19 13:44:15 | 000,264,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstext40.dll
[2011/05/19 13:44:15 | 000,264,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstext40.dll
[2011/05/19 13:44:15 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msscds32.ax
[2011/05/19 13:44:14 | 000,559,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrepl40.dll
[2011/05/19 13:44:14 | 000,559,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrepl40.dll
[2011/05/19 13:44:13 | 000,432,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrd2x40.dll
[2011/05/19 13:44:13 | 000,432,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrd2x40.dll
[2011/05/19 13:44:13 | 000,355,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspbde40.dll
[2011/05/19 13:44:13 | 000,355,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspbde40.dll
[2011/05/19 13:44:13 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll
[2011/05/19 13:44:12 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2011/05/19 13:44:12 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msorcl32.dll
[2011/05/19 13:44:12 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msorcl32.dll
[2011/05/19 13:44:12 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2011/05/19 13:44:05 | 000,219,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msltus40.dll
[2011/05/19 13:44:05 | 000,219,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msltus40.dll
[2011/05/19 13:44:04 | 000,248,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjtes40.dll
[2011/05/19 13:44:04 | 000,248,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjtes40.dll
[2011/05/19 13:44:03 | 001,516,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msjet40.dll
[2011/05/19 13:44:03 | 001,516,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjet40.dll
[2011/05/19 13:44:03 | 000,368,710 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msisam11.dll
[2011/05/19 13:44:03 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msihnd.dll
[2011/05/19 13:44:03 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msimtf.dll
[2011/05/19 13:44:01 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtmler.dll
[2011/05/19 13:44:00 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.tlb
[2011/05/19 13:43:57 | 000,518,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msexch40.dll
[2011/05/19 13:43:57 | 000,518,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msexch40.dll
[2011/05/19 13:43:57 | 000,326,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msexcl40.dll
[2011/05/19 13:43:57 | 000,326,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msexcl40.dll
[2011/05/19 13:43:56 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2011/05/19 13:43:56 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2011/05/19 13:43:56 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdatsrc.tlb
[2011/05/19 13:43:56 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatsrc.tlb
[2011/05/19 13:43:56 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2011/05/19 13:43:55 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2011/05/19 13:43:55 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2011/05/19 13:43:55 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2011/05/19 13:43:55 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2011/05/19 13:43:55 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdart.dll
[2011/05/19 13:43:55 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2011/05/19 13:43:55 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2011/05/19 13:43:55 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2011/05/19 13:43:54 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscms.dll
[2011/05/19 13:43:54 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2011/05/19 13:43:54 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2011/05/19 13:43:54 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscpx32r.dll
[2011/05/19 13:43:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2011/05/19 13:43:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2011/05/19 13:43:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2011/05/19 13:43:53 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msadds32.ax
[2011/05/19 13:43:53 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds32.ax
[2011/05/19 13:43:53 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2011/05/19 13:43:52 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2011/05/19 13:43:52 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2011/05/19 13:43:52 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2011/05/19 13:43:52 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2011/05/19 13:43:52 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2011/05/19 13:43:51 | 000,262,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4ds32.ax
[2011/05/19 13:43:51 | 000,262,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax
[2011/05/19 13:43:51 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4dmod.dll
[2011/05/19 13:43:50 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\moricons.dll
[2011/05/19 13:43:50 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2011/05/19 13:43:49 | 001,872,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcndmgr.dll
[2011/05/19 13:43:49 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mindex.dll
[2011/05/19 13:43:45 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logon.scr
[2011/05/19 13:43:45 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2011/05/19 13:43:45 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2011/05/19 13:43:45 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\localui.dll
[2011/05/19 13:43:24 | 000,307,260 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\l3codeca.acm
[2011/05/19 13:43:23 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iuengine.dll
[2011/05/19 13:43:23 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\joy.cpl
[2011/05/19 13:43:23 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ixsso.dll
[2011/05/19 13:43:23 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kd1394.dll
[2011/05/19 13:43:22 | 000,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ippromon.dll
[2011/05/19 13:43:22 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\itircl.dll
[2011/05/19 13:43:22 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\itircl.dll
[2011/05/19 13:43:22 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\itss.dll
[2011/05/19 13:43:22 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipv6mon.dll
[2011/05/19 13:43:22 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipv6.exe
[2011/05/19 13:43:20 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\intl.cpl
[2011/05/19 13:43:20 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iphlpapi.dll
[2011/05/19 13:43:20 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipconfig.exe
[2011/05/19 13:43:19 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2011/05/19 13:43:19 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\input.dll
[2011/05/19 13:43:19 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inseng.dll
[2011/05/19 13:43:18 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2011/05/19 13:43:18 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iesetup.dll
[2011/05/19 13:43:18 | 000,036,921 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imeshare.dll
[2011/05/19 13:43:18 | 000,036,921 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imeshare.dll
[2011/05/19 13:43:18 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imgutil.dll
[2011/05/19 13:43:17 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2011/05/19 13:43:17 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icm32.dll
[2011/05/19 13:43:17 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieaksie.dll
[2011/05/19 13:43:17 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2011/05/19 13:43:17 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2011/05/19 13:43:17 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieakeng.dll
[2011/05/19 13:43:17 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\idq.dll
[2011/05/19 13:43:17 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2011/05/19 13:43:16 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pidgen.dll
[2011/05/19 13:43:14 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hnetcfg.dll
[2011/05/19 13:43:14 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpcdll.dll
[2011/05/19 13:43:13 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hhctrl.ocx
[2011/05/19 13:43:13 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hhsetup.dll
[2011/05/19 13:43:12 | 000,134,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\HAL.DLL
[2011/05/19 13:43:11 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsxp32.dll
[2011/05/19 13:43:10 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxstiff.dll
[2011/05/19 13:43:10 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxst30.dll
[2011/05/19 13:43:10 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxswzrd.dll
[2011/05/19 13:43:10 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsui.dll
[2011/05/19 13:43:09 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsst.dll
[2011/05/19 13:43:09 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsapi.dll
[2011/05/19 13:43:09 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscomex.dll
[2011/05/19 13:43:09 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsclnt.exe
[2011/05/19 13:43:09 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsdrv.dll
[2011/05/19 13:43:09 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsext32.dll
[2011/05/19 13:43:09 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\framebuf.dll
[2011/05/19 13:43:09 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsperf.dll
[2011/05/19 13:43:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsres.dll
[2011/05/19 13:43:08 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2011/05/19 13:43:08 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2011/05/19 13:43:08 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2011/05/19 13:43:08 | 000,109,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2011/05/19 13:43:08 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2011/05/19 13:43:08 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2011/05/19 13:43:08 | 000,015,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2011/05/19 13:43:07 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2011/05/19 13:43:07 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2011/05/19 13:43:07 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2011/05/19 13:43:07 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2011/05/19 13:43:06 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2011/05/19 13:43:06 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2011/05/19 13:43:06 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2011/05/19 13:43:06 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2011/05/19 13:43:06 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2011/05/19 13:43:04 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fontview.exe
[2011/05/19 13:43:03 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fldrclnr.dll
[2011/05/19 13:43:03 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\faultrep.dll
[2011/05/19 13:43:02 | 000,380,445 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\expsrv.dll
[2011/05/19 13:43:02 | 000,380,445 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\expsrv.dll
[2011/05/19 13:43:01 | 001,033,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2011/05/19 13:43:01 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eudcedit.exe
[2011/05/19 13:43:01 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eventlog.dll
[2011/05/19 13:43:00 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\els.dll
[2011/05/19 13:42:59 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtrans.dll
[2011/05/19 13:42:58 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtmsft.dll
[2011/05/19 13:42:56 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\duser.dll
[2011/05/19 13:42:56 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dwwin.exe
[2011/05/19 13:42:56 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dssenh.dll
[2011/05/19 13:42:56 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dssenh.dll
[2011/05/19 13:42:55 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsprop.dll
[2011/05/19 13:42:55 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ds32gt.dll
[2011/05/19 13:42:55 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ds32gt.dll
[2011/05/19 13:42:52 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\devmgr.dll
[2011/05/19 13:42:52 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dinput8.dll
[2011/05/19 13:42:52 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dinput.dll
[2011/05/19 13:42:52 | 000,124,416 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgui.dll
[2011/05/19 13:42:52 | 000,111,104 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\dgnet.dll
[2011/05/19 13:42:52 | 000,105,472 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgntfs.exe
[2011/05/19 13:42:52 | 000,082,944 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgfat.exe
[2011/05/19 13:42:52 | 000,039,424 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgsnap.dll
[2011/05/19 13:42:51 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbnetlib.dll
[2011/05/19 13:42:51 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbnmpntw.dll
[2011/05/19 13:42:51 | 000,025,088 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\defrag.exe
[2011/05/19 13:42:51 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsvinn.dll
[2011/05/19 13:42:51 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsrpcn.dll
[2011/05/19 13:42:51 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsadsn.dll
[2011/05/19 13:42:50 | 001,054,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\danim.dll
[2011/05/19 13:42:50 | 000,640,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbghelp.dll
[2011/05/19 13:42:47 | 000,512,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cryptui.dll
[2011/05/19 13:42:47 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cryptdlg.dll
[2011/05/19 13:42:47 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cryptdlg.dll
[2011/05/19 13:42:47 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cryptsvc.dll
[2011/05/19 13:42:46 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/05/19 13:42:46 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credui.dll
[2011/05/19 13:42:45 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\conime.exe
[2011/05/19 13:42:42 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2011/05/19 13:42:40 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmdl32.exe
[2011/05/19 13:42:39 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmdial32.dll
[2011/05/19 13:42:39 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2011/05/19 13:42:39 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ciodm.dll
[2011/05/19 13:42:39 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clusapi.dll
[2011/05/19 13:42:37 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2011/05/19 13:42:37 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2011/05/19 13:42:36 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\certcli.dll
[2011/05/19 13:42:36 | 000,096,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdm.dll
[2011/05/19 13:42:36 | 000,096,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdm.dll
[2011/05/19 13:42:35 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2011/05/19 13:42:34 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browsewm.dll
[2011/05/19 13:42:34 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cabinet.dll
[2011/05/19 13:42:33 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browselc.dll
[2011/05/19 13:42:32 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avifil32.dll
[2011/05/19 13:42:32 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\autolfn.exe
[2011/05/19 13:42:32 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2011/05/19 13:42:31 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2011/05/19 13:42:31 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2011/05/19 13:42:25 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\asctrls.ocx
[2011/05/19 13:42:25 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\at.exe
[2011/05/19 13:42:23 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advpack.dll
[2011/05/19 13:42:23 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apphelp.dll
[2011/05/19 13:42:23 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ahui.exe
[2011/05/19 13:42:23 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ahui.exe
[2011/05/19 13:42:22 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsnt.dll
[2011/05/19 13:42:22 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsnt.dll
[2011/05/19 13:42:22 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsldp.dll
[2011/05/19 13:42:22 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsldp.dll
[2011/05/19 13:42:22 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsldpc.dll
[2011/05/19 13:42:22 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsldpc.dll
[2011/05/19 13:42:22 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acxtrnal.dll
[2011/05/19 13:42:22 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsmsext.dll
[2011/05/19 13:42:22 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsmsext.dll
[2011/05/19 13:42:22 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2011/05/19 13:42:22 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2011/05/19 13:42:21 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acspecfc.dll
[2011/05/19 13:42:21 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclua.dll
[2011/05/19 13:42:20 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2011/05/19 13:42:19 | 001,852,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acgenral.dll
[2011/05/19 13:42:19 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\6to4svc.dll
[2011/05/19 12:05:08 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2011/05/19 12:05:07 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2011/05/19 12:05:07 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xrxflnch.exe
[2011/05/19 12:05:06 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2011/05/19 12:04:47 | 000,034,890 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2011/05/19 12:04:36 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2011/05/19 12:04:34 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiamsmud.dll
[2011/05/19 12:04:33 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2011/05/19 12:04:29 | 000,701,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\wdhaalba.sys
[2011/05/19 12:04:29 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2011/05/19 12:04:22 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2011/05/19 12:04:22 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2011/05/19 12:04:22 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2011/05/19 12:04:20 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2011/05/19 12:04:19 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2011/05/19 12:04:17 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2011/05/19 12:04:16 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2011/05/19 12:04:16 | 000,024,576 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\viairda.sys
[2011/05/19 12:04:12 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2011/05/19 12:04:12 | 000,687,999 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrwdxjs.sys
[2011/05/19 12:04:11 | 000,113,762 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usrpda.sys
[2011/05/19 12:04:11 | 000,007,556 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usroslba.sys
[2011/05/19 12:04:10 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2011/05/19 12:04:10 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2011/05/19 12:04:10 | 000,224,802 | ---- | C] (U.S. Robotics Corporation) -- C:\WINDOWS\System32\dllcache\usr1807a.sys
[2011/05/19 12:04:09 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2011/05/19 12:03:59 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu40.dll
[2011/05/19 12:03:59 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxu22.dll
[2011/05/19 12:03:59 | 000,022,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxpcls.sys
[2011/05/19 12:03:58 | 000,216,064 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2011/05/19 12:03:58 | 000,211,968 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2011/05/19 12:03:58 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxp60.dll
[2011/05/19 12:03:58 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umaxcam.dll
[2011/05/19 12:03:56 | 000,011,520 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\twotrack.sys
[2011/05/19 12:03:51 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2011/05/19 12:03:51 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2011/05/19 12:03:51 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2011/05/19 12:03:51 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2011/05/19 12:03:50 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2011/05/19 12:03:50 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2011/05/19 12:03:49 | 000,042,496 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4res.dll
[2011/05/19 12:03:49 | 000,034,375 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\tpro4.sys
[2011/05/19 12:03:49 | 000,031,744 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\tp4.dll
[2011/05/19 12:03:47 | 000,241,664 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd02.sys
[2011/05/19 12:03:47 | 000,230,912 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tosdvd03.sys
[2011/05/19 12:03:47 | 000,028,232 | ---- | C] (TOSHIBA Corporation) -- C:\WINDOWS\System32\dllcache\tos4mo.sys
[2011/05/19 12:03:45 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2011/05/19 12:03:40 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2011/05/19 12:03:40 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2011/05/19 12:03:37 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2011/05/19 12:03:37 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2011/05/19 12:02:00 | 000,030,464 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\dllcache\tbatm155.sys
[2011/05/19 12:01:56 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2011/05/19 12:01:56 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tandqic.sys
[2011/05/19 12:01:55 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2011/05/19 12:01:51 | 000,094,293 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sxports.dll
[2011/05/19 12:01:50 | 000,103,936 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\sx.sys
[2011/05/19 12:01:50 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpidflt.dll
[2011/05/19 12:01:50 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swpdflt2.dll
[2011/05/19 12:01:50 | 000,003,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swusbflt.sys
[2011/05/19 12:01:49 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_wheel.dll
[2011/05/19 12:01:49 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sw_effct.dll
[2011/05/19 12:01:48 | 000,155,648 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2011/05/19 12:01:47 | 000,285,760 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2011/05/19 12:01:47 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2011/05/19 12:01:46 | 000,016,896 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2011/05/19 12:01:42 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2011/05/19 12:01:41 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2011/05/19 12:01:36 | 000,024,660 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxupchk.dll
[2011/05/19 12:01:34 | 000,106,584 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spdports.dll
[2011/05/19 12:01:34 | 000,061,824 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\speed.sys
[2011/05/19 12:01:33 | 000,114,688 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.dll
[2011/05/19 12:01:33 | 000,037,040 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonypi.sys
[2011/05/19 12:01:33 | 000,020,752 | ---- | C] (Sony Corporation) -- C:\WINDOWS\System32\dllcache\sonync.sys
[2011/05/19 12:01:33 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sonymc.sys
[2011/05/19 12:01:31 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snyaitmc.sys
[2011/05/19 12:01:18 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2011/05/19 12:01:17 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2011/05/19 12:01:16 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2011/05/19 12:01:15 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2011/05/19 12:01:15 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2011/05/19 12:01:15 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbhc.sys
[2011/05/19 12:01:14 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb3w.dll
[2011/05/19 12:01:14 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb0w.dll
[2011/05/19 12:01:13 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma0w.dll
[2011/05/19 12:01:11 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm91w.dll
[2011/05/19 12:01:05 | 000,094,698 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2011/05/19 12:01:05 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2011/05/19 12:01:04 | 000,238,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrv.dll
[2011/05/19 12:01:04 | 000,157,696 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv256.dll
[2011/05/19 12:01:04 | 000,104,064 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisgrp.sys
[2011/05/19 12:01:04 | 000,050,432 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sisv.sys
[2011/05/19 12:01:03 | 000,252,032 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300iv.dll
[2011/05/19 12:01:03 | 000,150,144 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306v.dll
[2011/05/19 12:01:03 | 000,101,760 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis300ip.sys
[2011/05/19 12:01:03 | 000,068,608 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\dllcache\sis6306p.sys
[2011/05/19 12:00:48 | 000,161,568 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2011/05/19 12:00:48 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2011/05/19 12:00:48 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2011/05/19 12:00:47 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2011/05/19 12:00:47 | 000,051,200 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfman32.dll
[2011/05/19 12:00:47 | 000,036,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sfmanm.sys
[2011/05/19 12:00:44 | 000,017,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sermouse.sys
[2011/05/19 12:00:44 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2011/05/19 12:00:40 | 000,011,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scsiprnt.sys
[2011/05/19 12:00:40 | 000,006,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seaddsmc.sys
[2011/05/19 12:00:37 | 000,017,280 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2011/05/19 12:00:37 | 000,016,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scmstcs.sys
[2011/05/19 12:00:36 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2011/05/19 12:00:36 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2011/05/19 12:00:35 | 000,495,616 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\sblfx.dll
[2011/05/19 12:00:32 | 000,245,632 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmx.dll
[2011/05/19 12:00:32 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2011/05/19 12:00:32 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2011/05/19 12:00:32 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2011/05/19 12:00:32 | 000,075,392 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\dllcache\s3savmxm.sys
[2011/05/19 12:00:32 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2011/05/19 12:00:31 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2011/05/19 12:00:31 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2011/05/19 12:00:31 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2011/05/19 12:00:31 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2011/05/19 12:00:30 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2011/05/19 12:00:30 | 000,065,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.sys
[2011/05/19 12:00:29 | 000,082,432 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2011/05/19 12:00:28 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2011/05/19 12:00:23 | 000,019,017 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\dllcache\rtl8029.sys
[2011/05/19 12:00:22 | 000,030,720 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rthwcls.sys
[2011/05/19 12:00:20 | 000,009,216 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2011/05/19 12:00:20 | 000,003,840 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\rpfun.sys
[2011/05/19 12:00:16 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2011/05/19 12:00:15 | 000,086,097 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2011/05/19 12:00:05 | 000,019,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasirda.sys
[2011/05/19 12:00:03 | 000,899,146 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2011/05/19 12:00:03 | 000,714,762 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2011/05/19 12:00:02 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2011/05/19 12:00:02 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qv2kux.sys
[2011/05/19 11:59:53 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2011/05/19 11:59:53 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2011/05/19 11:59:53 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2011/05/19 11:59:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ptpusb.dll
[2011/05/19 11:59:51 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\psisload.dll
[2011/05/19 11:59:51 | 000,016,128 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2011/05/19 11:59:47 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pnrmc.sys
[2011/05/19 11:59:37 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phvfwext.dll
[2011/05/19 11:59:35 | 000,173,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam2.sys
[2011/05/19 11:59:35 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phildec.sys
[2011/05/19 11:59:35 | 000,019,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philtune.sys
[2011/05/19 11:59:34 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phdsext.ax
[2011/05/19 11:59:34 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.sys
[2011/05/19 11:59:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\philcam1.dll
[2011/05/19 11:59:31 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2011/05/19 11:59:31 | 000,035,328 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntpci5.sys
[2011/05/19 11:59:31 | 000,029,769 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5m.sys
[2011/05/19 11:59:30 | 000,030,282 | ---- | C] (AMD Inc.) -- C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[2011/05/19 11:59:30 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2011/05/19 11:59:29 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2011/05/19 11:59:24 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2.dll
[2011/05/19 11:59:24 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovui2rc.dll
[2011/05/19 11:59:24 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcoms.exe
[2011/05/19 11:59:24 | 000,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovsound2.sys
[2011/05/19 11:59:24 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcomc.dll
[2011/05/19 11:59:23 | 000,351,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodek2.sys
[2011/05/19 11:59:23 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcodec2.dll
[2011/05/19 11:59:23 | 000,054,186 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2011/05/19 11:59:23 | 000,048,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcam2.sys
[2011/05/19 11:59:23 | 000,043,689 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2011/05/19 11:59:23 | 000,031,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovce.sys
[2011/05/19 11:59:23 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovcd.sys
[2011/05/19 11:59:23 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2011/05/19 11:59:23 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ovca.sys
[2011/05/19 11:59:22 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2011/05/19 11:59:15 | 001,738,496 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4.dll
[2011/05/19 11:59:15 | 000,731,648 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4.sys
[2011/05/19 11:59:15 | 000,198,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.sys
[2011/05/19 11:59:14 | 000,123,776 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv3.dll
[2011/05/19 11:59:09 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2011/05/19 11:59:07 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntapm.sys
[2011/05/19 11:59:07 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsmmc.sys
[2011/05/19 11:59:04 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2011/05/19 11:59:03 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2011/05/19 11:59:01 | 000,032,840 | ---- | C] (NETGEAR Corporation.) -- C:\WINDOWS\System32\dllcache\ngrpci.sys
[2011/05/19 11:58:57 | 000,065,278 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\netflx3.sys
[2011/05/19 11:58:56 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2011/05/19 11:58:56 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2011/05/19 11:58:55 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ne2000.sys
[2011/05/19 11:58:52 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2011/05/19 11:58:52 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2011/05/19 11:58:52 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2011/05/19 11:58:52 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2011/05/19 11:58:51 | 000,128,000 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n100325.sys
[2011/05/19 11:58:51 | 000,052,255 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\n1000nt5.sys
[2011/05/19 11:58:51 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2011/05/19 11:58:51 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2011/05/19 11:58:50 | 000,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2011/05/19 11:58:50 | 000,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2011/05/19 11:58:50 | 000,019,968 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2011/05/19 11:58:50 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2011/05/19 11:58:50 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2011/05/19 11:58:47 | 000,103,296 | ---- | C] (Matrox Graphics Inc) -- C:\WINDOWS\System32\dllcache\mtxvideo.sys
[2011/05/19 11:58:35 | 000,012,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msriffwv.sys
[2011/05/19 11:58:29 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmpu401.sys
[2011/05/19 11:57:52 | 000,035,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgame.sys
[2011/05/19 11:57:52 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfsio.sys
[2011/05/19 11:57:42 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys
[2011/05/19 11:57:41 | 000,016,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemcsa.sys
[2011/05/19 11:57:37 | 000,006,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miniqic.sys
[2011/05/19 11:57:24 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaum.sys
[2011/05/19 11:57:23 | 000,235,648 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\mgaud.dll
[2011/05/19 11:57:19 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memgrp.dll
[2011/05/19 11:57:19 | 000,008,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\memcard.sys
[2011/05/19 11:57:18 | 000,164,586 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2011/05/19 11:57:14 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mammoth.sys
[2011/05/19 11:56:50 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3092dc.dll
[2011/05/19 11:56:50 | 000,048,768 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\maestro.sys
[2011/05/19 11:56:49 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\m3091dc.dll
[2011/05/19 11:56:49 | 000,022,848 | ---- | C] (Logitech Inc.) -- C:\WINDOWS\System32\dllcache\lwusbhid.sys
[2011/05/19 11:56:46 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2011/05/19 11:56:46 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2011/05/19 11:56:45 | 000,727,786 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2011/05/19 11:56:45 | 000,576,746 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2011/05/19 11:56:39 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\loop.sys
[2011/05/19 11:56:37 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2011/05/19 11:56:37 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2011/05/19 11:56:36 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2011/05/19 11:56:35 | 000,015,744 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2011/05/19 11:56:34 | 000,026,442 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2011/05/19 11:56:34 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2011/05/19 11:56:33 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kousd.dll
[2011/05/19 11:56:15 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll
[2011/05/19 11:56:14 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll
[2011/05/19 11:55:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll
[2011/05/19 11:55:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll
[2011/05/19 11:55:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll
[2011/05/19 11:54:56 | 000,026,624 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\dllcache\irstusb.sys
[2011/05/19 11:54:56 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2011/05/19 11:54:56 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irsir.sys
[2011/05/19 11:54:47 | 000,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) -- C:\WINDOWS\System32\dllcache\ip5515.sys
[2011/05/19 11:54:46 | 000,090,200 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8ports.dll
[2011/05/19 11:54:46 | 000,038,784 | ---- | C] (Perle Systems Ltd. ) -- C:\WINDOWS\System32\dllcache\io8.sys
[2011/05/19 11:54:45 | 000,013,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inport.sys
[2011/05/19 11:54:12 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2011/05/19 11:54:11 | 000,100,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5usb.sys
[2011/05/19 11:54:11 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5ext.dll
[2011/05/19 11:54:10 | 000,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4usb.sys
[2011/05/19 11:54:10 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3.sys
[2011/05/19 11:54:10 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4com.dll
[2011/05/19 11:54:10 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam4ext.dll
[2011/05/19 11:54:10 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam5com.dll
[2011/05/19 11:54:10 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icam3ext.dll
[2011/05/19 11:54:09 | 000,038,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ibmvcap.sys
[2011/05/19 11:54:08 | 000,109,085 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtrp.sys
[2011/05/19 11:54:08 | 000,100,936 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmtok.sys
[2011/05/19 11:54:08 | 000,028,700 | ---- | C] (IBM Corp.) -- C:\WINDOWS\System32\dllcache\ibmexmp.sys
[2011/05/19 11:54:08 | 000,009,216 | ---- | C] (IBM Corporation) -- C:\WINDOWS\System32\dllcache\ibmsgnet.dll
[2011/05/19 11:54:03 | 000,353,184 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740dnt5.dll
[2011/05/19 11:54:03 | 000,058,592 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\i740nt5.sys
[2011/05/19 11:53:13 | 000,488,383 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_v124.sys
[2011/05/19 11:53:13 | 000,073,279 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_spkp.sys
[2011/05/19 11:53:13 | 000,057,471 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_samp.sys
[2011/05/19 11:53:13 | 000,050,751 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_tone.sys
[2011/05/19 11:53:13 | 000,044,863 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_soar.sys
[2011/05/19 11:53:12 | 000,542,879 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_msft.sys
[2011/05/19 11:53:12 | 000,391,199 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_k56k.sys
[2011/05/19 11:53:12 | 000,199,711 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_faxx.sys
[2011/05/19 11:53:12 | 000,115,807 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fsks.sys
[2011/05/19 11:53:12 | 000,009,759 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_inst.dll
[2011/05/19 11:53:11 | 000,289,887 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_fall.sys
[2011/05/19 11:53:11 | 000,150,239 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_amos.sys
[2011/05/19 11:53:11 | 000,067,167 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hsf_bsc2.sys
[2011/05/19 11:53:10 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpojwia.dll
[2011/05/19 11:53:10 | 000,038,144 | ---- | C] (HighPoint Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\hpt3xx.sys
[2011/05/19 11:53:10 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hr1w.dll
[2011/05/19 11:53:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpsjmcro.dll
[2011/05/19 11:53:10 | 000,005,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpt4qic.sys
[2011/05/19 11:53:09 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2011/05/19 11:53:09 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2011/05/19 11:53:09 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgtmcro.dll
[2011/05/19 11:53:09 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt42tk.dll
[2011/05/19 11:53:08 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt21tk.dll
[2011/05/19 11:53:08 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpgt33tk.dll
[2011/05/19 11:53:07 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hpdigwia.dll
[2011/05/19 11:53:02 | 000,008,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidgame.sys
[2011/05/19 11:53:02 | 000,002,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidswvd.sys
[2011/05/19 11:52:59 | 000,907,456 | ---- | C] (Conexant) -- C:\WINDOWS\System32\dllcache\hcf_msft.sys
[2011/05/19 11:52:55 | 000,082,304 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2011/05/19 11:52:55 | 000,017,408 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2011/05/19 11:52:52 | 001,733,120 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400d.dll
[2011/05/19 11:52:52 | 000,470,144 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200d.dll
[2011/05/19 11:52:52 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2011/05/19 11:52:52 | 000,322,432 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g400m.sys
[2011/05/19 11:52:52 | 000,320,384 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\dllcache\g200m.sys
[2011/05/19 11:52:46 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2011/05/19 11:52:46 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fuusd.dll
[2011/05/19 11:52:45 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2011/05/19 11:52:43 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2011/05/19 11:52:43 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2011/05/19 11:52:42 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2011/05/19 11:52:39 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2011/05/19 11:52:36 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2011/05/19 11:52:36 | 000,022,090 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\fem556n5.sys
[2011/05/19 11:52:33 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2011/05/19 11:52:33 | 000,016,074 | ---- | C] (NETGEAR Corp.) -- C:\WINDOWS\System32\dllcache\fa312nd5.sys
[2011/05/19 11:52:32 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2011/05/19 11:52:32 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2011/05/19 11:52:31 | 000,016,998 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ex10.sys
[2011/05/19 11:52:31 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exabyte2.sys
[2011/05/19 11:52:26 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunib.dll
[2011/05/19 11:52:26 | 000,045,568 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuni.dll
[2011/05/19 11:52:25 | 000,034,816 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimg.dll
[2011/05/19 11:52:02 | 000,063,360 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\ess.sys
[2011/05/19 11:52:02 | 000,043,008 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucm.dll
[2011/05/19 11:52:00 | 000,594,238 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56hpi.sys
[2011/05/19 11:52:00 | 000,347,550 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56tpi.sys
[2011/05/19 11:51:59 | 000,595,647 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es56cvmp.sys
[2011/05/19 11:51:59 | 000,174,464 | ---- | C] (ESS Technology, Inc.) -- C:\WINDOWS\System32\dllcache\es198x.sys
[2011/05/19 11:51:59 | 000,072,192 | ---- | C] (ESS Technology Inc.) -- C:\WINDOWS\System32\dllcache\es1969.sys
[2011/05/19 11:51:59 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1371mp.sys
[2011/05/19 11:51:59 | 000,037,120 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\es1370mp.sys
[2011/05/19 11:51:58 | 000,629,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqn.sys
[2011/05/19 11:51:58 | 000,114,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epstw2k.sys
[2011/05/19 11:51:58 | 000,061,952 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnloop.exe
[2011/05/19 11:51:58 | 000,053,248 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqndiag.exe
[2011/05/19 11:51:58 | 000,051,200 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnlogr.exe
[2011/05/19 11:51:57 | 000,283,904 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\emu10k1m.sys
[2011/05/19 11:51:57 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\epcfw2k.sys
[2011/05/19 11:51:57 | 000,019,996 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\em556n4.sys
[2011/05/19 11:51:57 | 000,018,503 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\epro4.sys
[2011/05/19 11:51:56 | 000,455,199 | ---- | C] (3Com Corporation.) -- C:\WINDOWS\System32\dllcache\el985n51.sys
[2011/05/19 11:51:56 | 000,171,520 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el99xn51.sys
[2011/05/19 11:51:56 | 000,070,174 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el98xn5.sys
[2011/05/19 11:51:56 | 000,025,159 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\elnk3.sys
[2011/05/19 11:51:56 | 000,007,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\elmsmc.sys
[2011/05/19 11:51:55 | 000,241,206 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656se5.sys
[2011/05/19 11:51:55 | 000,153,631 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xnd5.sys
[2011/05/19 11:51:55 | 000,077,386 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656nd5.sys
[2011/05/19 11:51:55 | 000,066,591 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el90xbc5.sys
[2011/05/19 11:51:54 | 000,634,134 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656ct5.sys
[2011/05/19 11:51:54 | 000,069,692 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el575nd5.sys
[2011/05/19 11:51:54 | 000,069,194 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el656cd5.sys
[2011/05/19 11:51:54 | 000,026,141 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el589nd5.sys
[2011/05/19 11:51:54 | 000,024,653 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el574nd4.sys
[2011/05/19 11:51:53 | 000,055,999 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el556nd5.sys
[2011/05/19 11:51:53 | 000,044,103 | ---- | C] (3Com Corporation) -- C:\WINDOWS\System32\dllcache\el515.sys
[2011/05/19 11:51:52 | 000,050,719 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e1000nt5.sys
[2011/05/19 11:51:52 | 000,019,594 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\e100isa4.sys
[2011/05/19 11:51:46 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2011/05/19 11:51:41 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2011/05/19 11:51:41 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4usb.sys
[2011/05/19 11:51:41 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4scan.sys
[2011/05/19 11:51:40 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dot4prt.sys
[2011/05/19 11:51:35 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2011/05/19 11:51:34 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2011/05/19 11:51:34 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2011/05/19 11:51:33 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2011/05/19 11:51:33 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2011/05/19 11:51:33 | 000,031,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2011/05/19 11:51:33 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2011/05/19 11:51:31 | 000,614,429 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiview.exe
[2011/05/19 11:51:31 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2011/05/19 11:51:30 | 000,159,828 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digihlc.dll
[2011/05/19 11:51:30 | 000,110,621 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.dll
[2011/05/19 11:51:30 | 000,102,484 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiinf.dll
[2011/05/19 11:51:30 | 000,042,432 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\digirlpt.sys
[2011/05/19 11:51:30 | 000,041,046 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.dll
[2011/05/19 11:51:30 | 000,021,606 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiisdn.sys
[2011/05/19 11:51:29 | 000,229,462 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifwrk.dll
[2011/05/19 11:51:29 | 000,131,156 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidbp.dll
[2011/05/19 11:51:29 | 000,103,044 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digidxb.sys
[2011/05/19 11:51:29 | 000,090,525 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digifep5.sys
[2011/05/19 11:51:29 | 000,065,622 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.dll
[2011/05/19 11:51:29 | 000,037,735 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\digiasyn.sys
[2011/05/19 11:51:26 | 000,419,357 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgconfig.dll
[2011/05/19 11:51:26 | 000,029,531 | ---- | C] (Digi International Inc.) -- C:\WINDOWS\System32\dllcache\dgapci.sys
[2011/05/19 11:51:25 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2011/05/19 11:51:25 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2011/05/19 11:51:24 | 000,256,512 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devcon32.dll
[2011/05/19 11:51:24 | 000,024,064 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\devldr32.exe
[2011/05/19 11:51:23 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2011/05/19 11:51:23 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddsmc.sys
[2011/05/19 11:51:22 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc260usd.dll
[2011/05/19 11:51:22 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc240usd.dll
[2011/05/19 11:51:21 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210usd.dll
[2011/05/19 11:51:21 | 000,063,208 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\dllcache\dc21x4.sys
[2011/05/19 11:51:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dc210_32.dll
[2011/05/19 11:51:15 | 000,117,760 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\d100ib5.sys
[2011/05/19 11:51:15 | 000,049,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzport.sys
[2011/05/19 11:51:15 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzports.dll
[2011/05/19 11:51:15 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyports.dll
[2011/05/19 11:51:15 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyzcoins.dll
[2011/05/19 11:51:14 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyyport.sys
[2011/05/19 11:51:14 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyycoins.dll
[2011/05/19 11:51:14 | 000,017,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclad-z.sys
[2011/05/19 11:51:14 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cyclom-y.sys
[2011/05/19 11:51:13 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2011/05/19 11:51:13 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2011/05/19 11:51:13 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2011/05/19 11:51:13 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2011/05/19 11:51:13 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2011/05/19 11:51:13 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2011/05/19 11:51:12 | 000,096,256 | ---- | C] (Copyright © Creative Technology Ltd. 1994-2001) -- C:\WINDOWS\System32\dllcache\ctlsb16.sys
[2011/05/19 11:51:12 | 000,006,912 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctlfacem.sys
[2011/05/19 11:51:12 | 000,004,096 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctwdm32.dll
[2011/05/19 11:51:12 | 000,003,712 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\dllcache\ctljystk.sys
[2011/05/19 11:51:10 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csamsp.dll
[2011/05/19 11:51:10 | 000,042,112 | ---- | C] (Conexant Systems Inc.) -- C:\WINDOWS\System32\dllcache\crtaud.sys
[2011/05/19 11:51:09 | 000,216,064 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2011/05/19 11:51:08 | 000,060,970 | ---- | C] (Compaq Computer Corp.) -- C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[2011/05/19 11:51:08 | 000,021,533 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\dllcache\cpqndis5.sys
[2011/05/19 11:51:01 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnusd.dll
[2011/05/19 11:51:01 | 000,039,936 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\dllcache\cnxt1803.sys
[2011/05/19 11:50:58 | 000,020,736 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2011/05/19 11:50:56 | 000,248,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546xm.sys
[2011/05/19 11:50:56 | 000,170,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl546x.dll
[2011/05/19 11:50:56 | 000,111,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cl5465.dll
[2011/05/19 11:50:56 | 000,045,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.sys
[2011/05/19 11:50:55 | 000,091,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cirrus.dll
[2011/05/19 11:50:53 | 000,272,640 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\dllcache\cinemclc.sys
[2011/05/19 11:50:52 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2011/05/19 11:50:38 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2011/05/19 11:50:38 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2011/05/19 11:50:38 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2011/05/19 11:50:38 | 000,022,044 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2011/05/19 11:50:37 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2011/05/19 11:50:35 | 000,714,698 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2011/05/19 11:50:35 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2011/05/19 11:50:34 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2011/05/19 11:50:34 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2011/05/19 11:50:33 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2011/05/19 11:50:33 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2011/05/19 11:50:30 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.ax
[2011/05/19 11:50:30 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext20.dll
[2011/05/19 11:50:30 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camext30.ax
[2011/05/19 11:50:30 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.dll
[2011/05/19 11:50:30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camexo20.ax
[2011/05/19 11:50:29 | 000,314,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdro21.sys
[2011/05/19 11:50:29 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv21.sys
[2011/05/19 11:50:29 | 000,171,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camdrv30.sys
[2011/05/19 11:50:19 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2011/05/19 11:50:19 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2011/05/19 11:50:19 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bulltlp3.sys
[2011/05/19 11:50:19 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2011/05/19 11:50:19 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2011/05/19 11:50:19 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2011/05/19 11:50:18 | 000,039,552 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2011/05/19 11:50:18 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2011/05/19 11:50:18 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2011/05/19 11:50:17 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2011/05/19 11:50:17 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2011/05/19 11:50:16 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brmfcwia.dll
[2011/05/19 11:50:16 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2011/05/19 11:50:16 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2011/05/19 11:50:16 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2011/05/19 11:50:16 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2011/05/19 11:50:16 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2011/05/19 11:50:15 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2011/05/19 11:50:15 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2011/05/19 11:50:15 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2011/05/19 11:50:14 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\binlsvc.dll
[2011/05/19 11:50:13 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2011/05/19 11:50:13 | 000,066,557 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42u.sys
[2011/05/19 11:50:13 | 000,054,271 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm42xx5.sys
[2011/05/19 11:50:13 | 000,026,568 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\bcm4e5.sys
[2011/05/19 11:50:11 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2011/05/19 11:50:11 | 000,096,640 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\dllcache\b57xp32.sys
[2011/05/19 11:50:11 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2011/05/19 11:50:11 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2011/05/19 11:50:10 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2011/05/19 11:50:10 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2011/05/19 11:50:10 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2011/05/19 11:50:10 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2011/05/19 11:50:09 | 000,036,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avcaudio.sys
[2011/05/19 11:50:04 | 000,104,832 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiraged.dll
[2011/05/19 11:50:04 | 000,070,528 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atiragem.sys
[2011/05/19 11:50:03 | 000,289,664 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpab.sys
[2011/05/19 11:50:03 | 000,281,600 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimtai.sys
[2011/05/19 11:50:03 | 000,075,136 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atimpae.sys
[2011/05/19 11:50:03 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atievxx.exe
[2011/05/19 11:50:02 | 000,382,592 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrab.dll
[2011/05/19 11:50:02 | 000,281,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mpaa.sys
[2011/05/19 11:50:02 | 000,268,160 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidvai.dll
[2011/05/19 11:50:02 | 000,137,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\atidrae.dll
[2011/05/19 11:50:01 | 000,266,368 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2draa.dll
[2011/05/19 11:50:01 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2011/05/19 11:50:01 | 000,096,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ati.dll
[2011/05/19 11:50:01 | 000,077,568 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\dllcache\ati.sys
[2011/05/19 11:49:57 | 000,006,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\apmbatt.sys
[2011/05/19 11:49:56 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2011/05/19 11:49:55 | 000,027,678 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\ali5261.sys
[2011/05/19 11:49:55 | 000,026,624 | ---- | C] (Acer Laboratories Inc.) -- C:\WINDOWS\System32\dllcache\alifir.sys
[2011/05/19 11:48:56 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agcgauge.ax
[2011/05/19 11:48:52 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2011/05/19 11:48:51 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2011/05/19 11:48:51 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2011/05/19 11:48:51 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2011/05/19 11:48:51 | 000,020,160 | ---- | C] (ADMtek Incorporated) -- C:\WINDOWS\System32\dllcache\adm8511.sys
[2011/05/19 11:48:50 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adicvls.sys
[2011/05/19 11:48:49 | 000,061,440 | ---- | C] (Color Flatbed Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2011/05/19 11:48:48 | 000,297,728 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\dllcache\ac97sis.sys
[2011/05/19 11:48:48 | 000,184,320 | ---- | C] (Sierra Wireless Inc.) -- C:\WINDOWS\System32\dllcache\ac300nd5.sys
[2011/05/19 11:48:48 | 000,096,256 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\ac97intc.sys
[2011/05/19 11:48:47 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2011/05/19 11:48:46 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2011/05/19 11:48:46 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2011/05/19 11:48:46 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\8514a.dll
[2011/05/19 11:48:45 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2011/05/19 11:48:45 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\1394vdbg.sys
[2011/05/19 11:44:31 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2011/05/18 17:38:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\es\Local Settings\Application Data\Mozilla
[2011/05/18 17:38:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\es\Application Data\Mozilla
[2011/05/18 17:37:58 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/05/18 17:27:28 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll
[2011/05/18 17:18:19 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2011/05/18 17:18:19 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2011/05/18 17:18:18 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2011/05/18 17:18:17 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2011/05/18 17:18:16 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2011/05/18 17:18:16 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2011/05/18 17:18:11 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2011/05/18 17:18:04 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2011/05/18 17:18:00 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2011/05/18 17:18:00 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2011/05/18 17:18:00 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2011/05/18 17:17:59 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2011/05/18 17:17:54 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2011/05/18 17:17:51 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2011/05/18 17:17:51 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2011/05/18 17:17:51 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2011/05/18 17:17:49 | 000,431,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsvc.dll
[2011/05/18 17:17:49 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2011/05/18 17:17:49 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll
[2011/05/18 17:17:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2011/05/18 17:17:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2011/05/18 17:17:48 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2011/05/18 17:17:48 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2011/05/18 17:17:48 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2011/05/18 17:17:48 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2011/05/18 17:17:48 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2011/05/18 17:17:48 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2011/05/18 17:17:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2011/05/18 17:17:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2011/05/18 17:17:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2011/05/18 17:17:48 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2011/05/18 17:17:47 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2011/05/18 17:17:47 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2011/05/18 17:17:47 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2011/05/18 17:17:47 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2011/05/18 17:17:47 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2011/05/18 17:17:34 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seo.dll
[2011/05/18 17:17:34 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2011/05/18 17:17:33 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2011/05/18 17:17:32 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_rwnh.dll
[2011/05/18 17:17:31 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/05/18 17:17:31 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/05/18 17:17:28 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2011/05/18 17:17:28 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2011/05/18 17:17:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2011/05/18 17:17:24 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2011/05/18 17:17:20 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2011/05/18 17:17:20 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2011/05/18 17:17:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2011/05/18 17:17:16 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2011/05/18 17:17:16 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2011/05/18 17:17:12 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2011/05/18 17:17:05 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2011/05/18 17:16:56 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2011/05/18 17:16:56 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2011/05/18 17:16:41 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2011/05/18 17:16:41 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2011/05/18 17:16:40 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2011/05/18 17:16:35 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2011/05/18 17:16:34 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2011/05/18 17:16:34 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2011/05/18 17:16:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2011/05/18 17:16:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2011/05/18 17:16:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2011/05/18 17:16:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2011/05/18 17:16:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2011/05/18 17:16:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2011/05/18 17:16:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2011/05/18 17:16:32 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2011/05/18 17:16:32 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2011/05/18 17:16:32 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2011/05/18 17:16:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2011/05/18 17:16:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2011/05/18 17:16:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2011/05/18 17:16:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2011/05/18 17:16:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2011/05/18 17:16:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2011/05/18 17:16:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2011/05/18 17:16:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2011/05/18 17:16:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2011/05/18 17:16:30 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2011/05/18 17:16:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2011/05/18 17:16:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2011/05/18 17:16:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2011/05/18 17:16:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2011/05/18 17:16:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2011/05/18 17:16:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2011/05/18 17:16:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2011/05/18 17:16:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2011/05/18 17:16:27 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2011/05/18 17:16:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2011/05/18 17:16:23 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2011/05/18 17:16:22 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2011/05/18 17:16:22 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2011/05/18 17:16:22 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2011/05/18 17:16:21 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2011/05/18 17:16:20 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2011/05/18 17:16:20 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2011/05/18 17:16:20 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2011/05/18 17:16:20 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2011/05/18 17:16:11 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2011/05/18 17:16:03 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2011/05/18 17:16:01 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2011/05/18 17:15:57 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2011/05/18 17:15:55 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2011/05/18 17:15:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2011/05/18 17:15:53 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2011/05/18 17:15:53 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2011/05/18 17:15:53 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2011/05/18 17:15:53 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2011/05/18 17:15:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2011/05/18 17:15:31 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2011/05/18 17:15:30 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2011/05/18 17:15:30 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2011/05/18 17:15:30 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2011/05/18 17:15:30 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2011/05/18 17:15:30 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2011/05/18 17:15:27 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/05/18 17:15:27 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2011/05/18 17:15:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2011/05/18 17:15:23 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqueue.dll
[2011/05/18 17:15:23 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2011/05/18 17:15:17 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2011/05/18 17:15:06 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsnap.dll
[2011/05/18 17:15:06 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpadm.dll
[2011/05/18 17:07:37 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2011/05/18 17:07:37 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2011/05/18 17:07:37 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2011/05/18 17:07:37 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2011/05/18 17:07:32 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2011/05/18 17:07:26 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2011/05/18 17:07:25 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2011/05/18 17:07:25 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2011/05/18 17:07:24 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2011/05/18 17:07:24 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2011/05/18 17:07:23 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2011/05/18 17:07:23 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2011/05/18 17:07:22 | 000,554,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dao360.dll
[2011/05/18 17:07:21 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2011/05/18 17:07:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2011/05/18 17:07:18 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2011/05/18 17:07:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2011/05/18 17:07:17 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2011/05/18 17:07:17 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2011/05/18 17:07:17 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2011/05/18 17:07:17 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2011/05/18 17:07:16 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2011/05/18 17:05:44 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2011/05/18 17:05:27 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2011/05/18 17:05:27 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2011/05/18 17:05:27 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2011/05/18 17:05:27 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2011/05/18 17:05:27 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2011/05/18 17:05:26 | 000,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2011/05/18 17:05:25 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2011/05/18 17:05:24 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2011/05/18 17:05:24 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2011/05/18 17:05:23 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2011/05/18 17:05:23 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2011/05/18 17:05:23 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2011/05/18 17:05:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2011/05/18 17:05:23 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2011/05/18 17:05:22 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2011/05/18 17:05:22 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2011/05/18 17:05:22 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2011/05/18 17:05:22 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2011/05/18 17:05:22 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2011/05/18 17:05:22 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2011/05/18 17:05:21 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2011/05/18 17:05:21 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2011/05/18 17:05:19 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsevent.dll
[2011/05/18 17:05:19 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsmon.dll
[2011/05/18 17:05:18 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscom.dll
[2011/05/18 17:05:09 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2011/05/18 17:05:09 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2011/05/18 17:05:09 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2011/05/18 16:52:42 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2011/05/18 16:52:42 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2011/05/18 16:52:41 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2011/05/18 16:52:41 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2011/05/18 16:52:41 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2011/05/18 15:08:47 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2011/05/18 15:02:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/05/18 14:10:22 | 000,000,000 | ---D | C] -- C:\Program Files\Revo Uninstaller
[2011/05/18 14:10:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\es\Start Menu\Programs\Revo Uninstaller
[2011/05/18 14:07:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\es\Application Data\Malwarebytes
[2011/05/18 14:07:20 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/18 14:07:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/18 14:07:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/18 14:07:09 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/18 14:07:09 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/18 09:23:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2011/01/14 13:16:38 | 000,382,176 | ---- | C] (Visicom Media Inc. (License)) -- C:\Program Files\Common Files\PandaAntiPhising-FYTDL.exe
[2 C:\Documents and Settings\es\My Documents\*.tmp files -> C:\Documents and Settings\es\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/05 17:19:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/05 16:55:36 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/06/05 16:55:15 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts
[2011/06/05 16:55:09 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/05 16:55:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/06/05 16:54:59 | 534,827,008 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/05 16:40:12 | 004,112,084 | R--- | M] (Swearware) -- C:\Documents and Settings\es\Desktop\ComboFix.exe
[2011/06/04 22:05:09 | 000,383,126 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2011/06/04 22:05:09 | 000,054,276 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2011/06/04 22:00:42 | 000,326,704 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/06/04 20:47:34 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/06/04 17:44:25 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\es\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/06/03 10:36:16 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2011/06/03 10:35:59 | 274,923,077 | ---- | M] () -- C:\Documents and Settings\es\Desktop\2011 - Movie 01.mp4
[2011/06/03 10:20:40 | 000,002,465 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Movavi Video Converter 8.lnk
[2011/05/30 21:55:10 | 000,586,240 | ---- | M] (AVAST Software) -- C:\Documents and Settings\es\Desktop\aswMBR.exe
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/27 11:30:00 | 000,000,338 | ---- | M] () -- C:\Documents and Settings\es\Desktop\Shortcut to public on Naz.lnk
[2011/05/27 00:16:17 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\es\Desktop\OTL(1).exe
[2011/05/19 16:09:08 | 000,001,024 | ---- | M] () -- C:\.rnd
[2011/05/19 15:32:17 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/05/19 15:17:40 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011/05/19 15:08:59 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/05/19 15:08:59 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2011/05/18 17:39:21 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2011/05/18 17:38:12 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\es\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/18 17:38:12 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/05/18 17:19:51 | 000,000,292 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/05/18 17:13:08 | 000,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2011/05/18 17:13:03 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/05/18 17:13:03 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/05/18 17:13:01 | 000,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2011/05/18 17:12:35 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011/05/18 17:06:51 | 000,023,444 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/05/18 17:05:32 | 000,000,535 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2011/05/18 15:02:40 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2 C:\Documents and Settings\es\My Documents\*.tmp files -> C:\Documents and Settings\es\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/04 20:47:33 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/06/04 20:47:29 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/06/04 20:41:10 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/06/04 20:41:10 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/06/04 20:41:10 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/06/04 20:41:10 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/06/04 20:41:10 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/06/03 10:21:35 | 274,923,077 | ---- | C] () -- C:\Documents and Settings\es\Desktop\2011 - Movie 01.mp4
[2011/05/19 16:09:05 | 000,001,024 | ---- | C] () -- C:\.rnd
[2011/05/19 16:08:47 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\LogMeIn.lnk
[2011/05/19 13:45:53 | 001,326,080 | ---- | C] () -- C:\WINDOWS\System32\webfldrs.msi
[2011/05/19 13:45:28 | 000,383,804 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tahoma.ttf
[2011/05/19 13:45:28 | 000,355,680 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tahomabd.ttf
[2011/05/19 13:44:42 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\odbcconf.rsp
[2011/05/19 13:44:42 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\dllcache\odbcconf.rsp
[2011/05/19 13:44:03 | 000,204,396 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2011/05/19 13:43:57 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2011/05/19 13:43:56 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\msdxm.ocx
[2011/05/19 13:43:56 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2011/05/19 13:43:19 | 000,956,990 | ---- | C] () -- C:\WINDOWS\System32\instcat.sql
[2011/05/19 13:43:18 | 000,057,667 | ---- | C] () -- C:\WINDOWS\System32\ieuinit.inf
[2011/05/19 13:43:14 | 000,000,929 | ---- | C] () -- C:\WINDOWS\System32\homepage.inf
[2011/05/19 13:42:57 | 000,498,742 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2011/05/19 13:42:51 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2011/05/19 13:42:41 | 000,252,928 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compatui.dll
[2011/05/19 13:42:24 | 000,218,134 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apphelp.sdb
[2011/05/19 13:42:24 | 000,080,546 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apps.chm
[2011/05/19 12:05:07 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2011/05/19 11:53:09 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2011/05/19 11:53:09 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2011/05/19 11:53:08 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2011/05/19 11:53:08 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2011/05/19 11:53:07 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2011/05/19 11:51:34 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2011/05/19 11:51:34 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2011/05/19 11:51:34 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2011/05/19 11:50:05 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2011/05/19 11:50:04 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2011/05/19 11:50:04 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2011/05/19 11:50:04 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2011/05/19 11:50:04 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2011/05/19 11:50:04 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2011/05/19 11:50:04 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2011/05/19 11:50:04 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2011/05/19 11:50:03 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2011/05/19 11:50:02 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2011/05/18 17:39:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/05/18 17:38:12 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\es\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/18 17:38:12 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/05/18 17:38:10 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/05/18 17:21:58 | 534,827,008 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/18 17:16:35 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/05/18 17:16:19 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/05/18 17:16:06 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011/05/18 17:16:01 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/05/18 17:13:37 | 000,003,144 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srgb.icm
[2011/05/18 16:52:22 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/05/18 16:52:21 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/05/18 16:52:21 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/05/18 16:52:21 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011/05/18 16:52:21 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/05/18 16:52:21 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/05/18 15:02:40 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/05/18 15:02:15 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2009/09/22 11:32:53 | 000,005,059 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ypkpiykb.yyr
[2006/06/12 19:18:14 | 000,012,997 | ---- | C] () -- C:\Documents and Settings\es\Application Data\Comma Separated Values (Windows).CAL
[2006/02/01 09:57:20 | 000,028,950 | ---- | C] () -- C:\Documents and Settings\es\Application Data\Comma Separated Values (Windows).ADR
[2006/01/30 10:27:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006/01/24 15:36:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2006/01/24 09:40:12 | 000,000,097 | ---- | C] () -- C:\WINDOWS\MobileDB_PC.ini
[2006/01/23 18:30:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2006/01/23 17:14:29 | 000,003,995 | ---- | C] () -- C:\Documents and Settings\es\Application Data\Comma Separated Values (DOS).NOT
[2005/10/31 12:04:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/10/29 12:27:33 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\es\Local Settings\Application Data\fusioncache.dat
[2005/10/15 09:57:26 | 000,000,118 | ---- | C] () -- C:\WINDOWS\ppdrv.ini
[2005/10/02 12:57:41 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/09/20 14:53:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\JDSecure31.INI
[2005/05/14 14:36:31 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\es\Application Data\PFP120JPR.{PB
[2005/05/14 14:36:31 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\es\Application Data\PFP120JCM.{PB
[2005/01/03 10:40:51 | 000,000,376 | ---- | C] () -- C:\WINDOWS\mozregistry.dat
[2004/11/16 15:55:36 | 000,000,306 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2004/11/16 15:53:58 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2004/11/16 15:53:57 | 000,040,129 | ---- | C] () -- C:\WINDOWS\iccsigs.dat
[2004/11/16 15:53:57 | 000,000,149 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2004/11/06 15:56:59 | 000,002,347 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2004/09/08 11:03:09 | 000,004,144 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2004/09/08 11:03:07 | 000,034,816 | ---- | C] () -- C:\WINDOWS\upi41003.dll
[2004/09/08 11:03:07 | 000,017,408 | ---- | C] () -- C:\WINDOWS\PI4UN.dll
[2004/09/08 11:03:07 | 000,016,896 | ---- | C] () -- C:\WINDOWS\upi41004.dll
[2004/09/08 11:02:02 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\fplayer.dll
[2004/08/24 15:52:16 | 000,056,320 | ---- | C] () -- C:\Documents and Settings\es\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/08/24 14:28:50 | 000,024,107 | ---- | C] () -- C:\Documents and Settings\es\Application Data\Comma Separated Values (DOS).ADR
[2004/08/23 13:09:01 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/23 11:01:55 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/08/12 08:09:23 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/12 08:05:22 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\PdeSrv2p.dll
[2004/08/12 08:05:21 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2004/08/12 08:02:47 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/08/12 07:51:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2004/08/12 07:49:31 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/08/12 07:49:26 | 000,383,126 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2004/08/12 07:49:26 | 000,054,276 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2004/08/12 07:49:15 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/12 07:38:22 | 000,000,550 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/05/26 13:09:26 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\DSRIRREM.EXE
[2004/05/24 17:04:56 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\lttls13n.dll
[2004/05/24 17:03:20 | 000,708,608 | ---- | C] () -- C:\WINDOWS\System32\ltcry13n.dll
[2004/05/24 17:01:02 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2004/05/24 17:00:48 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2004/05/21 01:30:02 | 000,114,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\ssoftnt4.sys
[2004/05/11 08:03:20 | 000,326,704 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/05/11 08:02:24 | 000,000,780 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/03/26 14:59:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2002/09/03 06:59:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/09/03 06:56:30 | 000,023,444 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/08/29 03:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2001/08/18 05:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/18 05:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/18 05:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/18 05:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/18 05:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/18 05:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/18 05:00:00 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[1979/12/31 22:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

< End of report >
  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What are your current problems ?

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
  • 0

#15
gvnaz

gvnaz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
the only problem now is the update thing with MSE.

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6785

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

6/6/2011 4:26:11 AM
mbam-log-2011-06-06 (04-26-11).txt

Scan type: Quick scan
Objects scanned: 161733
Time elapsed: 10 minute(s), 30 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP